summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2009-02-03 14:53:58 +0100
committerGünther Deschner <gd@samba.org>2009-02-03 15:32:47 +0100
commit3367812df604bb1d01f59ee2750427426164c519 (patch)
tree87871b75e9440ad85951f3f061113d554f3beaab
parent1318fe8c60cf3e6a12dfaf5933d7750d73cb3878 (diff)
downloadsamba-3367812df604bb1d01f59ee2750427426164c519.tar.gz
samba-3367812df604bb1d01f59ee2750427426164c519.tar.bz2
samba-3367812df604bb1d01f59ee2750427426164c519.zip
s3-kerberos: fix ads_dedicated_keytab_verify_ticket with heimdal.
Guenther
-rw-r--r--source3/libads/kerberos_verify.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/source3/libads/kerberos_verify.c b/source3/libads/kerberos_verify.c
index 4483d2be58..fe22898a26 100644
--- a/source3/libads/kerberos_verify.c
+++ b/source3/libads/kerberos_verify.c
@@ -45,6 +45,8 @@ static bool ads_dedicated_keytab_verify_ticket(krb5_context context,
krb5_ticket *dec_ticket = NULL;
krb5_data packet;
+ krb5_kvno kvno = 0;
+ krb5_enctype enctype;
*pp_tkt = NULL;
*keyblock = NULL;
@@ -62,7 +64,6 @@ static bool ads_dedicated_keytab_verify_ticket(krb5_context context,
packet.length = ticket->length;
packet.data = (char *)ticket->data;
- *pp_tkt = NULL;
ret = krb5_rd_req(context, &auth_context, &packet, NULL, keytab,
NULL, &dec_ticket);
@@ -71,10 +72,16 @@ static bool ads_dedicated_keytab_verify_ticket(krb5_context context,
goto out;
}
+#ifdef HAVE_ETYPE_IN_ENCRYPTEDDATA /* Heimdal */
+ enctype = dec_ticket->ticket.key.keytype;
+#else /* MIT */
+ enctype = dec_ticket->enc_part.enctype;
+ kvno = dec_ticket->enc_part.kvno;
+#endif
+
/* Get the key for checking the pac signature */
ret = krb5_kt_get_entry(context, keytab, dec_ticket->server,
- dec_ticket->enc_part.kvno, dec_ticket->enc_part.enctype,
- &kt_entry);
+ kvno, enctype, &kt_entry);
if (ret) {
DEBUG(0, ("krb5_kt_get_entry failed (%s)\n",
error_message(ret)));