diff options
| author | Andrew Tridgell <tridge@samba.org> | 2002-09-17 12:12:50 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2002-09-17 12:12:50 +0000 |
| commit | b33681fc0b8ef7b9fa91c154f7c3117afafa349e (patch) | |
| tree | a83b6dc52ddcd4fdc873882b5a127a33044e55c5 /source3/libads/sasl.c | |
| parent | 3fefef7a7238e63716a8003aa27a08627a61b927 (diff) | |
| download | samba-b33681fc0b8ef7b9fa91c154f7c3117afafa349e.tar.gz samba-b33681fc0b8ef7b9fa91c154f7c3117afafa349e.tar.bz2 samba-b33681fc0b8ef7b9fa91c154f7c3117afafa349e.zip | |
Add clock skew handling to our kerberos code. This allows us to cope with
the DC being out of sync with the local machine.
(This used to be commit 0d28d769472ea3b98ae4c8757093dfd4499f6dd1)
Diffstat (limited to 'source3/libads/sasl.c')
| -rw-r--r-- | source3/libads/sasl.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/source3/libads/sasl.c b/source3/libads/sasl.c index 12a5722319..c110c1d2cd 100644 --- a/source3/libads/sasl.c +++ b/source3/libads/sasl.c @@ -122,7 +122,7 @@ static ADS_STATUS ads_sasl_spnego_krb5_bind(ADS_STRUCT *ads, const char *princip struct berval cred, *scred; int rc; - blob = spnego_gen_negTokenTarg(principal); + blob = spnego_gen_negTokenTarg(principal, ads->auth.time_offset); if (!blob.data) { return ADS_ERROR(LDAP_OPERATIONS_ERROR); @@ -144,7 +144,7 @@ static ADS_STATUS ads_sasl_spnego_krb5_bind(ADS_STRUCT *ads, const char *princip */ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads) { - struct berval *scred; + struct berval *scred=NULL; int rc, i; ADS_STATUS status; DATA_BLOB blob; @@ -185,7 +185,8 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads) } DEBUG(3,("got principal=%s\n", principal)); - if (got_kerberos_mechanism && ads_kinit_password(ads) == 0) { + if (!(ads->auth.flags & ADS_AUTH_DISABLE_KERBEROS) && + got_kerberos_mechanism && ads_kinit_password(ads) == 0) { return ads_sasl_spnego_krb5_bind(ads, principal); } |