diff options
author | Andreas Schneider <asn@samba.org> | 2016-09-07 17:17:08 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2016-09-11 02:58:21 +0200 |
commit | b3e324aad53a6b4adf0ece58c1b8bd9eed2cd48c (patch) | |
tree | 36678270a2556f85e6ca9f6c75c97ea9331b1e3b /source4/heimdal | |
parent | c855a3776130aee4057acc144157c05fea3ee02d (diff) | |
download | samba-b3e324aad53a6b4adf0ece58c1b8bd9eed2cd48c.tar.gz |
heimdal: Fix reauthentication after password change
If the KDC requires a password change kinit will ask after the initial
authentication for a new password. After the password has been changed
it does reauthentication and for that it needs to use the new password
we just set.
It is needed for the a new kpasswd service test.
This is already fixed upstream with:
911c99375741281adae305f6ec3a3317023eba3e
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source4/heimdal')
-rw-r--r-- | source4/heimdal/lib/krb5/init_creds_pw.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/source4/heimdal/lib/krb5/init_creds_pw.c b/source4/heimdal/lib/krb5/init_creds_pw.c index b6c0a643e95..a66ad3597bd 100644 --- a/source4/heimdal/lib/krb5/init_creds_pw.c +++ b/source4/heimdal/lib/krb5/init_creds_pw.c @@ -1990,6 +1990,7 @@ krb5_get_init_creds_password(krb5_context context, { krb5_init_creds_context ctx; char buf[BUFSIZ]; + char buf2[BUFSIZ]; krb5_error_code ret; int chpw = 0; @@ -2041,8 +2042,6 @@ krb5_get_init_creds_password(krb5_context context, if (ret == KRB5KDC_ERR_KEY_EXPIRED && chpw == 0) { - char buf2[1024]; - /* try to avoid recursion */ if (in_tkt_service != NULL && strcmp(in_tkt_service, "kadmin/changepw") == 0) goto out; @@ -2055,13 +2054,14 @@ krb5_get_init_creds_password(krb5_context context, client, ctx->password, buf2, - sizeof(buf), + sizeof(buf2), prompter, data, options); if (ret) goto out; chpw = 1; + password = buf2; krb5_init_creds_free(context, ctx); goto again; } @@ -2074,6 +2074,7 @@ krb5_get_init_creds_password(krb5_context context, krb5_init_creds_free(context, ctx); memset(buf, 0, sizeof(buf)); + memset(buf2, 0, sizeof(buf2)); return ret; } |