The Samba-Bugzilla – Attachment 11036 Details for
Bug 11265
Samba 4.2 broke FreeIPA trusts to AD
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Proposed patch against v4-2-test
samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch (text/plain), 1.15 KB, created by
Alexander Bokovoy
on 2015-05-08 12:35:09 UTC
(
hide
)
Description:
Proposed patch against v4-2-test
Filename:
MIME Type:
Creator:
Alexander Bokovoy
Created:
2015-05-08 12:35:09 UTC
Size:
1.15 KB
patch
obsolete
>From 97d7bc19bb463cfbb9d45b69cec1e668eb15b4a1 Mon Sep 17 00:00:00 2001 >From: Alexander Bokovoy <ab@samba.org> >Date: Thu, 7 May 2015 14:12:03 +0000 >Subject: [PATCH] auth/credentials: if credentials have principal set, they are > not anonymous anymore > >When dealing with Kerberos, we cannot consider credentials anonymous >if credentials were obtained properly. > >Signed-off: Alexander Bokovoy <ab@samba.org> >--- > auth/credentials/credentials.c | 7 +++++++ > 1 file changed, 7 insertions(+) > >diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c >index 78b5955..b1ccc5a 100644 >--- a/auth/credentials/credentials.c >+++ b/auth/credentials/credentials.c >@@ -921,6 +921,13 @@ _PUBLIC_ bool cli_credentials_is_anonymous(struct cli_credentials *cred) > cred->machine_account_pending_lp_ctx); > } > >+ if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) { >+ /* if principal is set, it's not anonymous */ >+ if (cred->principal && cred->principal_obtained >= cred->username_obtained) { >+ return false; >+ } >+ } >+ > username = cli_credentials_get_username(cred); > > /* Yes, it is deliberate that we die if we have a NULL pointer >-- >2.4.0 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 11265
:
11036
|
11064
|
11261