The Samba-Bugzilla – Attachment 12115 Details for
Bug 11914
NTLM Authentication issue with squid
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for v4-3-test
tmp43.diff.txt (text/plain), 3.35 KB, created by
Stefan Metzmacher
on 2016-05-19 11:44:29 UTC
(
hide
)
Description:
Patch for v4-3-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2016-05-19 11:44:29 UTC
Size:
3.35 KB
patch
obsolete
>From a01374bdc5b5f41d30618e95f5cb7f9f7cd47d66 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Wed, 11 May 2016 17:59:32 +0200 >Subject: [PATCH] s3:ntlm_auth: make ntlm_auth_generate_session_info() more > complete >MIME-Version: 1.0 >Content-Type: text/plain; charset=UTF-8 >Content-Transfer-Encoding: 8bit > >The generate_session_info() function maybe called more than once >per session. > >Some may try to look/dereference session_info->security_token, >so we provide simplified token. > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=11914 > >Signed-off-by: Stefan Metzmacher <metze@samba.org> >Reviewed-by: Andreas Schneider <asn@samba.org> >Reviewed-by: Günther Deschner <gd@samba.org> >(cherry picked from commit 825cce1f88b797c80116769e1755328dee2ba0e1) >--- > source3/utils/ntlm_auth.c | 51 ++++++++++++++++++++++++++++++++++++++++++----- > 1 file changed, 46 insertions(+), 5 deletions(-) > >diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c >index 1ac6881..bbb0be4 100644 >--- a/source3/utils/ntlm_auth.c >+++ b/source3/utils/ntlm_auth.c >@@ -27,6 +27,7 @@ > #include "includes.h" > #include "lib/param/param.h" > #include "popt_common.h" >+#include "libcli/security/security.h" > #include "utils/ntlm_auth.h" > #include "../libcli/auth/libcli_auth.h" > #include "auth/ntlmssp/ntlmssp.h" >@@ -705,18 +706,58 @@ static NTSTATUS ntlm_auth_generate_session_info(struct auth4_context *auth_conte > uint32_t session_info_flags, > struct auth_session_info **session_info_out) > { >- char *unix_username = (char *)server_returned_info; >- struct auth_session_info *session_info = talloc_zero(mem_ctx, struct auth_session_info); >- if (!session_info) { >+ const char *unix_username = (const char *)server_returned_info; >+ bool ok; >+ struct dom_sid *sids = NULL; >+ struct auth_session_info *session_info = NULL; >+ >+ session_info = talloc_zero(mem_ctx, struct auth_session_info); >+ if (session_info == NULL) { > return NT_STATUS_NO_MEMORY; > } > > session_info->unix_info = talloc_zero(session_info, struct auth_user_info_unix); >- if (!session_info->unix_info) { >+ if (session_info->unix_info == NULL) { >+ TALLOC_FREE(session_info); >+ return NT_STATUS_NO_MEMORY; >+ } >+ session_info->unix_info->unix_name = talloc_strdup(session_info->unix_info, >+ unix_username); >+ if (session_info->unix_info->unix_name == NULL) { >+ TALLOC_FREE(session_info); >+ return NT_STATUS_NO_MEMORY; >+ } >+ >+ session_info->security_token = talloc_zero(session_info, struct security_token); >+ if (session_info->security_token == NULL) { > TALLOC_FREE(session_info); > return NT_STATUS_NO_MEMORY; > } >- session_info->unix_info->unix_name = talloc_steal(session_info->unix_info, unix_username); >+ >+ sids = talloc_zero_array(session_info->security_token, >+ struct dom_sid, 3); >+ if (sids == NULL) { >+ TALLOC_FREE(session_info); >+ return NT_STATUS_NO_MEMORY; >+ } >+ ok = dom_sid_parse(SID_WORLD, &sids[0]); >+ if (!ok) { >+ TALLOC_FREE(session_info); >+ return NT_STATUS_INTERNAL_ERROR; >+ } >+ ok = dom_sid_parse(SID_NT_NETWORK, &sids[1]); >+ if (!ok) { >+ TALLOC_FREE(session_info); >+ return NT_STATUS_INTERNAL_ERROR; >+ } >+ ok = dom_sid_parse(SID_NT_AUTHENTICATED_USERS, &sids[2]); >+ if (!ok) { >+ TALLOC_FREE(session_info); >+ return NT_STATUS_INTERNAL_ERROR; >+ } >+ >+ session_info->security_token->num_sids = talloc_array_length(sids); >+ session_info->security_token->sids = sids; > > *session_info_out = session_info; > >-- >1.9.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=12115">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
asn
:
review+
metze
:
review?
(
gd
)
Actions:
View
Attachments on
bug 11914
:
12097
|
12098
|
12100
|
12114
| 12115 |
12116