svn commit: samba r14585 - branches/SAMBA_3_0/source/libads
branches/SAMBA_3_0/source/libsmb branches/SAMBA_3_0/source/nsswitch
branches/SAMBA_3_0/source/rpc_client
branches/SAMBA_3_0/source/utils trunk/source/libads
trunk/source/libsmb trunk/source/nsswitch
trunk/source/rpc_client trunk/source/utils
gd at samba.org
gd at samba.org
Mon Mar 20 19:05:47 GMT 2006
Author: gd
Date: 2006-03-20 19:05:44 +0000 (Mon, 20 Mar 2006)
New Revision: 14585
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14585
Log:
Tighten argument list of kerberos_kinit_password again,
kerberos_kinit_password_ext provides access to more options.
Guenther
Modified:
branches/SAMBA_3_0/source/libads/kerberos.c
branches/SAMBA_3_0/source/libads/krb5_setpw.c
branches/SAMBA_3_0/source/libsmb/cliconnect.c
branches/SAMBA_3_0/source/nsswitch/winbindd_cred_cache.c
branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c
branches/SAMBA_3_0/source/rpc_client/cli_pipe.c
branches/SAMBA_3_0/source/utils/ntlm_auth.c
trunk/source/libads/kerberos.c
trunk/source/libads/krb5_setpw.c
trunk/source/libsmb/cliconnect.c
trunk/source/nsswitch/winbindd_cred_cache.c
trunk/source/nsswitch/winbindd_pam.c
trunk/source/rpc_client/cli_pipe.c
trunk/source/utils/ntlm_auth.c
Changeset:
Modified: branches/SAMBA_3_0/source/libads/kerberos.c
===================================================================
--- branches/SAMBA_3_0/source/libads/kerberos.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ branches/SAMBA_3_0/source/libads/kerberos.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -58,7 +58,7 @@
place in default cache location.
remus at snapserver.com
*/
-int kerberos_kinit_password(const char *principal,
+int kerberos_kinit_password_ext(const char *principal,
const char *password,
int time_offset,
time_t *expire_time,
@@ -187,7 +187,7 @@
return KRB5_LIBOS_CANTREADPWD;
}
- ret = kerberos_kinit_password(s, ads->auth.password, ads->auth.time_offset,
+ ret = kerberos_kinit_password_ext(s, ads->auth.password, ads->auth.time_offset,
&ads->auth.expire, NULL, NULL, False, ads->auth.renewable);
if (ret) {
@@ -380,8 +380,8 @@
if (password == NULL) {
goto out;
}
- if ((err = kerberos_kinit_password(machine_account, password, 0, NULL, NULL,
- LIBADS_CCACHE_NAME, False, 0)) != 0) {
+ if ((err = kerberos_kinit_password(machine_account, password,
+ 0, LIBADS_CCACHE_NAME)) != 0) {
DEBUG(0,("get_service_ticket: kerberos_kinit_password %s failed: %s\n",
machine_account,
error_message(err)));
@@ -811,4 +811,20 @@
}
return retval;
}
+
+int kerberos_kinit_password(const char *principal,
+ const char *password,
+ int time_offset,
+ const char *cache_name)
+{
+ return kerberos_kinit_password_ext(principal,
+ password,
+ time_offset,
+ 0,
+ 0,
+ cache_name,
+ False,
+ 0);
+}
+
#endif
Modified: branches/SAMBA_3_0/source/libads/krb5_setpw.c
===================================================================
--- branches/SAMBA_3_0/source/libads/krb5_setpw.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ branches/SAMBA_3_0/source/libads/krb5_setpw.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -685,7 +685,7 @@
{
int ret;
- if ((ret = kerberos_kinit_password(auth_principal, auth_password, time_offset, NULL, NULL, NULL, False, 0))) {
+ if ((ret = kerberos_kinit_password(auth_principal, auth_password, time_offset, NULL))) {
DEBUG(1,("Failed kinit for principal %s (%s)\n", auth_principal, error_message(ret)));
return ADS_ERROR_KRB5(ret);
}
Modified: branches/SAMBA_3_0/source/libsmb/cliconnect.c
===================================================================
--- branches/SAMBA_3_0/source/libsmb/cliconnect.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ branches/SAMBA_3_0/source/libsmb/cliconnect.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -756,7 +756,7 @@
int ret;
use_in_memory_ccache();
- ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL, NULL, NULL, False, 0);
+ ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL);
if (ret){
SAFE_FREE(principal);
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cred_cache.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cred_cache.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cred_cache.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -106,14 +106,14 @@
