[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha6-424-g329b877
Günther Deschner
gd at samba.org
Tue Feb 3 14:33:40 GMT 2009
The branch, master has been updated
via 329b8775f56c8a89f02646e11ba27a33080f48b1 (commit)
via b0ea17973400cd15c3fb23c8deb4f9c37b42035a (commit)
via 3367812df604bb1d01f59ee2750427426164c519 (commit)
via 1318fe8c60cf3e6a12dfaf5933d7750d73cb3878 (commit)
from 20a1cb15699c781651593c68685ece91c03e6a18 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 329b8775f56c8a89f02646e11ba27a33080f48b1
Author: Günther Deschner <gd at samba.org>
Date: Tue Feb 3 15:31:28 2009 +0100
s3-net: fix warning message for keytab usage.
Guenther
commit b0ea17973400cd15c3fb23c8deb4f9c37b42035a
Author: Günther Deschner <gd at samba.org>
Date: Tue Feb 3 14:15:40 2009 +0100
s3-kerberos: use KRB5_KT_KEY compat macro.
Guenther
commit 3367812df604bb1d01f59ee2750427426164c519
Author: Günther Deschner <gd at samba.org>
Date: Tue Feb 3 14:53:58 2009 +0100
s3-kerberos: fix ads_dedicated_keytab_verify_ticket with heimdal.
Guenther
commit 1318fe8c60cf3e6a12dfaf5933d7750d73cb3878
Author: Günther Deschner <gd at samba.org>
Date: Tue Feb 3 14:51:12 2009 +0100
Revert "fix for commit d96248a9b46 which broke Heimdal builds"
This does not build.
This reverts commit af736923a541df1a37afeb72b8a5652932c4c69c.
-----------------------------------------------------------------------
Summary of changes:
source3/libads/kerberos_verify.c | 25 ++++++++++---------------
source3/utils/net_ads.c | 4 ++--
2 files changed, 12 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index ec897ad..b903b2a 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -45,6 +45,8 @@ static bool ads_dedicated_keytab_verify_ticket(krb5_context context,
krb5_ticket *dec_ticket = NULL;
krb5_data packet;
+ krb5_kvno kvno = 0;
+ krb5_enctype enctype;
*pp_tkt = NULL;
*keyblock = NULL;
@@ -62,7 +64,6 @@ static bool ads_dedicated_keytab_verify_ticket(krb5_context context,
packet.length = ticket->length;
packet.data = (char *)ticket->data;
- *pp_tkt = NULL;
ret = krb5_rd_req(context, &auth_context, &packet, NULL, keytab,
NULL, &dec_ticket);
@@ -71,29 +72,23 @@ static bool ads_dedicated_keytab_verify_ticket(krb5_context context,
goto out;
}
- /* Get the key for checking the pac signature */
#ifdef HAVE_ETYPE_IN_ENCRYPTEDDATA /* Heimdal */
- ret = krb5_kt_get_entry(context, keytab, dec_ticket->server,
- dec_ticket.enc_part.kvno, dec_ticket.enc_part.etype,
- &kt_entry);
+ enctype = dec_ticket->ticket.key.keytype;
#else /* MIT */
- ret = krb5_kt_get_entry(context, keytab, dec_ticket->server,
- dec_ticket->enc_part.kvno, dec_ticket->enc_part.enctype,
- &kt_entry);
+ enctype = dec_ticket->enc_part.enctype;
+ kvno = dec_ticket->enc_part.kvno;
#endif
+
+ /* Get the key for checking the pac signature */
+ ret = krb5_kt_get_entry(context, keytab, dec_ticket->server,
+ kvno, enctype, &kt_entry);
if (ret) {
DEBUG(0, ("krb5_kt_get_entry failed (%s)\n",
error_message(ret)));
goto out;
}
-#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */
- ret = krb5_copy_keyblock(context, &kt_entry.keyblock, keyblock);
-#elif defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) /* MIT */
- ret = krb5_copy_keyblock(context, &kt_entry.key, keyblock);
-#else
-#error UNKNOWN_KRB5_KEYTAB_ENTRY_FORMAT
-#endif
+ ret = krb5_copy_keyblock(context, KRB5_KT_KEY(&kt_entry), keyblock);
smb_krb5_kt_free_entry(context, &kt_entry);
if (ret) {
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 03786e2..86fb9f6 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -2242,8 +2242,8 @@ int net_ads_keytab(struct net_context *c, int argc, const char **argv)
};
if (!USE_KERBEROS_KEYTAB) {
- d_printf("\nWarning: \"kerberos method\" must be set to a \
- keytab method to use keytab functions.\n");
+ d_printf("\nWarning: \"kerberos method\" must be set to a "
+ "keytab method to use keytab functions.\n");
}
return net_run_function(c, argc, argv, "net ads keytab", func);
--
Samba Shared Repository
More information about the samba-cvs
mailing list