diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-05-16 00:12:39 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:16:45 -0500 |
commit | c71a11c7ad506fd1c9e5cf33b930e378fc9b8553 (patch) | |
tree | 13a432dffd83f4ddb7750e40c7ab7ec960fd5bc5 | |
parent | 5c6dd5e800b879efdce3bbc3a16f32c5e78b4917 (diff) | |
download | samba-c71a11c7ad506fd1c9e5cf33b930e378fc9b8553.tar.gz samba-c71a11c7ad506fd1c9e5cf33b930e378fc9b8553.tar.bz2 samba-c71a11c7ad506fd1c9e5cf33b930e378fc9b8553.zip |
r6801: It appears that krb5_make_principal, while convenient, is not portable.
Andrew Bartlett
(This used to be commit c8e8fa129ed0c80bcd289445935047c28d48da64)
-rw-r--r-- | source4/auth/kerberos/kerberos_verify.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/source4/auth/kerberos/kerberos_verify.c b/source4/auth/kerberos/kerberos_verify.c index 0497e3effa..2e6e8870de 100644 --- a/source4/auth/kerberos/kerberos_verify.c +++ b/source4/auth/kerberos/kerberos_verify.c @@ -326,6 +326,7 @@ static krb5_error_code ads_secrets_verify_ticket(TALLOC_CTX *mem_ctx, char *malloc_principal; char *machine_username; krb5_principal salt_princ = NULL; + char *salt_princ_string; NTSTATUS creds_nt_status; struct cli_credentials *machine_account; @@ -342,8 +343,12 @@ static krb5_error_code ads_secrets_verify_ticket(TALLOC_CTX *mem_ctx, DEBUG(3, ("Could not obtain machine account credentials from the local database\n")); /* This just becomes a locking key, if we don't have creds, we must be using the keytab */ - ret = krb5_make_principal(context, &salt_princ, lp_realm(), - "host", lp_netbios_name(), NULL); + salt_princ_string = talloc_asprintf(mem_ctx, "host/%s@%s", lp_netbios_name(), lp_realm()); + if (!salt_princ_string) { + ret = ENOMEM; + } else { + ret = krb5_parse_name(context, salt_princ_string, &salt_princ); + } } else { machine_username = talloc_strdup(mem_ctx, cli_credentials_get_username(machine_account)); @@ -364,8 +369,12 @@ static krb5_error_code ads_secrets_verify_ticket(TALLOC_CTX *mem_ctx, if (!salt_body) { ret = ENOMEM; } else { - ret = krb5_make_principal(context, &salt_princ, cli_credentials_get_realm(machine_account), - "host", salt_body, NULL); + salt_princ_string = talloc_asprintf(mem_ctx, "host/%s@%s", salt_body, cli_credentials_get_realm(machine_account)); + if (!salt_princ_string) { + ret = ENOMEM; + } else { + ret = krb5_parse_name(context, salt_princ_string, &salt_princ); + } } } } |