Bug: 9918 When creating the netlogon connection always set the credential

Even if the connection don't support schannel we must set the credential
otherwise when we will try to use them it will be segfault.
Connection from winbindd process connected to the non primary domain
(ie. that is to say all the domain but the one where samba joined) do
not use schannel and are therefore affected by this.

Any user on the same box where winbindd is running can crash the server
by running wbinfo --krb5auth=SUBDOMAIN\foo, only SUBDOMAIN has to be
valid any non existing users (ie. foo) will cause winbindd to crash. I
have no idea what you could gain from the crash at least it's a local
DOS at worst you can maybe gain root access.

Found-by: Ravindra Channabasapa <ravindra@juniper.net>
Signed-off-by: Matthieu Patou <mat@matws.net>

diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index edb2c7bac48eb8dda60a55a32df996466ff23245..d7111da62c4f1cc1efc29db7dbff42a957eb6e6d 100644 (file)
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2782,6 +2782,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
                neg_flags |= NETLOGON_NEG_SCHANNEL;
        }
 
+ no_schannel:
        if (!get_trust_pw_hash(domain->name, mach_pwd, &account_name,
                               &sec_chan_type))
        {
@@ -2811,7 +2812,6 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
                return NT_STATUS_ACCESS_DENIED;
        }
 
- no_schannel:
        if ((lp_client_schannel() == False) ||
                        ((neg_flags & NETLOGON_NEG_SCHANNEL) == 0)) {
                /*