From 654a21178fa7e908e3a2be42d5522ea1b1b23250 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 28 Jan 2006 12:19:20 +0000 Subject: r13207: Use the new API for using/not using kerbeors in hdb-ldb.c Update the rootdse module to use the new schema. Andrew Bartlett (This used to be commit b0b150d08ac39ed486071487826da2e306db6a0b) --- source4/dsdb/samdb/ldb_modules/rootdse.c | 6 +++++- source4/kdc/hdb-ldb.c | 8 +++----- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 0bf63f30ae..fc1bfa824e 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -83,7 +83,11 @@ static int rootdse_add_dynamic(struct ldb_module *module, struct ldb_request *re server_creds = talloc_get_type(ldb_get_opaque(module->ldb, "server_credentials"), struct cli_credentials); if (do_attribute(s->attrs, "supportedSASLMechanisms")) { - const struct gensec_security_ops **ops = cli_credentials_gensec_list(server_creds); + struct gensec_security_ops **backends = gensec_security_all(); + enum credentials_use_kerberos use_kerberos + = cli_credentials_get_kerberos_state(server_creds); + struct gensec_security_ops **ops + = gensec_use_kerberos_mechs(req, backends, use_kerberos); int i; for (i = 0; ops && ops[i]; i++) { if (ops[i]->sasl_name) { diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c index a155e24e7e..86c1b048a7 100644 --- a/source4/kdc/hdb-ldb.c +++ b/source4/kdc/hdb-ldb.c @@ -958,6 +958,7 @@ NTSTATUS kdc_hdb_ldb_create(TALLOC_CTX *mem_ctx, { NTSTATUS nt_status; struct auth_session_info *session_info; + struct gensec_security_ops **not_kerberos_list; *db = talloc(mem_ctx, HDB); if (!*db) { krb5_set_error_string(context, "malloc: out of memory"); @@ -980,11 +981,8 @@ NTSTATUS kdc_hdb_ldb_create(TALLOC_CTX *mem_ctx, * certificates, for now it will almost certainly be NTLMSSP */ - nt_status = cli_credentials_gensec_remove_oid(session_info->credentials, - GENSEC_OID_KERBEROS5); - if (!NT_STATUS_IS_OK(nt_status)) { - return nt_status; - } + cli_credentials_set_kerberos_state(session_info->credentials, + CRED_DONT_USE_KERBEROS); /* Setup the link to LDB */ (*db)->hdb_db = samdb_connect(*db, session_info); -- cgit