r11270: Move the core CrackNames code from rpc_server/drsuapi to dsdb/samdb.

I'm sure this will not be the final resting place, but it will do for
now.

Use the cracknames code in auth/ for creating a server_info given a
principal name only (should avoid assumtions about spliting a
user@realm principal).

Andrew Bartlett
(This used to be commit c9d5d8e45dd7b7c99b6cf35b087bc18012f31222)

1 files changed, 6 insertions, 13 deletions

diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 64de8211dd..3ed38a435c 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -518,23 +518,16 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		/* NO pac, or can't parse or verify it */
 		krb5_error_code ret;
-		DATA_BLOB user_sess_key = data_blob(NULL, 0);
-		DATA_BLOB lm_sess_key = data_blob(NULL, 0);
-
-		char *account_name;
-		const char *realm = krb5_principal_get_realm(gensec_krb5_state->smb_krb5_context->krb5_context, 
-							     get_principal_from_tkt(gensec_krb5_state->ticket));
-		ret = krb5_unparse_name_norealm(gensec_krb5_state->smb_krb5_context->krb5_context, 
-						get_principal_from_tkt(gensec_krb5_state->ticket), &account_name);
+		char *principal_string;
+		ret = krb5_unparse_name(gensec_krb5_state->smb_krb5_context->krb5_context, 
+					get_principal_from_tkt(gensec_krb5_state->ticket), &principal_string);
 		if (ret) {
 			return NT_STATUS_NO_MEMORY;
 		}
 
-		/* TODO: should we pass the krb5 session key in here? */
-		nt_status = sam_get_server_info(mem_ctx, account_name, realm,
-						user_sess_key, lm_sess_key,
-						&server_info);
-		free(account_name);
+		nt_status = sam_get_server_info_principal(mem_ctx, principal_string,
+							  &server_info);
+		free(principal_string);
 		
 		if (!NT_STATUS_IS_OK(nt_status)) {
 			talloc_free(mem_ctx);