diff options
| author | Gerald Carter <jerry@samba.org> | 2007-02-10 20:29:09 +0000 |
|---|---|---|
| committer | Gerald Carter <jerry@samba.org> | 2007-02-10 20:29:09 +0000 |
| commit | 4602f147e0b7a050854fce14ae1dee06d86b00ff (patch) | |
| tree | 3be0ff1ae55d36ecb47dfc332b6e8010a7e18d78 | |
| parent | 918ea6bfcb74de4219d6481614219082f48fb46f (diff) | |
| download | samba-4602f147e0b7a050854fce14ae1dee06d86b00ff.tar.gz samba-4602f147e0b7a050854fce14ae1dee06d86b00ff.tar.xz samba-4602f147e0b7a050854fce14ae1dee06d86b00ff.zip | |
r21273: * Protect the sasl bind against a NULL principal string
in the SPNEGO negTokenInit
| -rw-r--r-- | source/libads/sasl.c | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/source/libads/sasl.c b/source/libads/sasl.c index 61fd54da1da..812f3961f19 100644 --- a/source/libads/sasl.c +++ b/source/libads/sasl.c @@ -223,7 +223,35 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads) #ifdef HAVE_KRB5 if (!(ads->auth.flags & ADS_AUTH_DISABLE_KERBEROS) && - got_kerberos_mechanism) { + got_kerberos_mechanism) + { + /* I've seen a child Windows 2000 domain not send + the principal name back in the first round of + the SASL bind reply. So we guess based on server + name and realm. --jerry */ + if ( !principal ) { + if ( ads->server.realm && ads->server.ldap_server ) { + char *server, *server_realm; + + server = SMB_STRDUP( ads->server.ldap_server ); + server_realm = SMB_STRDUP( ads->server.realm ); + + if ( !server || !server_realm ) + return ADS_ERROR(LDAP_NO_MEMORY); + + strlower_m( server ); + strupper_m( server_realm ); + asprintf( &principal, "ldap/%s@%s", server, server_realm ); + + SAFE_FREE( server ); + SAFE_FREE( server_realm ); + + if ( !principal ) + return ADS_ERROR(LDAP_NO_MEMORY); + } + + } + status = ads_sasl_spnego_krb5_bind(ads, principal); if (ADS_ERR_OK(status)) { SAFE_FREE(principal); |