Kerberos Ticket without principal?

Christian M Ambach christian.ambach at de.ibm.com
Fri Jul 22 13:23:27 MDT 2011


Jeremy Allison <jra at samba.org> wrote on 07/22/2011 08:13:07 PM:

> Ok, I've checked into this carefully - and get_user_from_kerberos_info()
> is called from the smb and smb2 sessionsetup calls - after 
ads_verify_ticket()
> has been called. princ_name can't be NULL if that call succeeds.
> 
> The third place this is called is inside gssapi_server_get_user_info(),
> where I recently added a call to gse_get_client_name() that was missing
> recently which should ensure the princ_name is initialized if it returns
> NT_STATUS_OK. The git ref is ba6f88a6 for that addition.
> 
> Does your v3-6-test tree have 
> 
e5f4b6e7aa1d102db023a491991684118875ee38..ba6f88a6720358bea75b162f193182b724b9411c
> in it ? This should ensure princ_name is initialized. When did you last
> git pull v3-6-test ?

Indeed, that tree was missing the patches for Bug #8304 and I finally 
found the backtrace
again in /var/log/messages :)

smbd[2501236]:    #4 bin/smbd(strchr_m+0x42) [0x7fe57d853ad2]
smbd[2501236]:    #5 bin/smbd(get_user_from_kerberos_info+0x6b) 
[0x7fe57d8b900b]
smbd[2501236]:    #6 bin/smbd(gssapi_server_get_user_info+0x150) 
[0x7fe57d75ff50]
smbd[2501236]:    #7 bin/smbd(+0x33038c) [0x7fe57d75438c]
smbd[2501236]:    #8 bin/smbd(+0x330922) [0x7fe57d754922]
smbd[2501236]:    #9 bin/smbd(process_complete_pdu+0x10c8) 
[0x7fe57d757ed8] 

So your comment in 8304 that it is not just a compile warning was correct, 
here is
the proof.
So I'll consider that one as already fixed and get my tree updated ASAP.

The one with the security=server crash was a checkout of v3-6-test from 
yesterday
and it still happens with the latest tree.

Thanks for looking!

Cheers,
Christian


More information about the samba-technical mailing list