diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-12-30 03:57:11 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:49:00 -0500 |
commit | 906c142423dde9518a49eaa4819011d99216c711 (patch) | |
tree | 95791424c3a02069301277b81e2f201e7194a03f /source4/auth/kerberos/kerberos_verify.c | |
parent | 46aa296cc94933082dbb4b9b2b1ed210a600ad2d (diff) | |
download | samba-906c142423dde9518a49eaa4819011d99216c711.tar.gz samba-906c142423dde9518a49eaa4819011d99216c711.tar.bz2 samba-906c142423dde9518a49eaa4819011d99216c711.zip |
r12594: Jelmer pushed some proposed header reductions to the list today. This
commits some of these that I know to be correct in the kerberos area.
Andrew Bartlett
(This used to be commit 6787b3737c27f5136152b007b0ee2ae314efac3c)
Diffstat (limited to 'source4/auth/kerberos/kerberos_verify.c')
-rw-r--r-- | source4/auth/kerberos/kerberos_verify.c | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/source4/auth/kerberos/kerberos_verify.c b/source4/auth/kerberos/kerberos_verify.c index 020b63478e..29d704b148 100644 --- a/source4/auth/kerberos/kerberos_verify.c +++ b/source4/auth/kerberos/kerberos_verify.c @@ -24,12 +24,8 @@ */ #include "includes.h" -#include "system/network.h" #include "system/kerberos.h" #include "auth/kerberos/kerberos.h" -#include "asn_1.h" -#include "lib/ldb/include/ldb.h" -#include "secrets.h" #ifdef HAVE_KRB5 @@ -57,10 +53,6 @@ struct keytab_container *keytab_container; - /* This whole process is far more complex than I would - like. We have to go through all this to allow us to store - the secret internally, instead of using /etc/krb5.keytab */ - /* * TODO: Actually hook in the replay cache in Heimdal, then * re-add calls to setup a replay cache here, in our private @@ -70,11 +62,13 @@ packet.length = enc_ticket->length; packet.data = (krb5_pointer)enc_ticket->data; + /* Grab the keytab, however generated */ ret = cli_credentials_get_keytab(machine_account, &keytab_container); if (ret) { return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } + /* This ensures we lookup the correct entry in that keytab */ ret = principal_from_credentials(mem_ctx, machine_account, smb_krb5_context, &server); if (ret == 0) { |