[Pkg-samba-maint] [samba] 10/11: Fix "Non-kerberos logins fails on winbind 4.X when krb5_auth is configured in PAM" (Closes: #739768)

Mathieu Parent sathieu at moszumanska.debian.org
Thu Jun 29 08:02:38 UTC 2017 

This is an automated email from the git hooks/post-receive script.

sathieu pushed a commit to branch master
in repository samba.

commit e532072b582fcb9be4e5e1ade05093a7bfd4601f
Author: Mathieu Parent <math.parent at gmail.com>
Date:   Wed Jun 28 16:38:55 2017 +0200

    Fix "Non-kerberos logins fails on winbind 4.X when krb5_auth is configured in PAM" (Closes: #739768)
---
 ...5-fix-a-possible-crash-in-fill_mem_keytab.patch | 41 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 2 files changed, 42 insertions(+)

diff --git a/debian/patches/s3-gse_krb5-fix-a-possible-crash-in-fill_mem_keytab.patch b/debian/patches/s3-gse_krb5-fix-a-possible-crash-in-fill_mem_keytab.patch
new file mode 100644
index 0000000..61eaaf1
--- /dev/null
+++ b/debian/patches/s3-gse_krb5-fix-a-possible-crash-in-fill_mem_keytab.patch
@@ -0,0 +1,41 @@
+From f5e5875d20accd4a5d2a96a0ead6844c07810d8b Mon Sep 17 00:00:00 2001
+From: Michael Saxl <mike at mwsys.mine.bz>
+Date: Sat, 24 Jun 2017 13:41:48 +0200
+Subject: [PATCH] s3:gse_krb5: fix a possible crash in
+ fill_mem_keytab_from_system_keytab()
+
+If the keytab file isn't readable, we may call
+krb5_kt_end_seq_get() with an invalid kt_cursor.
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=10490
+
+Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
+
+Signed-off-by: Michael Saxl <mike at mwsys.mine.bz>
+Signed-off-by: Stefan Metzmacher <metze at samba.org>
+---
+ source3/librpc/crypto/gse_krb5.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c
+index 703d1b4c925..4dd39eaf08d 100644
+--- a/source3/librpc/crypto/gse_krb5.c
++++ b/source3/librpc/crypto/gse_krb5.c
+@@ -437,6 +437,14 @@ static krb5_error_code fill_mem_keytab_from_system_keytab(krb5_context krbctx,
+ 	if (ret) {
+ 		DEBUG(1, (__location__ ": krb5_kt_start_seq_get failed (%s)\n",
+ 			  error_message(ret)));
++		/*
++		 * krb5_kt_start_seq_get() may leaves bogus data
++		 * in kt_cursor. And we want to use the all_zero()
++		 * logic below.
++		 *
++		 * See bug #10490
++		 */
++		ZERO_STRUCT(kt_cursor);
+ 		goto out;
+ 	}
+ 
+-- 
+2.11.0
+
diff --git a/debian/patches/series b/debian/patches/series
index 3788884..eb0a87a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -15,3 +15,4 @@ systemd-syslog.target-is-obsolete.patch
 Add-documentation-to-systemd-Unit-files.patch
 fix_kill_path_in_units.patch
 nmbd-requires-a-working-network.patch
+s3-gse_krb5-fix-a-possible-crash-in-fill_mem_keytab.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-samba/samba.git

More information about the Pkg-samba-maint mailing list