seteuid(entry->uid);
- ret = kerberos_kinit_password(entry->principal_name,
- entry->pass,
- 0, /* hm, can we do time correction here ? */
- &entry->refresh_time,
- &entry->renew_until,
- entry->ccname,
- False, /* no PAC required anymore */
- WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
+ ret = kerberos_kinit_password_ext(entry->principal_name,
+ entry->pass,
+ 0, /* hm, can we do time correction here ? */
+ &entry->refresh_time,
+ &entry->renew_until,
+ entry->ccname,
+ False, /* no PAC required anymore */
+ WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
seteuid(0);
if (ret) {
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -482,14 +482,14 @@
DEBUG(10,("winbindd_raw_kerberos_login: uid is %d\n", uid));
}
- krb5_ret = kerberos_kinit_password(principal_s,
- state->request.data.auth.pass,
- time_offset,
- &ticket_lifetime,
- &renewal_until,
- cc,
- True,
- WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
+ krb5_ret = kerberos_kinit_password_ext(principal_s,
+ state->request.data.auth.pass,
+ time_offset,
+ &ticket_lifetime,
+ &renewal_until,
+ cc,
+ True,
+ WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
if (krb5_ret) {
DEBUG(1,("winbindd_raw_kerberos_login: kinit failed for '%s' with: %s (%d)\n",
Modified: branches/SAMBA_3_0/source/rpc_client/cli_pipe.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_client/cli_pipe.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ branches/SAMBA_3_0/source/rpc_client/cli_pipe.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -2710,7 +2710,7 @@
/* Only get a new TGT if username/password are given. */
if (username && password) {
- int ret = kerberos_kinit_password(username, password, 0, NULL, NULL, NULL, False, 0);
+ int ret = kerberos_kinit_password(username, password, 0, NULL);
if (ret) {
cli_rpc_pipe_close(result);
return NULL;
Modified: branches/SAMBA_3_0/source/utils/ntlm_auth.c
===================================================================
--- branches/SAMBA_3_0/source/utils/ntlm_auth.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ branches/SAMBA_3_0/source/utils/ntlm_auth.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -1191,8 +1191,7 @@
pstr_sprintf(user, "%s@%s", opt_username, opt_domain);
- if ((retval = kerberos_kinit_password(user, opt_password,
- 0, NULL, NULL, NULL, False, 0))) {
+ if ((retval = kerberos_kinit_password(user, opt_password, 0, NULL))) {
DEBUG(10, ("Requesting TGT failed: %s\n", error_message(retval)));
return False;
}
Modified: trunk/source/libads/kerberos.c
===================================================================
--- trunk/source/libads/kerberos.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ trunk/source/libads/kerberos.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -58,7 +58,7 @@
place in default cache location.
remus at snapserver.com
*/
-int kerberos_kinit_password(const char *principal,
+int kerberos_kinit_password_ext(const char *principal,
const char *password,
int time_offset,
time_t *expire_time,
@@ -187,7 +187,7 @@
return KRB5_LIBOS_CANTREADPWD;
}
- ret = kerberos_kinit_password(s, ads->auth.password, ads->auth.time_offset,
+ ret = kerberos_kinit_password_ext(s, ads->auth.password, ads->auth.time_offset,
&ads->auth.expire, NULL, NULL, False, ads->auth.renewable);
if (ret) {
@@ -380,8 +380,8 @@
if (password == NULL) {
goto out;
}
- if ((err = kerberos_kinit_password(machine_account, password, 0, NULL, NULL,
- LIBADS_CCACHE_NAME, False, 0)) != 0) {
+ if ((err = kerberos_kinit_password(machine_account, password,
+ 0, LIBADS_CCACHE_NAME)) != 0) {
DEBUG(0,("get_service_ticket: kerberos_kinit_password %s failed: %s\n",
machine_account,
error_message(err)));
@@ -811,4 +811,20 @@
}
return retval;
}
+
+int kerberos_kinit_password(const char *principal,
+ const char *password,
+ int time_offset,
+ const char *cache_name)
+{
+ return kerberos_kinit_password_ext(principal,
+ password,
+ time_offset,
+ 0,
+ 0,
+ cache_name,
+ False,
+ 0);
+}
+
#endif
Modified: trunk/source/libads/krb5_setpw.c
===================================================================
