summaryrefslogtreecommitdiff
path: root/source4/kdc
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-07-04 02:36:16 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:19:09 -0500
commitdbd2688c9042faaa44f4d89068a8351523233875 (patch)
tree31cc633ae8f0f6a2437b3f726455548d9a6a051e /source4/kdc
parent06348629b921adb6262e0f3d9a9c244568e2a78f (diff)
downloadsamba-dbd2688c9042faaa44f4d89068a8351523233875.tar.gz
samba-dbd2688c9042faaa44f4d89068a8351523233875.tar.bz2
samba-dbd2688c9042faaa44f4d89068a8351523233875.zip
r8110: More PAC work. I still can't get WinXP to accept the PAC, but we are
much closer. This changes PIDL to allow a subcontext to have a pad8 flag, saying to pad behind to an 8 byte boundary. This is the only way I can explain the 4 trainling zeros in the signature struct. Far more importantly, the PAC code is now under self-test, both in creating/parsing our own PAC, but also a PAC from my win2k3 server. This required changing auth_anonymous, because I wanted to reuse the anonymous 'server_info' generation code. I'm still having trouble with PIDL, particulary as surrounds value(), but I'll follow up on the list. Andrew Bartlett (This used to be commit 50a54bf4e9bf04d2a8e0aebb3482a2ff655c8bbb)
Diffstat (limited to 'source4/kdc')
-rw-r--r--source4/kdc/pac-glue.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index 52685083bd..c986d60fdf 100644
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -37,6 +37,7 @@
struct auth_serversupplied_info *server_info;
char *username, *p;
const char *realm;
+ DATA_BLOB tmp_blob;
TALLOC_CTX *mem_ctx = talloc_named(config, 0, "samba_get_pac context");
if (!mem_ctx) {
return ENOMEM;
@@ -73,9 +74,16 @@
context,
krbtgt_keyblock,
server_keyblock,
- pac);
+ &tmp_blob);
+ if (ret) {
+ DEBUG(1, ("PAC encoding failed: %s\n",
+ smb_get_krb5_error_message(context, ret, mem_ctx)));
+ talloc_free(mem_ctx);
+ return ret;
+ }
+
+ ret = krb5_data_copy(pac, tmp_blob.data, tmp_blob.length);
talloc_free(mem_ctx);
-
return ret;
}