summaryrefslogtreecommitdiff
path: root/source3/librpc
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-01-20 11:50:20 +0100
committerStefan Metzmacher <metze@samba.org>2012-01-20 23:55:53 +0100
commitf86ab2947040f8e0cd6fd73da31ebe33ac18d2eb (patch)
tree1c6ff98b2c9a774b0fd908cc912526438ad85cd7 /source3/librpc
parent4e444f00618161e11d13495d1402886c7e93866c (diff)
downloadsamba-f86ab2947040f8e0cd6fd73da31ebe33ac18d2eb.tar.gz
samba-f86ab2947040f8e0cd6fd73da31ebe33ac18d2eb.tar.bz2
samba-f86ab2947040f8e0cd6fd73da31ebe33ac18d2eb.zip
s3-gse: fix SECRETS_AND_KEYTAB fallback in gse_krb5_get_server_keytab()
metze
Diffstat (limited to 'source3/librpc')
-rw-r--r--source3/librpc/crypto/gse_krb5.c19
1 files changed, 13 insertions, 6 deletions
diff --git a/source3/librpc/crypto/gse_krb5.c b/source3/librpc/crypto/gse_krb5.c
index 81a9a07596..43b5eb2577 100644
--- a/source3/librpc/crypto/gse_krb5.c
+++ b/source3/librpc/crypto/gse_krb5.c
@@ -351,7 +351,9 @@ static krb5_error_code get_mem_keytab_from_system_keytab(krb5_context krbctx,
krb5_error_code gse_krb5_get_server_keytab(krb5_context krbctx,
krb5_keytab *keytab)
{
- krb5_error_code ret;
+ krb5_error_code ret = 0;
+ krb5_error_code ret1 = 0;
+ krb5_error_code ret2 = 0;
*keytab = NULL;
@@ -368,16 +370,21 @@ krb5_error_code gse_krb5_get_server_keytab(krb5_context krbctx,
ret = get_mem_keytab_from_system_keytab(krbctx, keytab, false);
break;
case KERBEROS_VERIFY_SECRETS_AND_KEYTAB:
- ret = get_mem_keytab_from_secrets(krbctx, keytab);
- if (ret) {
+ ret1 = get_mem_keytab_from_secrets(krbctx, keytab);
+ if (ret1) {
DEBUG(3, (__location__ ": Warning! Unable to set mem "
"keytab from secrets!\n"));
}
/* Now append system keytab keys too */
- ret = get_mem_keytab_from_system_keytab(krbctx, keytab, true);
- if (ret) {
+ ret2 = get_mem_keytab_from_system_keytab(krbctx, keytab, true);
+ if (ret2) {
DEBUG(3, (__location__ ": Warning! Unable to set mem "
- "keytab from secrets!\n"));
+ "keytab from system keytab!\n"));
+ }
+ if (ret1 == 0 || ret2 == 0) {
+ ret = 0;
+ } else {
+ ret = ret1;
}
break;
}