[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha5-167-g0aa6d63
Stefan Metzmacher
metze at samba.org
Sat Jul 26 19:48:40 GMT 2008
The branch, v4-0-test has been updated
via 0aa6d63ec571b0ca05fbfe14d2b4e9ba3e1082e9 (commit)
via 9fc5750156467f579ea8d7755987d091f5b579c2 (commit)
from 2f06fbe06be2e1b77ea013ddba853ce819e58e88 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit 0aa6d63ec571b0ca05fbfe14d2b4e9ba3e1082e9
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 25 16:02:29 2008 +0200
lib/ldb/tools: allow -W and --realm when build from samba4
metze
commit 9fc5750156467f579ea8d7755987d091f5b579c2
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 25 16:00:50 2008 +0200
auth/credentials: use the same enctypes when getting a TGT and a TGS
metze
-----------------------------------------------------------------------
Summary of changes:
source/auth/credentials/credentials_krb5.c | 23 +++++++++++++++++++++++
source/lib/ldb/tools/cmdline.c | 1 +
2 files changed, 24 insertions(+), 0 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/auth/credentials/credentials_krb5.c b/source/auth/credentials/credentials_krb5.c
index a880486..c4c5839 100644
--- a/source/auth/credentials/credentials_krb5.c
+++ b/source/auth/credentials/credentials_krb5.c
@@ -360,6 +360,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
struct gssapi_creds_container *gcc;
struct ccache_container *ccache;
gss_buffer_desc empty_buffer = GSS_C_EMPTY_BUFFER;
+ krb5_enctype *etypes = NULL;
if (cred->client_gss_creds_obtained >= cred->client_gss_creds_threshold &&
cred->client_gss_creds_obtained > CRED_UNINITIALISED) {
@@ -391,6 +392,28 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
return ret;
}
+ /* transfer the enctypes from the smb_krb5_context to the gssapi layer */
+ min_stat = krb5_get_default_in_tkt_etypes(ccache->smb_krb5_context->krb5_context,
+ &etypes);
+ if (min_stat == 0) {
+ OM_uint32 num_ktypes;
+
+ for (num_ktypes = 0; etypes[num_ktypes]; num_ktypes++);
+
+ maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, gcc->creds,
+ num_ktypes, etypes);
+ krb5_xfree (etypes);
+ if (maj_stat) {
+ talloc_free(gcc);
+ if (min_stat) {
+ ret = min_stat;
+ } else {
+ ret = EINVAL;
+ }
+ return ret;
+ }
+ }
+
/* don't force GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG */
maj_stat = gss_set_cred_option(&min_stat, &gcc->creds,
GSS_KRB5_CRED_NO_CI_FLAGS_X,
diff --git a/source/lib/ldb/tools/cmdline.c b/source/lib/ldb/tools/cmdline.c
index c9c77c4..765d8b9 100644
--- a/source/lib/ldb/tools/cmdline.c
+++ b/source/lib/ldb/tools/cmdline.c
@@ -75,6 +75,7 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb,
#if (_SAMBA_BUILD_ >= 4)
POPT_COMMON_SAMBA
POPT_COMMON_CREDENTIALS
+ POPT_COMMON_CONNECTION
POPT_COMMON_VERSION
#endif
{ NULL }
--
Samba Shared Repository
More information about the samba-cvs
mailing list