/[smeserver]/rpms/samba/sme10/samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch
ViewVC logotype

Annotation of /rpms/samba/sme10/samba-4.2-auth-credentials-if-credentials-have-principal-set-t.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (hide annotations) (download)
Thu Mar 2 16:04:48 2017 UTC (7 years, 9 months ago) by unnilennium
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +0 -0 lines
FILE REMOVED
update to samba-4.4.4-12 upstream version

1 vip-ire 1.1 From 97d7bc19bb463cfbb9d45b69cec1e668eb15b4a1 Mon Sep 17 00:00:00 2001
2     From: Alexander Bokovoy <ab@samba.org>
3     Date: Thu, 7 May 2015 14:12:03 +0000
4     Subject: [PATCH] auth/credentials: if credentials have principal set, they are
5     not anonymous anymore
6    
7     When dealing with Kerberos, we cannot consider credentials anonymous
8     if credentials were obtained properly.
9    
10     Signed-off: Alexander Bokovoy <ab@samba.org>
11     ---
12     auth/credentials/credentials.c | 7 +++++++
13     1 file changed, 7 insertions(+)
14    
15     diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
16     index 78b5955..b1ccc5a 100644
17     --- a/auth/credentials/credentials.c
18     +++ b/auth/credentials/credentials.c
19     @@ -921,6 +921,13 @@ _PUBLIC_ bool cli_credentials_is_anonymous(struct cli_credentials *cred)
20     cred->machine_account_pending_lp_ctx);
21     }
22    
23     + if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
24     + /* if principal is set, it's not anonymous */
25     + if (cred->principal && cred->principal_obtained >= cred->username_obtained) {
26     + return false;
27     + }
28     + }
29     +
30     username = cli_credentials_get_username(cred);
31    
32     /* Yes, it is deliberate that we die if we have a NULL pointer
33     --
34     2.4.0
35    

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed