diff options
| author | Günther Deschner <gd@samba.org> | 2004-11-12 23:13:03 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:53:16 -0500 |
| commit | a13b603b79e170683b6b5b339d3494d32a9eaf39 (patch) | |
| tree | 45720fd19e08efb46c45c672475290e8750e50cc /source3/libads/krb5_setpw.c | |
| parent | 5c27f5fbc324524fd595645b9503b9d11cac9e99 (diff) | |
| download | samba-a13b603b79e170683b6b5b339d3494d32a9eaf39.tar.gz samba-a13b603b79e170683b6b5b339d3494d32a9eaf39.tar.bz2 samba-a13b603b79e170683b6b5b339d3494d32a9eaf39.zip | |
r3711: Fix KRB5_SETPW-defines, no change in behaviour.
A value of '2' is due to an expired internet draft, while 0xff80 comes
from RFC3244. See Bugzilla #1661 for details.
Thanks to Luke Mewburn <lukem@NetBSD.org> for his research.
Guenther
(This used to be commit 3906c1623fb3823612347a0533ad49d7dfbe1b99)
Diffstat (limited to 'source3/libads/krb5_setpw.c')
| -rw-r--r-- | source3/libads/krb5_setpw.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c index a45bf23610..9582574851 100644 --- a/source3/libads/krb5_setpw.c +++ b/source3/libads/krb5_setpw.c @@ -25,10 +25,8 @@ #define DEFAULT_KPASSWD_PORT 464 #define KRB5_KPASSWD_VERS_CHANGEPW 1 -#ifndef KRB5_KPASSWD_VERS_SETPW -#define KRB5_KPASSWD_VERS_SETPW 2 -#endif -#define KRB5_KPASSWD_VERS_SETPW_MS 0xff80 +#define KRB5_KPASSWD_VERS_SETPW 0xff80 +#define KRB5_KPASSWD_VERS_SETPW_ALT 2 #define KRB5_KPASSWD_ACCESSDENIED 5 #define KRB5_KPASSWD_BAD_VERSION 6 #define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7 @@ -140,7 +138,7 @@ static krb5_error_code build_kpasswd_request(uint16 pversion, if (pversion == KRB5_KPASSWD_VERS_CHANGEPW) setpw = data_blob(passwd, strlen(passwd)); else if (pversion == KRB5_KPASSWD_VERS_SETPW || - pversion == KRB5_KPASSWD_VERS_SETPW_MS) + pversion == KRB5_KPASSWD_VERS_SETPW_ALT) setpw = encode_krb5_setpw(princ, passwd); else return EINVAL; @@ -252,7 +250,7 @@ static krb5_error_code parse_setpw_reply(krb5_context context, /* FIXME: According to standard there is only one type of reply */ if (vnum != KRB5_KPASSWD_VERS_SETPW && - vnum != KRB5_KPASSWD_VERS_SETPW_MS && + vnum != KRB5_KPASSWD_VERS_SETPW_ALT && vnum != KRB5_KPASSWD_VERS_CHANGEPW) { DEBUG(1,("Bad vnum (%d) from kpasswd server\n", vnum)); return KRB5KDC_ERR_BAD_PVNO; @@ -557,7 +555,7 @@ ADS_STATUS ads_krb5_set_password(const char *kdc_host, const char *princ, /* we might have to call krb5_free_creds(...) from now on ... */ aret = do_krb5_kpasswd_request(context, kdc_host, - KRB5_KPASSWD_VERS_SETPW_MS, + KRB5_KPASSWD_VERS_SETPW, credsp, princ, newpw); krb5_free_creds(context, credsp); |