oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix bug in KDC handling of enterprise principals

Browse Source
This commit is contained in:
Nicolas Williams
2013-06-08 19:17:33 -05:00
parent fdfe696821
commit c76ec8ec6a
1 changed files with 38 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
kdc/misc.c
View File

@@ -48,41 +48,36 @@ _kdc_db_fetch(krb5_context context,
krb5_error_code ret = HDB_ERR_NOENTRY; krb5_error_code ret = HDB_ERR_NOENTRY;
int i; int i;
unsigned kvno = 0; unsigned kvno = 0;
krb5_principal enterprise_principal = NULL;
krb5_const_principal princ;
*h = NULL;
if (kvno_ptr) { if (kvno_ptr) {
kvno = *kvno_ptr; kvno = *kvno_ptr;
flags |= HDB_F_KVNO_SPECIFIED; flags |= HDB_F_KVNO_SPECIFIED;
} }
ent = calloc (1, sizeof (*ent)); ent = calloc(1, sizeof (*ent));
if (ent == NULL) { if (ent == NULL)
krb5_set_error_message(context, ENOMEM, "malloc: out of memory"); return krb5_enomem(context);
return ENOMEM;
if (principal->name.name_type == KRB5_NT_ENTERPRISE_PRINCIPAL) {
if (principal->name.name_string.len != 1) {
ret = KRB5_PARSE_MALFORMED;
krb5_set_error_message(context, ret,
"malformed request: "
"enterprise name with %d name components",
principal->name.name_string.len);
goto out;
}
ret = krb5_parse_name(context, principal->name.name_string.val[0],
&enterprise_principal);
if (ret)
goto out;
} }
for(i = 0; i < config->num_db; i++) { for (i = 0; i < config->num_db; i++) {
krb5_principal enterprise_principal = NULL;
if (!(config->db[i]->hdb_capability_flags & HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL)
&& principal->name.name_type == KRB5_NT_ENTERPRISE_PRINCIPAL) {
if (principal->name.name_string.len != 1) {
ret = KRB5_PARSE_MALFORMED;
krb5_set_error_message(context, ret,
"malformed request: "
"enterprise name with %d name components",
principal->name.name_string.len);
free(ent);
return ret;
}
ret = krb5_parse_name(context, principal->name.name_string.val[0],
&enterprise_principal);
if (ret) {
free(ent);
return ret;
}
principal = enterprise_principal;
}
ret = config->db[i]->hdb_open(context, config->db[i], O_RDONLY, 0); ret = config->db[i]->hdb_open(context, config->db[i], O_RDONLY, 0);
if (ret) { if (ret) {
const char *msg = krb5_get_error_message(context, ret); const char *msg = krb5_get_error_message(context, ret);
@@ -91,26 +86,34 @@ _kdc_db_fetch(krb5_context context,
continue; continue;
} }
if (config->db[i]->hdb_capability_flags & HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL)
princ = principal;
else if (enterprise_principal)
princ = enterprise_principal;
ret = config->db[i]->hdb_fetch_kvno(context, ret = config->db[i]->hdb_fetch_kvno(context,
config->db[i], config->db[i],
principal, princ,
flags | HDB_F_DECRYPT, flags | HDB_F_DECRYPT,
kvno, kvno,
ent); ent);
krb5_free_principal(context, enterprise_principal);
config->db[i]->hdb_close(context, config->db[i]); config->db[i]->hdb_close(context, config->db[i]);
if(ret == 0) {
if (ret == 0) {
if (db) if (db)
*db = config->db[i]; *db = config->db[i];
*h = ent; *h = ent;
return 0; ent = NULL;
goto out;
} }
} }
ret = HDB_ERR_NOENTRY;
krb5_set_error_message(context, ret, "no such entry found in hdb");
out:
krb5_free_principal(context, enterprise_principal);
free(ent); free(ent);
krb5_set_error_message(context, ret,
"no such entry found in hdb");
return ret; return ret;
} }