summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2006-03-17 13:57:00 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:15:35 -0500
commit0342db7e87f4c98da4051e9fc7a8abf1e36218d0 (patch)
tree00a7c0410a2a4528f26d686b6af1c95323e4df2d
parent8a1ecaa7c6d49993d45a41e9f6e071cd3435c047 (diff)
downloadsamba-0342db7e87f4c98da4051e9fc7a8abf1e36218d0.tar.gz
samba-0342db7e87f4c98da4051e9fc7a8abf1e36218d0.tar.bz2
samba-0342db7e87f4c98da4051e9fc7a8abf1e36218d0.zip
r14512: Guenther, This code breaks winbind with MIT krb1.3.
I'm disabling it for now until we have en effective means of dealing with the ticket request flags for users and computers. (This used to be commit 635f0c9c01c2e389ca916e9004e9ea064bf69cbb)
-rw-r--r--source3/libads/kerberos.c14
1 files changed, 12 insertions, 2 deletions
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index c82310dd08..17e350d754 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -72,7 +72,9 @@ int kerberos_kinit_password(const char *principal,
krb5_ccache cc = NULL;
krb5_principal me;
krb5_creds my_creds;
+#if 0
krb5_get_init_creds_opt opt;
+#endif
initialize_krb5_error_table();
if ((code = krb5_init_context(&ctx)))
@@ -95,9 +97,12 @@ int kerberos_kinit_password(const char *principal,
return code;
}
+#if 0 /* This code causes problems with MIT krb5 1.3 when asking for a
+ TGT for the machine account */
krb5_get_init_creds_opt_init(&opt);
krb5_get_init_creds_opt_set_renew_life(&opt, renewable_time);
krb5_get_init_creds_opt_set_forwardable(&opt, 1);
+#endif
if (request_pac) {
#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST
@@ -105,9 +110,14 @@ int kerberos_kinit_password(const char *principal,
#endif
}
+#if 0
if ((code = krb5_get_init_creds_password(ctx, &my_creds, me, CONST_DISCARD(char *,password),
- kerb_prompter,
- NULL, 0, NULL, &opt))) {
+ kerb_prompter, NULL, 0, NULL, &opt)))
+#else
+ if ((code = krb5_get_init_creds_password(ctx, &my_creds, me, CONST_DISCARD(char *,password),
+ kerb_prompter, NULL, 0, NULL, NULL)))
+#endif
+ {
krb5_free_principal(ctx, me);
krb5_free_context(ctx);
return code;