[PATCH] Small code cleanup in credentials code
Andreas Schneider
asn at samba.org
Wed Jan 3 08:37:16 UTC 2018
On Wednesday, 3 January 2018 09:27:28 CET Alexander Bokovoy wrote:
> > + maj_stat = gss_krb5_import_cred(&min_stat, NULL, princ, ktc->keytab,
>
> We prefer smb_gss_krb5_import_cred() because it would be using
> internally gss_acquire_cred_from() on newer MIT versions which is
> supporting GSSPROXY.
Ups, missed that. Thanks!
Updated patch attached.
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
>From e7a397216a27a0368ace644c4cf486408af61fd4 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Tue, 13 Dec 2016 11:38:13 +0100
Subject: [PATCH] credentials: Simplify cli_credentials_get_server_gss_creds()
Signed-off-by: Andreas Schneider <asn at samba.org>
---
auth/credentials/credentials_krb5.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/auth/credentials/credentials_krb5.c b/auth/credentials/credentials_krb5.c
index b88497dcace..585203a640d 100644
--- a/auth/credentials/credentials_krb5.c
+++ b/auth/credentials/credentials_krb5.c
@@ -1151,16 +1151,17 @@ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
}
if (ktc->password_based || obtained < CRED_SPECIFIED) {
- /* This creates a GSSAPI cred_id_t for match-by-key with only the keytab set */
- maj_stat = smb_gss_krb5_import_cred(&min_stat, smb_krb5_context->krb5_context,
- NULL, NULL, ktc->keytab,
- &gcc->creds);
- } else {
- /* This creates a GSSAPI cred_id_t with the principal and keytab set, matching by name */
- maj_stat = smb_gss_krb5_import_cred(&min_stat, smb_krb5_context->krb5_context,
- NULL, princ, ktc->keytab,
- &gcc->creds);
+ /*
+ * This creates a GSSAPI cred_id_t for match-by-key with only
+ * the keytab set
+ */
+ princ = NULL;
}
+ maj_stat = smb_gss_krb5_import_cred(&min_stat,
+ smb_krb5_context->krb5_context,
+ NULL, princ,
+ ktc->keytab,
+ &gcc->creds);
if (maj_stat) {
if (min_stat) {
ret = min_stat;
--
2.15.1
More information about the samba-technical
mailing list