← Back to branch summary

~ubuntu-branches/ubuntu/maverick/samba/maverick-security

« back to all changes in this revision

Viewing changes to source3/client/cifs.upcall.c

  • Committer: Bazaar Package Importer
  • Author(s): Chuck Short
  • Date: 2010-01-29 06:16:15 UTC
  • mfrom: (0.27.9 upstream) (0.34.4 squeeze)
  • Revision ID: james.westby@ubuntu.com-20100129061615-37hs6xqpsdhjq3ld
Tags: 2:3.4.5~dfsg-1ubuntu1
https://launchpad.net/bugs/462169
https://launchpad.net/bugs/493565
* Merge from debian testing.  Remaining changes:
  + debian/patches/VERSION.patch:
    - set SAMBA_VERSION_SUFFIX to Ubuntu.
  + debian/smb.conf:
    - Add "(Samba, Ubuntu)" to server string.
    - Comment out the default [homes] share, and add a comment about "valid users = %s"
      to show users how to restrict access to \\server\username to only username.
    - Set 'usershare allow guests', so that usershare admins are allowed to create
      public shares in additon to authenticated ones.
    - add map to guest = Bad user, maps bad username to gues access.
  + debian/samba-common.conf:
    - Do not change priority to high if dhclient3 is installed.
    - Use priority medium instead of high for the workgroup question.
  + debian/mksambapasswd.awk:
    - Do not add user with UID less than 1000 to smbpasswd.
  + debian/control: 
    - Make libswbclient0 replace/conflict with hardy's likewise-open.
    - Don't build against ctdb, since its not in main yet.
  + debian/rules:
    - Enable "native" PIE hardening.
    - Add BIND_NOW to maximize benefit of RELRO hardening.
  + Add ufw integration:
    - Created debian/samba.ufw.profile.
    - debian/rules, debian/samba.dirs, debian/samba.files: install
  + Add apoort hook:
    - Created debian/source_samba.py.
    - debian/rules, debian/samba.dirs, debian/samba-common-bin.files: install
  + debian/rules, debian/samba.if-up: allow "NetworkManager" as a recognized address
    family... it's obviously /not/ an address family, but it's what gets
    sent when using NM, so we'll cope for now.  (LP: #462169). Taken from karmic-proposed.
  + debian/control: Recommend keyutils for smbfs (LP: #493565)
  + Dropped patches:
    - debian/patches/security-CVE-2009-3297.patch: No longer needed
    - debian/patches/fix-too-many-open-files.patch: No longer needed

Show diffs side-by-side

added added

removed removed

Lines of Context:
source3/client/cifs.upcall.c
26
26
*/
27
27
 
28
28
#include "includes.h"
 
29
#include "smb_krb5.h"
29
30
#include <keyutils.h>
30
31
#include <getopt.h>
31
32
 
44
45
        MS_KRB5
45
46
} sectype_t;
46
47
 
47
 
static inline int
48
 
k5_data_equal(krb5_data d1, krb5_data d2, unsigned int length)
49
 
{
50
 
        if (!length)
51
 
                length = d1.length;
52
 
 
53
 
        return (d1.length == length &&
54
 
                d1.length == d2.length &&
55
 
                memcmp(d1.data, d2.data, length) == 0);
56
 
 
57
 
}
58
 
 
59
48
/* does the ccache have a valid TGT? */
60
49
static time_t
61
50
get_tgt_time(const char *ccname) {
64
53
        krb5_cc_cursor cur;
65
54
        krb5_creds creds;
66
55
        krb5_principal principal;
67
 
        krb5_data tgt = { .data =       "krbtgt",
68
 
                          .length =     6 };
69
56
        time_t credtime = 0;
 
57
        char *realm = NULL;
70
58
 
71
59
        if (krb5_init_context(&context)) {
72
60
                syslog(LOG_DEBUG, "%s: unable to init krb5 context", __func__);
93
81
                goto err_ccstart;
94
82
        }
95
83
 
 
84
        if ((realm = smb_krb5_principal_get_realm(context, principal)) == NULL) {
 
85
                syslog(LOG_DEBUG, "%s: unable to get realm", __func__);
 
86
                goto err_ccstart;
 
87
        }
 
88
 
96
89
        while (!credtime && !krb5_cc_next_cred(context, ccache, &cur, &creds)) {
97
 
                if (k5_data_equal(creds.server->realm, principal->realm, 0) &&
98
 
                    k5_data_equal(creds.server->data[0], tgt, tgt.length) &&
99
 
                    k5_data_equal(creds.server->data[1], principal->realm, 0) &&
 
90
                char *name;
 
91
                if (smb_krb5_unparse_name(NULL, context, creds.server, &name)) {
 
92
                        syslog(LOG_DEBUG, "%s: unable to unparse name", __func__);
 
93
                        goto err_endseq;
 
94
                }
 
95
                if (krb5_realm_compare(context, creds.server, principal) &&
 
96
                    strnequal(name, KRB5_TGS_NAME, KRB5_TGS_NAME_SIZE) &&
 
97
                    strnequal(name+KRB5_TGS_NAME_SIZE+1, realm, strlen(realm)) &&
100
98
                    creds.times.endtime > time(NULL))
101
99
                        credtime = creds.times.endtime;
102
100
                krb5_free_cred_contents(context, &creds);
 
101
                TALLOC_FREE(name);
103
102
        }
 
103
err_endseq:
104
104
        krb5_cc_end_seq_get(context, ccache, &cur);
105
 
 
106
105
err_ccstart:
107
106
        krb5_free_principal(context, principal);
108
107
err_princ:
 
108
#if defined(KRB5_TC_OPENCLOSE)
109
109
        krb5_cc_set_flags(context, ccache, KRB5_TC_OPENCLOSE);
 
110
#endif
110
111
        krb5_cc_close(context, ccache);
111
112
err_cache:
112
113
        krb5_free_context(context);