rpms/samba
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Local user's krb5cc deleted by winbind.

Browse Source 
resolves: #981033
This commit is contained in:
Andreas Schneider 2013-07-15 16:22:45 +02:00
parent a7058e18e7
commit a3a014fd6c
2 changed files with 47 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
samba-4.0.8-fix_winbind_ccache_cleanup.patch Normal file
View File

@ -0,0 +1,44 @@
From 91300255f4b93dad920af2399a6cd64720d47e4f Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Thu, 11 Jul 2013 13:44:53 +0200
Subject: [PATCH] s3-winbind: Do not delete an existing valid credential cache.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9994
Thanks to David Woodhouse <dwmw2@infradead.org>.
Reviewed-by: Günther Deschner <gd@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 15 12:48:46 CEST 2013 on sn-devel-104
(cherry picked from commit 0529b59fbe3f96509893fc4e93a75d6928b5a532)
---
source3/winbindd/winbindd_pam.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index b23d421..99794e6 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -677,6 +677,14 @@ static NTSTATUS winbindd_raw_kerberos_login(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
failed:
+ /*
+ * Do not delete an existing valid credential cache, if the user
+ * e.g. enters a wrong password
+ */
+ if ((strequal(krb5_cc_type, "FILE") || strequal(krb5_cc_type, "WRFILE"))
+ && user_ccache_file != NULL) {
+ return result;
+ }
/* we could have created a new credential cache with a valid tgt in it
* but we werent able to get or verify the service ticket for this
--
1.8.3.1

3
samba.spec
View File

@ -79,6 +79,7 @@ Source200: README.dc
Source201: README.downgrade
Patch0: samba-4.0.6_add_passdb_upn_enum.patch
Patch1: samba-4.0.8-fix_winbind_ccache_cleanup.patch
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
@ -458,6 +459,7 @@ the local kerberos library to use the same KDC as samba and winbind use
%prep
%setup -q -n samba-%{version}%{pre_release}
%patch0 -p1
%patch1 -p1
%build
%global _talloc_lib ,talloc,pytalloc,pytalloc-util
@ -1505,6 +1507,7 @@ rm -rf %{buildroot}
* Mon Jul 15 2013 - Andreas Schneider <asn@redhat.com> - 2:4.0.7-2
- resolves: #972692 - Build with PIE and full RELRO.
- resolves: #884169 - Add explicit dependencies suggested by rpmdiff.
- resolves: #981033 - Local user's krb5cc deleted by winbind.
* Wed Jul 03 2013 - Andreas Schneider <asn@redhat.com> - 2:4.0.7-1
- Update to Samba 4.0.7.