diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-07-04 02:36:16 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:19:09 -0500 |
commit | dbd2688c9042faaa44f4d89068a8351523233875 (patch) | |
tree | 31cc633ae8f0f6a2437b3f726455548d9a6a051e /source4/kdc | |
parent | 06348629b921adb6262e0f3d9a9c244568e2a78f (diff) | |
download | samba-dbd2688c9042faaa44f4d89068a8351523233875.tar.gz samba-dbd2688c9042faaa44f4d89068a8351523233875.tar.bz2 samba-dbd2688c9042faaa44f4d89068a8351523233875.zip |
r8110: More PAC work. I still can't get WinXP to accept the PAC, but we are
much closer.
This changes PIDL to allow a subcontext to have a pad8 flag, saying to
pad behind to an 8 byte boundary. This is the only way I can explain
the 4 trainling zeros in the signature struct.
Far more importantly, the PAC code is now under self-test, both in
creating/parsing our own PAC, but also a PAC from my win2k3 server.
This required changing auth_anonymous, because I wanted to reuse the
anonymous 'server_info' generation code.
I'm still having trouble with PIDL, particulary as surrounds value(),
but I'll follow up on the list.
Andrew Bartlett
(This used to be commit 50a54bf4e9bf04d2a8e0aebb3482a2ff655c8bbb)
Diffstat (limited to 'source4/kdc')
-rw-r--r-- | source4/kdc/pac-glue.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 52685083bd..c986d60fdf 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -37,6 +37,7 @@ struct auth_serversupplied_info *server_info; char *username, *p; const char *realm; + DATA_BLOB tmp_blob; TALLOC_CTX *mem_ctx = talloc_named(config, 0, "samba_get_pac context"); if (!mem_ctx) { return ENOMEM; @@ -73,9 +74,16 @@ context, krbtgt_keyblock, server_keyblock, - pac); + &tmp_blob); + if (ret) { + DEBUG(1, ("PAC encoding failed: %s\n", + smb_get_krb5_error_message(context, ret, mem_ctx))); + talloc_free(mem_ctx); + return ret; + } + + ret = krb5_data_copy(pac, tmp_blob.data, tmp_blob.length); talloc_free(mem_ctx); - return ret; } |