svn commit: samba r6700 - in branches/SAMBA_4_0/source: auth/gensec
lib
abartlet at samba.org
abartlet at samba.org
Tue May 10 09:51:55 GMT 2005
Author: abartlet
Date: 2005-05-10 09:51:55 +0000 (Tue, 10 May 2005)
New Revision: 6700
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6700
Log:
Upper case realms in kerberos-specific parts of the code, as this is
no longer done globally.
This keeps MIT client libraries happy, because otherwise the windows
KDC will return a different case to what was requested.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
branches/SAMBA_4_0/source/lib/credentials.c
Changeset:
Modified: branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
===================================================================
--- branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2005-05-10 09:50:29 UTC (rev 6699)
+++ branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c 2005-05-10 09:51:55 UTC (rev 6700)
@@ -284,7 +284,12 @@
}
if (lp_realm() && *lp_realm()) {
- ret = krb5_set_default_realm(gensec_krb5_state->context, lp_realm());
+ char *upper_realm = strupper_talloc(gensec_krb5_state, lp_realm());
+ if (!upper_realm) {
+ DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm()));
+ return NT_STATUS_NO_MEMORY;
+ }
+ ret = krb5_set_default_realm(gensec_krb5_state->context, upper_realm);
if (ret) {
DEBUG(1,("gensec_krb5_start: krb5_set_default_realm failed (%s)\n", error_message(ret)));
return NT_STATUS_INTERNAL_ERROR;
Modified: branches/SAMBA_4_0/source/lib/credentials.c
===================================================================
--- branches/SAMBA_4_0/source/lib/credentials.c 2005-05-10 09:50:29 UTC (rev 6699)
+++ branches/SAMBA_4_0/source/lib/credentials.c 2005-05-10 09:51:55 UTC (rev 6700)
@@ -175,10 +175,14 @@
cli_credentials_get_realm(cred));
}
+/**
+ * Set the realm for this credentials context, and force it to
+ * uppercase for the sainity of our local kerberos libraries
+ */
BOOL cli_credentials_set_realm(struct cli_credentials *cred, const char *val, enum credentials_obtained obtained)
{
if (obtained >= cred->realm_obtained) {
- cred->realm = talloc_strdup(cred, val);
+ cred->realm = strupper_talloc(cred, val);
cred->realm_obtained = obtained;
return True;
}
More information about the samba-cvs
mailing list