--- trunk/source/libads/krb5_setpw.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ trunk/source/libads/krb5_setpw.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -685,7 +685,7 @@
{
int ret;
- if ((ret = kerberos_kinit_password(auth_principal, auth_password, time_offset, NULL, NULL, NULL, False, 0))) {
+ if ((ret = kerberos_kinit_password(auth_principal, auth_password, time_offset, NULL))) {
DEBUG(1,("Failed kinit for principal %s (%s)\n", auth_principal, error_message(ret)));
return ADS_ERROR_KRB5(ret);
}
Modified: trunk/source/libsmb/cliconnect.c
===================================================================
--- trunk/source/libsmb/cliconnect.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ trunk/source/libsmb/cliconnect.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -756,7 +756,7 @@
int ret;
use_in_memory_ccache();
- ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL, NULL, NULL, False, 0);
+ ret = kerberos_kinit_password(user, pass, 0 /* no time correction for now */, NULL);
if (ret){
SAFE_FREE(principal);
Modified: trunk/source/nsswitch/winbindd_cred_cache.c
===================================================================
--- trunk/source/nsswitch/winbindd_cred_cache.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ trunk/source/nsswitch/winbindd_cred_cache.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -106,14 +106,14 @@
seteuid(entry->uid);
- ret = kerberos_kinit_password(entry->principal_name,
- entry->pass,
- 0, /* hm, can we do time correction here ? */
- &entry->refresh_time,
- &entry->renew_until,
- entry->ccname,
- False, /* no PAC required anymore */
- WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
+ ret = kerberos_kinit_password_ext(entry->principal_name,
+ entry->pass,
+ 0, /* hm, can we do time correction here ? */
+ &entry->refresh_time,
+ &entry->renew_until,
+ entry->ccname,
+ False, /* no PAC required anymore */
+ WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
seteuid(0);
if (ret) {
Modified: trunk/source/nsswitch/winbindd_pam.c
===================================================================
--- trunk/source/nsswitch/winbindd_pam.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ trunk/source/nsswitch/winbindd_pam.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -482,14 +482,14 @@
DEBUG(10,("winbindd_raw_kerberos_login: uid is %d\n", uid));
}
- krb5_ret = kerberos_kinit_password(principal_s,
- state->request.data.auth.pass,
- time_offset,
- &ticket_lifetime,
- &renewal_until,
- cc,
- True,
- WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
+ krb5_ret = kerberos_kinit_password_ext(principal_s,
+ state->request.data.auth.pass,
+ time_offset,
+ &ticket_lifetime,
+ &renewal_until,
+ cc,
+ True,
+ WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
if (krb5_ret) {
DEBUG(1,("winbindd_raw_kerberos_login: kinit failed for '%s' with: %s (%d)\n",
Modified: trunk/source/rpc_client/cli_pipe.c
===================================================================
--- trunk/source/rpc_client/cli_pipe.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ trunk/source/rpc_client/cli_pipe.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -2710,7 +2710,7 @@
/* Only get a new TGT if username/password are given. */
if (username && password) {
- int ret = kerberos_kinit_password(username, password, 0, NULL, NULL, NULL, False, 0);
+ int ret = kerberos_kinit_password(username, password, 0, NULL);
if (ret) {
cli_rpc_pipe_close(result);
return NULL;
Modified: trunk/source/utils/ntlm_auth.c
===================================================================
--- trunk/source/utils/ntlm_auth.c 2006-03-20 16:40:42 UTC (rev 14584)
+++ trunk/source/utils/ntlm_auth.c 2006-03-20 19:05:44 UTC (rev 14585)
@@ -1191,8 +1191,7 @@
pstr_sprintf(user, "%s@%s", opt_username, opt_domain);
- if ((retval = kerberos_kinit_password(user, opt_password,
- 0, NULL, NULL, NULL, False, 0))) {
+ if ((retval = kerberos_kinit_password(user, opt_password, 0, NULL))) {
DEBUG(10, ("Requesting TGT failed: %s\n", error_message(retval)));
return False;
}
More information about the samba-cvs
mailing list