The Samba-Bugzilla – Attachment 5922 Details for
Bug 7636
winbind internal error, backtrace
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git am fix for 3.5.x - part2
0002-s3-dcerpc-avoid-talloc_move-on-schannel-creds-in-cli.patch (text/plain), 5.09 KB, created by
Jeremy Allison
on 2010-08-23 19:13:06 UTC
(
hide
)
Description:
git am fix for 3.5.x - part2
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2010-08-23 19:13:06 UTC
Size:
5.09 KB
patch
obsolete
>From e1a985ea1bdeddf0b7e9a274d464a319d0ad498d Mon Sep 17 00:00:00 2001 >From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org> >Date: Mon, 23 Aug 2010 16:02:23 +0200 >Subject: [PATCH 2/2] s3-dcerpc: avoid talloc_move on schannel creds in cli_rpc_pipe_open_schannel_with_key(). > >Initially, the schannel creds were talloc memduped, then, during the netlogon >creds client merge (baf7274fed2f1ae7a9e3a57160bf5471566e636c) they were first >talloc_referenced and then later (53765c81f726a8c056cc4e57004592dd489975c9) >talloc_moved. > >The issue with using talloc_move here is that users of that function in winbind >will only be able to have two schanneled connections, as the cached schannel >credentials pointer from the netlogon pipe will be set to NULL. Do a deep copy >of the struct instead. > >Guenther >(cherry picked from commit 898c6123355a3a11ec17f0396c4cb3018c75c184) >--- > libcli/auth/credentials.c | 46 ++++++++++++++++++++++++++++++++++++++++- > libcli/auth/proto.h | 2 + > source3/rpc_client/cli_pipe.c | 10 ++++++-- > 3 files changed, 54 insertions(+), 4 deletions(-) > >diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c >index 87d1866..504f594 100644 >--- a/libcli/auth/credentials.c >+++ b/libcli/auth/credentials.c >@@ -24,6 +24,7 @@ > #include "system/time.h" > #include "../lib/crypto/crypto.h" > #include "libcli/auth/libcli_auth.h" >+#include "../libcli/security/dom_sid.h" > > static void netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *creds, > const struct netr_Credential *in, >@@ -202,7 +203,7 @@ struct netlogon_creds_CredentialState *netlogon_creds_client_init(TALLOC_CTX *me > struct netr_Credential *initial_credential, > uint32_t negotiate_flags) > { >- struct netlogon_creds_CredentialState *creds = talloc(mem_ctx, struct netlogon_creds_CredentialState); >+ struct netlogon_creds_CredentialState *creds = talloc_zero(mem_ctx, struct netlogon_creds_CredentialState); > > if (!creds) { > return NULL; >@@ -453,3 +454,46 @@ void netlogon_creds_decrypt_samlogon(struct netlogon_creds_CredentialState *cred > } > } > >+/* >+ copy a netlogon_creds_CredentialState struct >+*/ >+ >+struct netlogon_creds_CredentialState *netlogon_creds_copy(TALLOC_CTX *mem_ctx, >+ struct netlogon_creds_CredentialState *creds_in) >+{ >+ struct netlogon_creds_CredentialState *creds = talloc_zero(mem_ctx, struct netlogon_creds_CredentialState); >+ >+ if (!creds) { >+ return NULL; >+ } >+ >+ creds->sequence = creds_in->sequence; >+ creds->negotiate_flags = creds_in->negotiate_flags; >+ creds->secure_channel_type = creds_in->secure_channel_type; >+ >+ creds->computer_name = talloc_strdup(creds, creds_in->computer_name); >+ if (!creds->computer_name) { >+ talloc_free(creds); >+ return NULL; >+ } >+ creds->account_name = talloc_strdup(creds, creds_in->account_name); >+ if (!creds->account_name) { >+ talloc_free(creds); >+ return NULL; >+ } >+ >+ if (creds_in->sid) { >+ creds->sid = dom_sid_dup(creds, creds_in->sid); >+ if (!creds->sid) { >+ talloc_free(creds); >+ return NULL; >+ } >+ } >+ >+ memcpy(creds->session_key, creds_in->session_key, sizeof(creds->session_key)); >+ memcpy(creds->seed.data, creds_in->seed.data, sizeof(creds->seed.data)); >+ memcpy(creds->client.data, creds_in->client.data, sizeof(creds->client.data)); >+ memcpy(creds->server.data, creds_in->server.data, sizeof(creds->server.data)); >+ >+ return creds; >+} >diff --git a/libcli/auth/proto.h b/libcli/auth/proto.h >index e09cdee..c3878f5 100644 >--- a/libcli/auth/proto.h >+++ b/libcli/auth/proto.h >@@ -35,6 +35,8 @@ void netlogon_creds_client_authenticator(struct netlogon_creds_CredentialState * > struct netr_Authenticator *next); > bool netlogon_creds_client_check(struct netlogon_creds_CredentialState *creds, > const struct netr_Credential *received_credentials); >+struct netlogon_creds_CredentialState *netlogon_creds_copy(TALLOC_CTX *mem_ctx, >+ struct netlogon_creds_CredentialState *creds_in); > > /***************************************************************** > The above functions are common to the client and server interface >diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c >index ee60c1d..06b9c5d 100644 >--- a/source3/rpc_client/cli_pipe.c >+++ b/source3/rpc_client/cli_pipe.c >@@ -3213,7 +3213,7 @@ NTSTATUS rpccli_schannel_bind_data(TALLOC_CTX *mem_ctx, const char *domain, > result->a_u.schannel_auth->state = SCHANNEL_STATE_START; > result->a_u.schannel_auth->seq_num = 0; > result->a_u.schannel_auth->initiator = true; >- result->a_u.schannel_auth->creds = creds; >+ result->a_u.schannel_auth->creds = netlogon_creds_copy(result, creds); > > *presult = result; > return NT_STATUS_OK; >@@ -4044,9 +4044,13 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, > > /* > * The credentials on a new netlogon pipe are the ones we are passed >- * in - reference them in >+ * in - copy them over > */ >- result->dc = talloc_move(result, pdc); >+ result->dc = netlogon_creds_copy(result, *pdc); >+ if (result->dc == NULL) { >+ TALLOC_FREE(result); >+ return NT_STATUS_NO_MEMORY; >+ } > > DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s " > "for domain %s and bound using schannel.\n", >-- >1.7.0.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
gd
:
review+
Actions:
View
Attachments on
bug 7636
:
5916
|
5917
|
5918
|
5920
|
5921
| 5922