The Samba-Bugzilla – Attachment 7184 Details for
Bug 8599
WINBINDD_PAM_AUTH_CRAP returns invalid user session key
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Proposed (untested) patch for 3.5
0001-s3-winbindd-Only-use-SamLogonEx-when-we-can-get-unen.patch (text/plain), 1.24 KB, created by
Andrew Bartlett
on 2011-12-14 23:39:15 UTC
(
hide
)
Description:
Proposed (untested) patch for 3.5
Filename:
MIME Type:
Creator:
Andrew Bartlett
Created:
2011-12-14 23:39:15 UTC
Size:
1.24 KB
patch
obsolete
>From 31c200b7225d5934d29021f74302ff563ff7ecc7 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Thu, 15 Dec 2011 09:57:56 +1100 >Subject: [PATCH] s3-winbindd Only use SamLogonEx when we can get unencrypted > session keys > >This ensures that we have some check on the session keys being returned >as the RC4 cipher is not checksumed. > >The check comes from the fact that the credentials chain is tied to >the netlgon session key, and so if the credentials check passes then >the netlogon session key will be correct, and so the user session key >will be correctly decrypted. > >Andrew Bartlett >--- > source3/winbindd/winbindd_pam.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > >diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c >index 5c56b87..72adcbf 100644 >--- a/source3/winbindd/winbindd_pam.c >+++ b/source3/winbindd/winbindd_pam.c >@@ -1365,7 +1365,7 @@ static NTSTATUS winbindd_dual_pam_auth_samlogon(struct winbindd_domain *domain, > domain->can_do_validation6 = false; > } > >- logon_fn = contact_domain->can_do_samlogon_ex >+ logon_fn = (contact_domain->can_do_samlogon_ex && domain->can_do_validation6) > ? rpccli_netlogon_sam_network_logon_ex > : rpccli_netlogon_sam_network_logon; > >-- >1.7.6.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 8599
:
7081
|
7082
|
7083
|
7183
| 7184 |
7280
|
7281
|
7282
|
7283
|
7284
|
7285
|
7325
|
7367
|
7377