diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-12-11 08:31:46 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:47:16 -0500 |
| commit | 172a8b477eec45b016ddcf0d4b74eba220eaf30b (patch) | |
| tree | b9dbdcd90bcdb1cf0a3ccd8d14f07efade45a1f4 /source4/kdc/pac-glue.c | |
| parent | f4f1d37b4843f1c529d72a4d0bb3df71c0e47dcb (diff) | |
| download | samba-172a8b477eec45b016ddcf0d4b74eba220eaf30b.tar.gz samba-172a8b477eec45b016ddcf0d4b74eba220eaf30b.tar.bz2 samba-172a8b477eec45b016ddcf0d4b74eba220eaf30b.zip | |
r12179: Allow our KDC to use LDAP to get to the backend database.
To avoid a circular depenency, it is not allowed to use Krb5 as an
authentication mechanism, so this must be removed from the list. An
extension to the credentials system allows this function.
Also remove proto.h use for any of the KDC, and use NTSTATUS returns
in more places.
Andrew Bartlett
(This used to be commit 5f9dddd02c9c821675d2ccd07561a55edcd7f5b4)
Diffstat (limited to 'source4/kdc/pac-glue.c')
| -rw-r--r-- | source4/kdc/pac-glue.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index bd4d3e6a2f..79e7b3c5a7 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -81,7 +81,7 @@ static krb5_error_code samba_get_pac(krb5_context context, } /* Wrap the PAC in the right ASN.1. Will always free 'pac', on success or failure */ -krb5_error_code wrap_pac(krb5_context context, krb5_data *pac, AuthorizationData **out) +static krb5_error_code wrap_pac(krb5_context context, krb5_data *pac, AuthorizationData **out) { krb5_error_code ret; @@ -144,7 +144,7 @@ krb5_error_code wrap_pac(krb5_context context, krb5_data *pac, AuthorizationData set, or if they specificaly asked not to get it. */ - krb5_error_code hdb_ldb_authz_data_as_req(krb5_context context, struct hdb_entry_ex *entry_ex, +krb5_error_code hdb_ldb_authz_data_as_req(krb5_context context, struct hdb_entry_ex *entry_ex, METHOD_DATA* pa_data_seq, time_t authtime, EncryptionKey *tgtkey, @@ -204,7 +204,7 @@ krb5_error_code wrap_pac(krb5_context context, krb5_data *pac, AuthorizationData /* Resign (and reform, including possibly new groups) a PAC */ - krb5_error_code hdb_ldb_authz_data_tgs_req(krb5_context context, struct hdb_entry_ex *entry_ex, +krb5_error_code hdb_ldb_authz_data_tgs_req(krb5_context context, struct hdb_entry_ex *entry_ex, krb5_principal client, AuthorizationData *in, time_t authtime, @@ -316,7 +316,7 @@ krb5_error_code wrap_pac(krb5_context context, krb5_data *pac, AuthorizationData /* Given an hdb entry (and in particular it's private member), consult * the account_ok routine in auth/auth_sam.c for consistancy */ - krb5_error_code hdb_ldb_check_client_access(krb5_context context, hdb_entry_ex *entry_ex, +krb5_error_code hdb_ldb_check_client_access(krb5_context context, hdb_entry_ex *entry_ex, HostAddresses *addresses) { krb5_error_code ret; |