From b5dc3ff298338b1587e98c5ed0ec58c20d3df612 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 2 Feb 2004 17:40:19 +0000 Subject: [PATCH] * cc_mslsa.c: the MSLSA code was crashing on Pismere machines when logging on with cross realm credentials. On these machines there are 8 tickets within the LSA cache from two different realms. One of the krbtgt/CLIENT-REALM@CLIENT-REALM tickets (not the Initial ticket but a Forwarded ticket) is inaccessible to the ms2mit.exe and leash32.exe processes. The attempt to access the ticket returns a SubStatus code of STATUS_LOGON_FAILURE (0xC000006DL) which is supposed to mean that the logon attempt was invalid due to bad authentication information. kerbtray has no problem listing this ticket. The other seven tickets in the cache including the Initial Ticket are accessible. Modified krb5_lcc_next_cred() to skip to the next ticket if an attempt to read a single ticket fails. ticket: 2184 tags: pullup target_version: 1.3.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15997 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/ccache/ChangeLog | 15 +++++++++++++++ src/lib/krb5/ccache/cc_mslsa.c | 31 +++++++++++++++++++++---------- 2 files changed, 36 insertions(+), 10 deletions(-) diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog index c7ba3ac6a..e3b86e6ee 100644 --- a/src/lib/krb5/ccache/ChangeLog +++ b/src/lib/krb5/ccache/ChangeLog @@ -1,3 +1,18 @@ +2004-02-02 Jeffrey Altman + + * cc_mslsa.c: the MSLSA code was crashing on Pismere machines when + logging on with cross realm credentials. On these machines there are + 8 tickets within the LSA cache from two different realms. One of the + krbtgt/CLIENT-REALM@CLIENT-REALM tickets (not the Initial ticket but + a Forwarded ticket) is inaccessible to the ms2mit.exe and leash32.exe + processes. The attempt to access the ticket returns a SubStatus code + of STATUS_LOGON_FAILURE (0xC000006DL) which is supposed to mean that + the logon attempt was invalid due to bad authentication information. + kerbtray has no problem listing this ticket. The other seven tickets + in the cache including the Initial Ticket are accessible. Modified + krb5_lcc_next_cred() to skip to the next ticket if an attempt to read + a single ticket fails. + 2004-01-31 Jeffrey Altman * cc_mslsa.c: Optimize the get next logic by storing a handle to diff --git a/src/lib/krb5/ccache/cc_mslsa.c b/src/lib/krb5/ccache/cc_mslsa.c index c0df862f5..9c3a57bb9 100644 --- a/src/lib/krb5/ccache/cc_mslsa.c +++ b/src/lib/krb5/ccache/cc_mslsa.c @@ -62,6 +62,7 @@ #define SECURITY_WIN32 #include #include +#include #define MAX_MSG_SIZE 256 #define MAX_MSPRINC_SIZE 1024 @@ -1265,18 +1266,25 @@ krb5_lcc_next_cred(krb5_context context, krb5_ccache id, krb5_cc_cursor *cursor, krb5_lcc_cursor *lcursor = (krb5_lcc_cursor *) *cursor; krb5_lcc_data *data = (krb5_lcc_data *)id->data; KERB_EXTERNAL_TICKET *msticket; + krb5_error_code retval = KRB5_OK; next_cred: - if ( lcursor->index >= lcursor->response->CountOfTickets ) - return KRB5_CC_END; + if ( lcursor->index >= lcursor->response->CountOfTickets ) { + if (retval == KRB5_OK) + return KRB5_CC_END; + else { + LsaFreeReturnBuffer(lcursor->mstgt); + LsaFreeReturnBuffer(lcursor->response); + free(*cursor); + *cursor = 0; + return retval; + } + } if (!GetMSCacheTicketFromCacheInfo(data->LogonHandle, data->PackageId, &lcursor->response->Tickets[lcursor->index++],&msticket)) { - LsaFreeReturnBuffer(lcursor->mstgt); - LsaFreeReturnBuffer(lcursor->response); - free(*cursor); - *cursor = 0; - return KRB5_FCC_INTERNAL; + retval = KRB5_FCC_INTERNAL; + goto next_cred; } /* Don't return tickets with NULL Session Keys */ @@ -1309,10 +1317,13 @@ krb5_lcc_end_seq_get(krb5_context context, krb5_ccache id, krb5_cc_cursor *curso { krb5_lcc_cursor *lcursor = (krb5_lcc_cursor *) *cursor; - LsaFreeReturnBuffer(lcursor->mstgt); - LsaFreeReturnBuffer(lcursor->response); - free(*cursor); + if ( lcursor ) { + LsaFreeReturnBuffer(lcursor->mstgt); + LsaFreeReturnBuffer(lcursor->response); + free(*cursor); + } *cursor = 0; + return KRB5_OK; } -- 2.26.2