diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-10-28 05:14:51 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:45:23 -0500 |
commit | 256a872763f1a5811cf021612b89517433faf5a2 (patch) | |
tree | a162c2ab51f7afe2603ee89361364911c4c98ef0 /source4/dsdb/samdb | |
parent | 09bfb8ffb06145308aa31543faa9f5f102ac2642 (diff) | |
download | samba-256a872763f1a5811cf021612b89517433faf5a2.tar.gz samba-256a872763f1a5811cf021612b89517433faf5a2.tar.bz2 samba-256a872763f1a5811cf021612b89517433faf5a2.zip |
r11356: More cracknames work. This copes with a lookup for a
servicePrincipalName with a realm, which always returns 'domain only',
with the realm as the domain.
Andrew Bartlett
(This used to be commit 476cd0c649d69f682dee27c1ae2a73b870b300d0)
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r-- | source4/dsdb/samdb/cracknames.c | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c index b5c10176b6..16afccda81 100644 --- a/source4/dsdb/samdb/cracknames.c +++ b/source4/dsdb/samdb/cracknames.c @@ -408,7 +408,27 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx, krb5_principal principal; char *unparsed_name_short; ret = krb5_parse_name_norealm(smb_krb5_context->krb5_context, name, &principal); - if (ret || (principal->name.name_string.len < 2)) { + if (ret) { + /* perhaps it's a principal with a realm, so return the right 'domain only' response */ + char **realm; + ret = krb5_parse_name_mustrealm(smb_krb5_context->krb5_context, name, &principal); + if (ret) { + info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND; + return WERR_OK; + } + + /* This isn't an allocation assignemnt, so it is free'ed with the krb5_free_principal */ + realm = krb5_princ_realm(smb_krb5_context->krb5_context, principal); + + info1->dns_domain_name = talloc_strdup(info1, *realm); + krb5_free_principal(smb_krb5_context->krb5_context, principal); + + WERR_TALLOC_CHECK(info1->dns_domain_name); + + info1->status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY; + return WERR_OK; + + } else if (principal->name.name_string.len < 2) { info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND; return WERR_OK; } |