[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fix Samba support in Heimdal

To: heimdal-discuss@sics.se
Subject: Fix Samba support in Heimdal
From: Andrew Bartlett <abartlet@samba.org>
Date: Sat, 22 May 2004 13:36:25 +1000
Sender: owner-heimdal-discuss@sics.se

I really should have done as Love requested, and tested the
implementation of the Samba patches, once they actually hit the tree...

I didn't, so when I upgraded my site...

Anyway, the bugs seem to revolve around the parsing of the account
control string, and memory management when we only have Samba
passwords.  I also had to enable forwarding by default, as Samba has no
knowledge of this kind of thing.

Patch to fix these issues is attached.  I'm happy for the forwarding
thing to become a config setting.

Andrew Bartlett
-- 
Andrew Bartlett                                 abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet@samba.org
Student Network Administrator, Hawker College   abartlet@hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

--- heimdal-20040510/lib/hdb/hdb-ldap.c	2004-04-02 02:30:09.000000000 +1000
+++ heimdal-20040510-samba/lib/hdb/hdb-ldap.c	2004-05-10 18:38:55.000000000 +1000
@@ -1002,14 +1002,31 @@
 
 	ent->keys.len++;
 
-	etypes = realloc(ent->etypes->val, 
-			 (ent->etypes->len + 1) * sizeof(ent->etypes->val[0]));
-	if (etypes == NULL) {
+	if (ent->etypes) {
+	  etypes = realloc(ent->etypes->val, 
+			   (ent->etypes->len + 1) * sizeof(ent->etypes->val[0]));
+	  if (etypes == NULL) {
 	    krb5_set_error_string(context, "malloc: out of memory");
 	    ret = ENOMEM;
 	    goto out;			    
-	}
+	  }
 	ent->etypes->val = etypes;
+	} else {
+	  ent->etypes = malloc(sizeof(*(ent->etypes)));
+	  if (ent->etypes == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
+	    ret = ENOMEM;
+	    goto out;
+	  }
+	  ent->etypes->len = 1;
+	  ent->etypes->val = calloc(ent->etypes->len, sizeof(int));
+	  if (ent->etypes->val == NULL) {
+	    krb5_set_error_string(context, "malloc: out of memory");
+	    ret = ENOMEM;
+	    goto out;
+	  }
+
+	}
 	ent->etypes->val[ent->etypes->len] = ETYPE_ARCFOUR_HMAC_MD5;
 	ent->etypes->len++;
     }
@@ -1188,10 +1205,13 @@
 	if (flags_len < 2)
 	    goto out2;
 
-	if (flags_len > 2 && samba_acct_flags[0] == '[' 
-	    && samba_acct_flags[flags_len - 1] == ']') 
+	if (samba_acct_flags[0] != '[' 
+	    || samba_acct_flags[flags_len - 1] != ']') 
 	    goto out2;
 
+	/* Allow forwarding */
+	ent->flags.forwardable = TRUE;
+
 	for (i=0; i< flags_len; i++) {
 	    switch (samba_acct_flags[i]) {
 	    case ' ':

This is a digitally signed message part

Follow-Ups:
- Re: Fix Samba support in Heimdal
  - From: Love <lha@stacken.kth.se>

Prev by Date: Re: Problem between versions 0.6-67 and 0.6-159 on SuSE
Next by Date: Errors building PHP 4.3.6
Prev by thread: Re: How KDC ensure the security of the key in its dbase
Next by thread: Re: Fix Samba support in Heimdal
Index(es):
- Date
- Thread