r10035: This patch removes the need for the special case hack

'MEMORY_WILDCARD' keytab type. (part of this checking is in effect a
merge from lorikeet-heimdal, where I removed this)

This is achieved by correctly using the GSSAPI gsskrb5_acquire_cred()
function, as this allows us to specify the target principal, regardless
of which alias the client may use.

This patch also tries to simplify some principal handling and fixes some
error cases.

Posted to samba-technical, reviewed by metze, and looked over by lha on IRC.

Andrew Bartlett
(This used to be commit 506a7b67aee949b102d8bf0d6ee9cd12def10d00)

1 files changed, 2 insertions, 2 deletions

diff --git a/source4/auth/kerberos/kerberos.h b/source4/auth/kerberos/kerberos.h
index 8cc8e561ac..39bba5f46f 100644
--- a/source4/auth/kerberos/kerberos.h
+++ b/source4/auth/kerberos/kerberos.h
@@ -102,10 +102,10 @@ NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
 			   DATA_BLOB *ap_rep,
 			   krb5_keyblock **keyblock);
 int kerberos_kinit_password_cc(krb5_context ctx, krb5_ccache cc, 
-			       const char *principal, const char *password, 
+			       krb5_principal principal, const char *password, 
 			       time_t *expire_time, time_t *kdc_time);
 int kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc, 
-			       const char *principal, krb5_keyblock *keyblock,
+			       krb5_principal principal, krb5_keyblock *keyblock,
 			       time_t *expire_time, time_t *kdc_time);
 krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context,
 							krb5_principal host_princ,