summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-01-28 12:19:20 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:51:34 -0500
commit654a21178fa7e908e3a2be42d5522ea1b1b23250 (patch)
treedd08f7db5a8cefd0bf234c036ed82ccb80fb6284
parent44e601b5ad635ba29088fd4c747627dee8d62112 (diff)
downloadsamba-654a21178fa7e908e3a2be42d5522ea1b1b23250.tar.gz
samba-654a21178fa7e908e3a2be42d5522ea1b1b23250.tar.bz2
samba-654a21178fa7e908e3a2be42d5522ea1b1b23250.zip
r13207: Use the new API for using/not using kerbeors in hdb-ldb.c
Update the rootdse module to use the new schema. Andrew Bartlett (This used to be commit b0b150d08ac39ed486071487826da2e306db6a0b)
-rw-r--r--source4/dsdb/samdb/ldb_modules/rootdse.c6
-rw-r--r--source4/kdc/hdb-ldb.c8
2 files changed, 8 insertions, 6 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 0bf63f30ae..fc1bfa824e 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -83,7 +83,11 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_request *re
server_creds = talloc_get_type(ldb_get_opaque(module->ldb, "server_credentials"),
struct cli_credentials);
if (do_attribute(s->attrs, "supportedSASLMechanisms")) {
- const struct gensec_security_ops **ops = cli_credentials_gensec_list(server_creds);
+ struct gensec_security_ops **backends = gensec_security_all();
+ enum credentials_use_kerberos use_kerberos
+ = cli_credentials_get_kerberos_state(server_creds);
+ struct gensec_security_ops **ops
+ = gensec_use_kerberos_mechs(req, backends, use_kerberos);
int i;
for (i = 0; ops && ops[i]; i++) {
if (ops[i]->sasl_name) {
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c
index a155e24e7e..86c1b048a7 100644
--- a/source4/kdc/hdb-ldb.c
+++ b/source4/kdc/hdb-ldb.c
@@ -958,6 +958,7 @@ NTSTATUS kdc_hdb_ldb_create(TALLOC_CTX *mem_ctx,
{
NTSTATUS nt_status;
struct auth_session_info *session_info;
+ struct gensec_security_ops **not_kerberos_list;
*db = talloc(mem_ctx, HDB);
if (!*db) {
krb5_set_error_string(context, "malloc: out of memory");
@@ -980,11 +981,8 @@ NTSTATUS kdc_hdb_ldb_create(TALLOC_CTX *mem_ctx,
* certificates, for now it will almost certainly be NTLMSSP
*/
- nt_status = cli_credentials_gensec_remove_oid(session_info->credentials,
- GENSEC_OID_KERBEROS5);
- if (!NT_STATUS_IS_OK(nt_status)) {
- return nt_status;
- }
+ cli_credentials_set_kerberos_state(session_info->credentials,
+ CRED_DONT_USE_KERBEROS);
/* Setup the link to LDB */
(*db)->hdb_db = samdb_connect(*db, session_info);