s4-kdc Don't regenerate the PAC for cross-realm tickets

We should never get a cross-realm ticket that was not issued by a full
DC, but if someone claims to have such a thing, reject it rather than
segfaulting on the NULL client pointer.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Mon Nov 15 23:59:34 UTC 2010 on sn-devel-104

diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c
index a6487110f70d09c76c5ef0dc2a3f9f1a4e523d4f..fb5816d33bfe2ff48ed04842ee39e3cef4f981fb 100644 (file)
--- a/source4/kdc/wdc-samba4.c
+++ b/source4/kdc/wdc-samba4.c
@@ -84,6 +84,9 @@ static krb5_error_code samba_wdc_reget_pac(void *priv, krb5_context context,
         * RODC, then we need to regenerate the PAC - we can't trust
         * it */
        if (samba_krbtgt_was_untrusted_rodc(krbtgt)) {
+               if (client == NULL) {
+                       return KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN;
+               }
                nt_status = samba_kdc_get_pac_blob(mem_ctx, client, &pac_blob);
                if (!NT_STATUS_IS_OK(nt_status)) {
                        talloc_free(mem_ctx);