summaryrefslogtreecommitdiff
path: root/source4/heimdal/kdc
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-11-13 03:19:59 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:25:31 -0500
commit5a6288f45891be30bd8e22978f61faf487214de6 (patch)
treeb0eeb8a90125bc818ab6057a025da67facec916d /source4/heimdal/kdc
parent9d7856122e9ddd1b87ff68215669bff3c28bcafd (diff)
downloadsamba-5a6288f45891be30bd8e22978f61faf487214de6.tar.gz
samba-5a6288f45891be30bd8e22978f61faf487214de6.tar.bz2
samba-5a6288f45891be30bd8e22978f61faf487214de6.zip
r19681: Update to current lorikeet-heimdal. I'm looking at using the realm
lookup plugin, the new PAC validation code as well as Heimdal's SPNEGO implementation. Andrew Bartlett (This used to be commit 05421f45ed7811697ea491e26c9d991a7faa1a64)
Diffstat (limited to 'source4/heimdal/kdc')
-rw-r--r--source4/heimdal/kdc/kdc-private.h1
-rw-r--r--source4/heimdal/kdc/kerberos5.c3
-rwxr-xr-xsource4/heimdal/kdc/pkinit.c7
3 files changed, 4 insertions, 7 deletions
diff --git a/source4/heimdal/kdc/kdc-private.h b/source4/heimdal/kdc/kdc-private.h
index 8c2f56002d..6d4fd2a29b 100644
--- a/source4/heimdal/kdc/kdc-private.h
+++ b/source4/heimdal/kdc/kdc-private.h
@@ -186,7 +186,6 @@ krb5_error_code
_kdc_pk_check_client (
krb5_context /*context*/,
krb5_kdc_configuration */*config*/,
- krb5_principal /*client_princ*/,
const hdb_entry_ex */*client*/,
pk_client_params */*client_params*/,
char **/*subject_name*/);
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c
index 84c16190f9..dd88e2ea50 100644
--- a/source4/heimdal/kdc/kerberos5.c
+++ b/source4/heimdal/kdc/kerberos5.c
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: kerberos5.c,v 1.224 2006/11/04 17:05:28 lha Exp $");
+RCSID("$Id: kerberos5.c,v 1.225 2006/11/10 03:36:32 lha Exp $");
#define MAX_TIME ((time_t)((1U << 31) - 1))
@@ -936,7 +936,6 @@ _kdc_as_rep(krb5_context context,
ret = _kdc_pk_check_client(context,
config,
- client_princ,
client,
pkp,
&client_cert);
diff --git a/source4/heimdal/kdc/pkinit.c b/source4/heimdal/kdc/pkinit.c
index 1a300cce3e..6657ab7c44 100755
--- a/source4/heimdal/kdc/pkinit.c
+++ b/source4/heimdal/kdc/pkinit.c
@@ -33,7 +33,7 @@
#include "kdc_locl.h"
-RCSID("$Id: pkinit.c,v 1.73 2006/11/07 17:24:57 lha Exp $");
+RCSID("$Id: pkinit.c,v 1.74 2006/11/10 03:37:43 lha Exp $");
#ifdef PKINIT
@@ -1227,7 +1227,6 @@ out:
krb5_error_code
_kdc_pk_check_client(krb5_context context,
krb5_kdc_configuration *config,
- krb5_principal client_princ,
const hdb_entry_ex *client,
pk_client_params *client_params,
char **subject_name)
@@ -1255,7 +1254,7 @@ _kdc_pk_check_client(krb5_context context,
if (config->enable_pkinit_princ_in_cert) {
ret = pk_principal_from_X509(context, config,
client_params->cert,
- client_princ);
+ client->entry.principal);
if (ret == 0) {
kdc_log(context, config, 5,
"Found matching PK-INIT SAN in certificate");
@@ -1289,7 +1288,7 @@ _kdc_pk_check_client(krb5_context context,
krb5_boolean b;
b = krb5_principal_compare(context,
- client_princ,
+ client->entry.principal,
principal_mappings.val[i].principal);
if (b == FALSE)
continue;