diff options
author | Andrew Tridgell <tridge@samba.org> | 2001-12-08 11:18:56 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2001-12-08 11:18:56 +0000 |
commit | 5d378a280f74405fccbadbfb28e1066613c76fd8 (patch) | |
tree | 3b039a256136b760164c9357dc0ce4fb3986b735 /source3/libads/kerberos.c | |
parent | 22a76a063213bdc514816440d3838e145c4ec340 (diff) | |
download | samba-5d378a280f74405fccbadbfb28e1066613c76fd8.tar.gz samba-5d378a280f74405fccbadbfb28e1066613c76fd8.tar.bz2 samba-5d378a280f74405fccbadbfb28e1066613c76fd8.zip |
added internal sasl/gssapi code. This means we are no longer dependent on cyrus-sasl which makes the code much less fragile. Also added code to auto-determine the server name or realm
(This used to be commit 435fdf276a79c2a517adcd7726933aeef3fa924b)
Diffstat (limited to 'source3/libads/kerberos.c')
-rw-r--r-- | source3/libads/kerberos.c | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 19e8ffdc00..521fe0d5eb 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -85,19 +85,29 @@ int ads_kinit_password(ADS_STRUCT *ads) { char *s; int ret; - extern pstring global_myname; - fstring myname; + char *ccache; + + ccache = lock_path("winbindd_ccache"); /* we don't want this to affect the users ccache */ - setenv("KRB5CCNAME", lock_path("winbindd_ccache"), 1); + setenv("KRB5CCNAME", ccache, 1); - fstrcpy(myname, global_myname); - strlower(myname); - asprintf(&s, "HOST/%s@%s", global_myname, ads->realm); + unlink(ccache); + + if (!ads->user_name) { + /* by default use the machine account */ + extern pstring global_myname; + fstring myname; + fstrcpy(myname, global_myname); + strlower(myname); + asprintf(&ads->user_name, "HOST/%s", global_myname); + } + asprintf(&s, "%s@%s", ads->user_name, ads->realm); ret = kerberos_kinit_password(s, ads->password); free(s); if (ret) { - DEBUG(1,("kerberos_kinit_password failed: %s\n", error_message(ret))); + DEBUG(1,("kerberos_kinit_password %s failed: %s\n", + s, error_message(ret))); } return ret; } |