The Samba-Bugzilla – Attachment 18110 Details for
Bug 15476
The KDC in 4.18 (and older) is not able to accept tickets with empty claims pac blobs (from Samba 4.19 or Windows)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Patches for v4-18-test
bug15476-v4-18.txt (text/plain), 3.70 KB, created by
Stefan Metzmacher
on 2023-09-19 22:48:57 UTC
(
hide
)
Description:
Patches for v4-18-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2023-09-19 22:48:57 UTC
Size:
3.70 KB
patch
obsolete
>From b48944c64a7300fa855c2d10e150bfdc40f76d0e Mon Sep 17 00:00:00 2001 >From: Joseph Sutton <josephsutton@catalyst.net.nz> >Date: Fri, 17 Mar 2023 09:25:52 +1300 >Subject: [PATCH 1/2] s4:kdc: Don't pass a NULL pointer into > krb5_pac_add_buffer() > >Heimdal contains an assertion that the data pointer is not NULL. We need >to pass in a pointer to some dummy data instead. > >Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit 47ef49fd91f050ce4a79a8471b3e66c808f48752) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15476 >--- > source4/kdc/pac-glue.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > >diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c >index f844b08d5139..621999faa293 100644 >--- a/source4/kdc/pac-glue.c >+++ b/source4/kdc/pac-glue.c >@@ -1793,6 +1793,9 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, > DATA_BLOB type_blob = data_blob_null; > uint32_t type; > >+ static char null_byte = '\0'; >+ const krb5_data null_data = smb_krb5_make_data(&null_byte, 0); >+ > if (forced_next_type != 0) { > /* > * We need to inject possible missing types >@@ -1952,10 +1955,14 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, > } > } > >+ /* >+ * Passing a NULL pointer into krb5_pac_add_buffer() is >+ * not allowed, so pass null_data instead if needed. >+ */ > code = krb5_pac_add_buffer(context, > new_pac, > type, >- &type_data); >+ (type_data.data != NULL) ? &type_data : &null_data); > smb_krb5_free_data_contents(context, &type_data); > if (code != 0) { > goto done; >-- >2.34.1 > > >From c6ce8a36eb0d984767dea928427570112a4ab82e Mon Sep 17 00:00:00 2001 >From: Joseph Sutton <josephsutton@catalyst.net.nz> >Date: Fri, 17 Mar 2023 09:16:17 +1300 >Subject: [PATCH 2/2] s4:kdc: Avoid copying data if not needed > >krb5_pac_add_buffer() makes its own copy of the data we pass in. We >don't need to make yet another copy. > >Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> >Reviewed-by: Andrew Bartlett <abartlet@samba.org> >(cherry picked from commit fa901e7346d36ae64a7ceab5dcf76bc210a67c93) > >BUG: https://bugzilla.samba.org/show_bug.cgi?id=15476 >--- > source4/kdc/pac-glue.c | 27 ++++++++++++--------------- > 1 file changed, 12 insertions(+), 15 deletions(-) > >diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c >index 621999faa293..b792fbbf5aa2 100644 >--- a/source4/kdc/pac-glue.c >+++ b/source4/kdc/pac-glue.c >@@ -1939,12 +1939,9 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, > } > > if (type_blob.length != 0) { >- code = smb_krb5_copy_data_contents(&type_data, >- type_blob.data, >- type_blob.length); >- if (code != 0) { >- goto done; >- } >+ type_data = smb_krb5_data_from_blob(type_blob); >+ code = krb5_pac_add_buffer(context, new_pac, >+ type, &type_data); > } else { > code = krb5_pac_get_buffer(context, > old_pac, >@@ -1953,17 +1950,17 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx, > if (code != 0) { > goto done; > } >+ /* >+ * Passing a NULL pointer into krb5_pac_add_buffer() is >+ * not allowed, so pass null_data instead if needed. >+ */ >+ code = krb5_pac_add_buffer(context, >+ new_pac, >+ type, >+ (type_data.data != NULL) ? &type_data : &null_data); >+ smb_krb5_free_data_contents(context, &type_data); > } > >- /* >- * Passing a NULL pointer into krb5_pac_add_buffer() is >- * not allowed, so pass null_data instead if needed. >- */ >- code = krb5_pac_add_buffer(context, >- new_pac, >- type, >- (type_data.data != NULL) ? &type_data : &null_data); >- smb_krb5_free_data_contents(context, &type_data); > if (code != 0) { > goto done; > } >-- >2.34.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=18110">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
metze
:
review?
(
abartlet
)
jsutton
:
review+
Actions:
View
Attachments on
bug 15476
:
18108
|
18109
| 18110 |
18111