svn commit: samba r6801 - in branches/SAMBA_4_0/source/auth/kerberos: .

abartlet at samba.org abartlet at samba.org
Mon May 16 00:12:39 GMT 2005 

Author: abartlet
Date: 2005-05-16 00:12:39 +0000 (Mon, 16 May 2005)
New Revision: 6801

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6801

Log:
It appears that krb5_make_principal, while convenient, is not portable.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/auth/kerberos/kerberos_verify.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/kerberos/kerberos_verify.c
===================================================================
--- branches/SAMBA_4_0/source/auth/kerberos/kerberos_verify.c	2005-05-15 23:42:11 UTC (rev 6800)
+++ branches/SAMBA_4_0/source/auth/kerberos/kerberos_verify.c	2005-05-16 00:12:39 UTC (rev 6801)
@@ -326,6 +326,7 @@
 	char *malloc_principal;
 	char *machine_username;
 	krb5_principal salt_princ = NULL;
+	char *salt_princ_string;
 
 	NTSTATUS creds_nt_status;
 	struct cli_credentials *machine_account;
@@ -342,8 +343,12 @@
 		DEBUG(3, ("Could not obtain machine account credentials from the local database\n"));
 
 		/* This just becomes a locking key, if we don't have creds, we must be using the keytab */
-		ret = krb5_make_principal(context, &salt_princ, lp_realm(), 
-					  "host", lp_netbios_name(), NULL);
+		salt_princ_string = talloc_asprintf(mem_ctx, "host/%s@%s", lp_netbios_name(), lp_realm());
+		if (!salt_princ_string) {
+			ret = ENOMEM;
+		} else {
+			ret = krb5_parse_name(context, salt_princ_string, &salt_princ);
+		}
 	} else {
 
 		machine_username = talloc_strdup(mem_ctx, cli_credentials_get_username(machine_account));
@@ -364,8 +369,12 @@
 				if (!salt_body) {
 					ret = ENOMEM;
 				} else {
-					ret = krb5_make_principal(context, &salt_princ, cli_credentials_get_realm(machine_account), 
-								  "host", salt_body, NULL);
+					salt_princ_string = talloc_asprintf(mem_ctx, "host/%s@%s", salt_body, cli_credentials_get_realm(machine_account));
+					if (!salt_princ_string) {
+						ret = ENOMEM;
+					} else {
+						ret = krb5_parse_name(context, salt_princ_string, &salt_princ);
+					}
 				}
 			}
 		}

More information about the samba-cvs mailing list