Kerberos Ticket without principal?
Christian M Ambach
christian.ambach at de.ibm.com
Fri Jul 22 13:23:27 MDT 2011
Jeremy Allison <jra at samba.org> wrote on 07/22/2011 08:13:07 PM:
> Ok, I've checked into this carefully - and get_user_from_kerberos_info()
> is called from the smb and smb2 sessionsetup calls - after
> has been called. princ_name can't be NULL if that call succeeds.
> The third place this is called is inside gssapi_server_get_user_info(),
> where I recently added a call to gse_get_client_name() that was missing
> recently which should ensure the princ_name is initialized if it returns
> NT_STATUS_OK. The git ref is ba6f88a6 for that addition.
> Does your v3-6-test tree have
> in it ? This should ensure princ_name is initialized. When did you last
> git pull v3-6-test ?
Indeed, that tree was missing the patches for Bug #8304 and I finally
found the backtrace
again in /var/log/messages :)
smbd: #4 bin/smbd(strchr_m+0x42) [0x7fe57d853ad2]
smbd: #5 bin/smbd(get_user_from_kerberos_info+0x6b)
smbd: #6 bin/smbd(gssapi_server_get_user_info+0x150)
smbd: #7 bin/smbd(+0x33038c) [0x7fe57d75438c]
smbd: #8 bin/smbd(+0x330922) [0x7fe57d754922]
smbd: #9 bin/smbd(process_complete_pdu+0x10c8)
So your comment in 8304 that it is not just a compile warning was correct,
So I'll consider that one as already fixed and get my tree updated ASAP.
The one with the security=server crash was a checkout of v3-6-test from
and it still happens with the latest tree.
Thanks for looking!
More information about the samba-technical