diff options
author | Stefan Metzmacher <metze@samba.org> | 2014-07-10 05:28:36 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2014-07-10 20:04:13 +0200 |
commit | 6704799decbbff2ebecf28c771dc77a0b75b8277 (patch) | |
tree | 9e7ed00d53a3428c46ce16a482ced11220d30a4e /nsswitch | |
parent | e7c683ba6974e4d721853ad88e26c33ad7f15775 (diff) | |
download | samba-6704799decbbff2ebecf28c771dc77a0b75b8277.tar.gz |
libwbclient: allow only one initial_blob/challenge_blob in wbcCredentialCache()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10692
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'nsswitch')
-rw-r--r-- | nsswitch/libwbclient/wbc_pam.c | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/nsswitch/libwbclient/wbc_pam.c b/nsswitch/libwbclient/wbc_pam.c index bfd10b7f446..11b59f6f30c 100644 --- a/nsswitch/libwbclient/wbc_pam.c +++ b/nsswitch/libwbclient/wbc_pam.c @@ -1207,6 +1207,25 @@ wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, goto fail; } + for (i=0; i<params->num_blobs; i++) { + if (strcasecmp(params->blobs[i].name, "initial_blob") == 0) { + if (initial_blob != NULL) { + status = WBC_ERR_INVALID_PARAM; + goto fail; + } + initial_blob = ¶ms->blobs[i]; + continue; + } + if (strcasecmp(params->blobs[i].name, "challenge_blob") == 0) { + if (challenge_blob != NULL) { + status = WBC_ERR_INVALID_PARAM; + goto fail; + } + challenge_blob = ¶ms->blobs[i]; + continue; + } + } + if (params->domain_name != NULL) { status = wbcRequestResponse(WINBINDD_INFO, NULL, &response); if (!WBC_ERROR_IS_OK(status)) { @@ -1224,15 +1243,6 @@ wbcErr wbcCredentialCache(struct wbcCredentialCacheParams *params, } request.data.ccache_ntlm_auth.uid = getuid(); - for (i=0; i<params->num_blobs; i++) { - if (strcasecmp(params->blobs[i].name, "initial_blob") == 0) { - initial_blob = ¶ms->blobs[i]; - } - if (strcasecmp(params->blobs[i].name, "challenge_blob") == 0) { - challenge_blob = ¶ms->blobs[i]; - } - } - request.data.ccache_ntlm_auth.initial_blob_len = 0; request.data.ccache_ntlm_auth.challenge_blob_len = 0; request.extra_len = 0; |