diff options
author | Stefan Metzmacher <metze@samba.org> | 2012-01-20 11:50:20 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-20 23:55:53 +0100 |
commit | f86ab2947040f8e0cd6fd73da31ebe33ac18d2eb (patch) | |
tree | 1c6ff98b2c9a774b0fd908cc912526438ad85cd7 /source3/librpc | |
parent | 4e444f00618161e11d13495d1402886c7e93866c (diff) | |
download | samba-f86ab2947040f8e0cd6fd73da31ebe33ac18d2eb.tar.gz samba-f86ab2947040f8e0cd6fd73da31ebe33ac18d2eb.tar.bz2 samba-f86ab2947040f8e0cd6fd73da31ebe33ac18d2eb.zip |
s3-gse: fix SECRETS_AND_KEYTAB fallback in gse_krb5_get_server_keytab()
metze
Diffstat (limited to 'source3/librpc')
-rw-r--r-- | source3/librpc/crypto/gse_krb5.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c index 81a9a07596..43b5eb2577 100644 --- a/source3/librpc/crypto/gse_krb5.c +++ b/source3/librpc/crypto/gse_krb5.c @@ -351,7 +351,9 @@ static krb5_error_code get_mem_keytab_from_system_keytab(krb5_context krbctx, krb5_error_code gse_krb5_get_server_keytab(krb5_context krbctx, krb5_keytab *keytab) { - krb5_error_code ret; + krb5_error_code ret = 0; + krb5_error_code ret1 = 0; + krb5_error_code ret2 = 0; *keytab = NULL; @@ -368,16 +370,21 @@ krb5_error_code gse_krb5_get_server_keytab(krb5_context krbctx, ret = get_mem_keytab_from_system_keytab(krbctx, keytab, false); break; case KERBEROS_VERIFY_SECRETS_AND_KEYTAB: - ret = get_mem_keytab_from_secrets(krbctx, keytab); - if (ret) { + ret1 = get_mem_keytab_from_secrets(krbctx, keytab); + if (ret1) { DEBUG(3, (__location__ ": Warning! Unable to set mem " "keytab from secrets!\n")); } /* Now append system keytab keys too */ - ret = get_mem_keytab_from_system_keytab(krbctx, keytab, true); - if (ret) { + ret2 = get_mem_keytab_from_system_keytab(krbctx, keytab, true); + if (ret2) { DEBUG(3, (__location__ ": Warning! Unable to set mem " - "keytab from secrets!\n")); + "keytab from system keytab!\n")); + } + if (ret1 == 0 || ret2 == 0) { + ret = 0; + } else { + ret = ret1; } break; } |