diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2008-02-21 14:16:02 +0100 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2008-02-21 14:16:02 +0100 |
commit | 37deca2d41d74faa7abe060a21340263bd6d66f7 (patch) | |
tree | 6518c1de676c2ceb9358128fc6a7ff8900186499 /source4/auth | |
parent | ee6f838d3a5aaa54b105249391aae89803901a2e (diff) | |
download | samba-37deca2d41d74faa7abe060a21340263bd6d66f7.tar.gz samba-37deca2d41d74faa7abe060a21340263bd6d66f7.tar.bz2 samba-37deca2d41d74faa7abe060a21340263bd6d66f7.zip |
Avoid use of global_loadparm.
(This used to be commit c5a95bbe0ce55c29e135a9c6058bf192ec3bb546)
Diffstat (limited to 'source4/auth')
-rw-r--r-- | source4/auth/gensec/gensec_gssapi.c | 2 | ||||
-rw-r--r-- | source4/auth/gensec/gensec_krb5.c | 4 | ||||
-rw-r--r-- | source4/auth/kerberos/kerberos.h | 4 | ||||
-rw-r--r-- | source4/auth/kerberos/kerberos_pac.c | 11 |
4 files changed, 16 insertions, 5 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index 8361b115d7..d8cdb90197 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -1298,7 +1298,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi } /* decode and verify the pac */ - nt_status = kerberos_pac_logon_info(mem_ctx, &logon_info, pac_blob, + nt_status = kerberos_pac_logon_info(mem_ctx, lp_iconv_convenience(gensec_security->lp_ctx), &logon_info, pac_blob, gensec_gssapi_state->smb_krb5_context->krb5_context, NULL, keyblock, principal, authtime, NULL); krb5_free_principal(gensec_gssapi_state->smb_krb5_context->krb5_context, principal); diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index d9addcaa3c..88432c7f89 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -617,7 +617,9 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security } /* decode and verify the pac */ - nt_status = kerberos_pac_logon_info(gensec_krb5_state, &logon_info, pac, + nt_status = kerberos_pac_logon_info(gensec_krb5_state, + lp_iconv_convenience(gensec_security->lp_ctx), + &logon_info, pac, gensec_krb5_state->smb_krb5_context->krb5_context, NULL, gensec_krb5_state->keyblock, client_principal, diff --git a/source4/auth/kerberos/kerberos.h b/source4/auth/kerberos/kerberos.h index bafd58a048..8585aa321b 100644 --- a/source4/auth/kerberos/kerberos.h +++ b/source4/auth/kerberos/kerberos.h @@ -111,6 +111,7 @@ krb5_error_code principal_from_credentials(TALLOC_CTX *parent_ctx, struct smb_krb5_context *smb_krb5_context, krb5_principal *princ); NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, struct PAC_DATA **pac_data_out, DATA_BLOB blob, krb5_context context, @@ -120,6 +121,7 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx, time_t tgs_authtime, krb5_error_code *k5ret); NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, struct PAC_LOGON_INFO **logon_info, DATA_BLOB blob, krb5_context context, @@ -129,12 +131,14 @@ NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx, time_t tgs_authtime, krb5_error_code *k5ret); krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, struct PAC_DATA *pac_data, krb5_context context, const krb5_keyblock *krbtgt_keyblock, const krb5_keyblock *service_keyblock, DATA_BLOB *pac); krb5_error_code kerberos_create_pac(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, struct auth_serversupplied_info *server_info, krb5_context context, const krb5_keyblock *krbtgt_keyblock, diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c index c46e06bc72..e485f75302 100644 --- a/source4/auth/kerberos/kerberos_pac.c +++ b/source4/auth/kerberos/kerberos_pac.c @@ -66,6 +66,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } NTSTATUS kerberos_decode_pac(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, struct PAC_DATA **pac_data_out, DATA_BLOB blob, krb5_context context, @@ -86,7 +87,6 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, struct PAC_LOGON_NAME *logon_name = NULL; struct PAC_DATA *pac_data; struct PAC_DATA_RAW *pac_data_raw; - struct smb_iconv_convenience *iconv_convenience = lp_iconv_convenience(global_loadparm); DATA_BLOB *srv_sig_blob = NULL; DATA_BLOB *kdc_sig_blob = NULL; @@ -340,6 +340,7 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } _PUBLIC_ NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, struct PAC_LOGON_INFO **logon_info, DATA_BLOB blob, krb5_context context, @@ -352,7 +353,9 @@ _PUBLIC_ NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx, NTSTATUS nt_status; struct PAC_DATA *pac_data; int i; - nt_status = kerberos_decode_pac(mem_ctx, &pac_data, + nt_status = kerberos_decode_pac(mem_ctx, + iconv_convenience, + &pac_data, blob, context, krbtgt_keyblock, @@ -423,6 +426,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, } krb5_error_code kerberos_encode_pac(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, struct PAC_DATA *pac_data, krb5_context context, const krb5_keyblock *krbtgt_keyblock, @@ -437,7 +441,6 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, struct PAC_SIGNATURE_DATA *kdc_checksum = NULL; struct PAC_SIGNATURE_DATA *srv_checksum = NULL; int i; - struct smb_iconv_convenience *iconv_convenience = lp_iconv_convenience(global_loadparm); /* First, just get the keytypes filled in (and lengths right, eventually) */ for (i=0; i < pac_data->num_buffers; i++) { @@ -528,6 +531,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, krb5_error_code kerberos_create_pac(TALLOC_CTX *mem_ctx, + struct smb_iconv_convenience *iconv_convenience, struct auth_serversupplied_info *server_info, krb5_context context, const krb5_keyblock *krbtgt_keyblock, @@ -640,6 +644,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, unix_to_nt_time(&LOGON_NAME->logon_time, tgs_authtime); ret = kerberos_encode_pac(mem_ctx, + iconv_convenience, pac_data, context, krbtgt_keyblock, |