diff options
author | Alexander Bokovoy <ab@samba.org> | 2015-05-07 14:12:03 +0000 |
---|---|---|
committer | Alexander Bokovoy <ab@samba.org> | 2015-07-15 16:32:54 +0200 |
commit | a0d2dd0e01618346b4ad8ea9da3f7ce4eb0364b0 (patch) | |
tree | 6460ffdfefde386878966251a2a8ee1a17e7f1e9 /auth | |
parent | dd8a085b0115e300c29da480e066d47146dde86a (diff) | |
download | samba-a0d2dd0e01618346b4ad8ea9da3f7ce4eb0364b0.tar.gz |
auth/credentials: if credentials have principal set, they are not anonymous anymore
When dealing with Kerberos, we cannot consider credentials anonymous
if credentials were obtained properly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11265
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Stefan (metze) Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Wed Jul 15 16:32:55 CEST 2015 on sn-devel-104
Diffstat (limited to 'auth')
-rw-r--r-- | auth/credentials/credentials.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c index df188b0f09e..3b7d42a29a5 100644 --- a/auth/credentials/credentials.c +++ b/auth/credentials/credentials.c @@ -967,6 +967,11 @@ _PUBLIC_ bool cli_credentials_is_anonymous(struct cli_credentials *cred) cred->machine_account_pending_lp_ctx); } + /* if principal is set, it's not anonymous */ + if ((cred->principal != NULL) && cred->principal_obtained >= cred->username_obtained) { + return false; + } + username = cli_credentials_get_username(cred); /* Yes, it is deliberate that we die if we have a NULL pointer |