Attachment 11036 Details for Bug 11265 – Proposed patch against v4-2-test

[patch] Proposed patch against v4-2-test

samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch (text/plain), 1.15 KB, created by Alexander Bokovoy on 2015-05-08 12:35:09 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Alexander Bokovoy

Created: 2015-05-08 12:35:09 UTC

Size: 1.15 KB

patch

obsolete

>From 97d7bc19bb463cfbb9d45b69cec1e668eb15b4a1 Mon Sep 17 00:00:00 2001
>From: Alexander Bokovoy <ab@samba.org>
>Date: Thu, 7 May 2015 14:12:03 +0000
>Subject: [PATCH] auth/credentials: if credentials have principal set, they are
> not anonymous anymore
>
>When dealing with Kerberos, we cannot consider credentials anonymous
>if credentials were obtained properly.
>
>Signed-off: Alexander Bokovoy <ab@samba.org>
>---
> auth/credentials/credentials.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
>diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
>index 78b5955..b1ccc5a 100644
>--- a/auth/credentials/credentials.c
>+++ b/auth/credentials/credentials.c
>@@ -921,6 +921,13 @@ _PUBLIC_ bool cli_credentials_is_anonymous(struct cli_credentials *cred)
> 						    cred->machine_account_pending_lp_ctx);
> 	}
> 
>+	if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
>+		/* if principal is set, it's not anonymous */
>+		if (cred->principal && cred->principal_obtained >= cred->username_obtained) {
>+			return false;
>+		}
>+	}
>+
> 	username = cli_credentials_get_username(cred);
> 	
> 	/* Yes, it is deliberate that we die if we have a NULL pointer
>-- 
>2.4.0
>

Actions: View

Attachments on bug 11265: 11036 | 11064 | 11261