summaryrefslogtreecommitdiff
path: root/source3/libads
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2004-11-12 23:13:03 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:53:16 -0500
commita13b603b79e170683b6b5b339d3494d32a9eaf39 (patch)
tree45720fd19e08efb46c45c672475290e8750e50cc /source3/libads
parent5c27f5fbc324524fd595645b9503b9d11cac9e99 (diff)
downloadsamba-a13b603b79e170683b6b5b339d3494d32a9eaf39.tar.gz
samba-a13b603b79e170683b6b5b339d3494d32a9eaf39.tar.bz2
samba-a13b603b79e170683b6b5b339d3494d32a9eaf39.zip
r3711: Fix KRB5_SETPW-defines, no change in behaviour.
A value of '2' is due to an expired internet draft, while 0xff80 comes from RFC3244. See Bugzilla #1661 for details. Thanks to Luke Mewburn <lukem@NetBSD.org> for his research. Guenther (This used to be commit 3906c1623fb3823612347a0533ad49d7dfbe1b99)
Diffstat (limited to 'source3/libads')
-rw-r--r--source3/libads/krb5_setpw.c12
1 files changed, 5 insertions, 7 deletions
diff --git a/source3/libads/krb5_setpw.c b/source3/libads/krb5_setpw.c
index a45bf23610..9582574851 100644
--- a/source3/libads/krb5_setpw.c
+++ b/source3/libads/krb5_setpw.c
@@ -25,10 +25,8 @@
#define DEFAULT_KPASSWD_PORT 464
#define KRB5_KPASSWD_VERS_CHANGEPW 1
-#ifndef KRB5_KPASSWD_VERS_SETPW
-#define KRB5_KPASSWD_VERS_SETPW 2
-#endif
-#define KRB5_KPASSWD_VERS_SETPW_MS 0xff80
+#define KRB5_KPASSWD_VERS_SETPW 0xff80
+#define KRB5_KPASSWD_VERS_SETPW_ALT 2
#define KRB5_KPASSWD_ACCESSDENIED 5
#define KRB5_KPASSWD_BAD_VERSION 6
#define KRB5_KPASSWD_INITIAL_FLAG_NEEDED 7
@@ -140,7 +138,7 @@ static krb5_error_code build_kpasswd_request(uint16 pversion,
if (pversion == KRB5_KPASSWD_VERS_CHANGEPW)
setpw = data_blob(passwd, strlen(passwd));
else if (pversion == KRB5_KPASSWD_VERS_SETPW ||
- pversion == KRB5_KPASSWD_VERS_SETPW_MS)
+ pversion == KRB5_KPASSWD_VERS_SETPW_ALT)
setpw = encode_krb5_setpw(princ, passwd);
else
return EINVAL;
@@ -252,7 +250,7 @@ static krb5_error_code parse_setpw_reply(krb5_context context,
/* FIXME: According to standard there is only one type of reply */
if (vnum != KRB5_KPASSWD_VERS_SETPW &&
- vnum != KRB5_KPASSWD_VERS_SETPW_MS &&
+ vnum != KRB5_KPASSWD_VERS_SETPW_ALT &&
vnum != KRB5_KPASSWD_VERS_CHANGEPW) {
DEBUG(1,("Bad vnum (%d) from kpasswd server\n", vnum));
return KRB5KDC_ERR_BAD_PVNO;
@@ -557,7 +555,7 @@ ADS_STATUS ads_krb5_set_password(const char *kdc_host, const char *princ,
/* we might have to call krb5_free_creds(...) from now on ... */
aret = do_krb5_kpasswd_request(context, kdc_host,
- KRB5_KPASSWD_VERS_SETPW_MS,
+ KRB5_KPASSWD_VERS_SETPW,
credsp, princ, newpw);
krb5_free_creds(context, credsp);