svn commit: samba r8363 - in branches/SAMBA_4_0/source/kdc: .
metze at samba.org
metze at samba.org
Tue Jul 12 09:02:27 GMT 2005
Author: metze
Date: 2005-07-12 09:02:27 +0000 (Tue, 12 Jul 2005)
New Revision: 8363
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8363
Log:
- we need to correct the realm for the krbtgt/NETBIOSDOMAINREALM
into krbtgt/DNS.DOMAIN.REALM too
with this a windows client asks for the correct ticket when you try to login
(but it's still not working correct, as some how we mess up the dns host name of the
client and it asks for the wrong service principal)
- fix some compiler wranings
- fix some debug messages
metze
Modified:
branches/SAMBA_4_0/source/kdc/hdb-ldb.c
Changeset:
Modified: branches/SAMBA_4_0/source/kdc/hdb-ldb.c
===================================================================
--- branches/SAMBA_4_0/source/kdc/hdb-ldb.c 2005-07-12 08:21:09 UTC (rev 8362)
+++ branches/SAMBA_4_0/source/kdc/hdb-ldb.c 2005-07-12 09:02:27 UTC (rev 8363)
@@ -321,8 +321,8 @@
const char *user_principal_name = ldb_msg_find_string(msg, "userPrincipalName", NULL);
struct ldb_message_element *objectclasses;
struct ldb_val computer_val;
- computer_val.data = "computer";
- computer_val.length = strlen(computer_val.data);
+ computer_val.data = discard_const_p(uint8_t,"computer");
+ computer_val.length = strlen((const char *)computer_val.data);
objectclasses = ldb_msg_find_element(msg, "objectClass");
@@ -646,7 +646,7 @@
for (i = 0; i < spnmappings->num_values; i++) {
char *mapping, *p, *str;
mapping = talloc_strdup(mem_ctx,
- spnmappings->values[i].data);
+ (const char *)spnmappings->values[i].data);
if (!mapping) {
krb5_warnx(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn);
krb5_set_error_string(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn);
@@ -719,6 +719,7 @@
{
struct ldb_message **msg = NULL;
struct ldb_message **realm_msg = NULL;
+ struct ldb_message **realm_fixed_msg = NULL;
enum hdb_ldb_ent_type ldb_ent_type;
krb5_error_code ret;
@@ -732,7 +733,7 @@
}
realm = krb5_principal_get_realm(context, principal);
-
+
ret = LDB_lookup_realm(context, (struct ldb_context *)db->hdb_db,
mem_ctx, realm, &realm_msg);
if (ret != 0) {
@@ -752,7 +753,23 @@
if (principal->name.name_string.len == 2
&& (strcmp(principal->name.name_string.val[0], KRB5_TGS_NAME) == 0)
&& (LDB_lookup_realm(context, (struct ldb_context *)db->hdb_db,
- mem_ctx, principal->name.name_string.val[1], NULL) == 0)) {
+ mem_ctx, principal->name.name_string.val[1], &realm_fixed_msg) == 0)) {
+ const char *dnsdomain = ldb_msg_find_string(realm_fixed_msg[0], "dnsDomain", NULL);
+ char *realm_fixed = strupper_talloc(mem_ctx, dnsdomain);
+ if (!realm_fixed) {
+ krb5_set_error_string(context, "strupper_talloc: out of memory");
+ talloc_free(mem_ctx);
+ return ENOMEM;
+ }
+
+ free(principal->name.name_string.val[1]);
+ principal->name.name_string.val[1] = strdup(realm_fixed);
+ talloc_free(realm_fixed);
+ if (!principal->name.name_string.val[1]) {
+ krb5_set_error_string(context, "LDB_fetch: strdup() failed!");
+ talloc_free(mem_ctx);
+ return ENOMEM;
+ }
ldb_ent_type = HDB_LDB_ENT_TYPE_KRBTGT;
} else {
ldb_ent_type = HDB_LDB_ENT_TYPE_SERVER;
@@ -944,7 +961,7 @@
if (ret != 0) {
talloc_free(priv);
- krb5_warnx(context, "LDB_fetch: could not find realm\n");
+ krb5_warnx(context, "LDB_firstkey: could not find realm\n");
return HDB_ERR_NOENTRY;
}
@@ -952,7 +969,7 @@
priv->realm_msgs = talloc_steal(priv, realm_msgs);
- krb5_warnx(context, "LDB_lookup_principal: realm ok\n");
+ krb5_warnx(context, "LDB_firstkey: realm ok\n");
priv->count = ldb_search(ldb_ctx, realm_dn,
LDB_SCOPE_SUBTREE, "(objectClass=user)",
More information about the samba-cvs
mailing list