diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-03-27 23:11:06 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-04-10 21:40:59 +1000 |
commit | f2b63d58da895d11ed490dddd5df30c777369fad (patch) | |
tree | ebc5dc70d94fe1e1b0daa19f5513f7d0fca49dd8 /source4/kdc/db-glue.c | |
parent | 1d59abc724a9ad01fdc61f3e6cfdf41c9f4cb910 (diff) | |
download | samba-f2b63d58da895d11ed490dddd5df30c777369fad.tar.gz samba-f2b63d58da895d11ed490dddd5df30c777369fad.tar.bz2 samba-f2b63d58da895d11ed490dddd5df30c777369fad.zip |
s4:kdc Add functions to hdb-samba4 for the new s4u2self callback.
For now, this shares the 'if it's the same host' system with the
constrained delegation code.
Andrew Bartlett
Diffstat (limited to 'source4/kdc/db-glue.c')
-rw-r--r-- | source4/kdc/db-glue.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c index a54f8f59cf..8871b0ebf8 100644 --- a/source4/kdc/db-glue.c +++ b/source4/kdc/db-glue.c @@ -1403,15 +1403,17 @@ krb5_error_code samba_kdc_nextkey(krb5_context context, return samba_kdc_seq(context, kdc_db_ctx, entry); } -/* Check if a given entry may delegate to this target principal +/* Check if a given entry may delegate or do s4u2self to this target principal * * This is currently a very nasty hack - allowing only delegation to itself. + * + * This is shared between the constrained delegation and S4U2Self code. */ krb5_error_code -samba_kdc_check_constrained_delegation(krb5_context context, - struct samba_kdc_db_context *kdc_db_ctx, - hdb_entry_ex *entry, - krb5_const_principal target_principal) +samba_kdc_check_identical_client_and_server(krb5_context context, + struct samba_kdc_db_context *kdc_db_ctx, + hdb_entry_ex *entry, + krb5_const_principal target_principal) { krb5_error_code ret; krb5_principal enterprise_prinicpal = NULL; |