s3-dcerpc: avoid talloc_move on schannel creds in cli_rpc_pipe_open_schannel_with_key().

Andrew Bartlett abartlet at samba.org
Mon Aug 23 18:47:41 MDT 2010


On Mon, 2010-08-23 at 19:04 -0500, Günther Deschner wrote:
> The branch, master has been updated
>        via  898c612... s3-dcerpc: avoid talloc_move on schannel creds in cli_rpc_pipe_open_schannel_with_key().
>       from  33060f6... Final part of fix for bug #7636 - winbind internal error, backtrace.
> 
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
> 
> 
> - Log -----------------------------------------------------------------
> commit 898c6123355a3a11ec17f0396c4cb3018c75c184
> Author: Günther Deschner <gd at samba.org>
> Date:   Mon Aug 23 16:02:23 2010 +0200
> 
>     s3-dcerpc: avoid talloc_move on schannel creds in cli_rpc_pipe_open_schannel_with_key().
>     
>     Initially, the schannel creds were talloc memduped, then, during the netlogon
>     creds client merge (baf7274fed2f1ae7a9e3a57160bf5471566e636c) they were first
>     talloc_referenced and then later (53765c81f726a8c056cc4e57004592dd489975c9)
>     talloc_moved.
>     
>     The issue with using talloc_move here is that users of that function in winbind
>     will only be able to have two schanneled connections, as the cached schannel
>     credentials pointer from the netlogon pipe will be set to NULL. Do a deep copy
>     of the struct instead.

Is this really correct?  I would have said that talloc_reference() is
the right thing to do here, as it is shared state.  If one connection
does any call that updates the credentials chain, then the other
connections state must reflect that update, otherwise their calls
(SamLogon and other calls that do the credential chaining) will fail -
see how we have do this via a tdb on the server. 

I know talloc_reference() isn't liked, but it really is the right thing
to do here. 

Andrew Bartlett
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100824/e7788397/attachment.pgp>


More information about the samba-technical mailing list