From 454b0b3f20ee8bdf56a12930261391e06567169c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 6 May 2010 12:45:14 +1000 Subject: s3:kerberos Return PAC_LOGON_INFO rather than the full PAC_DATA MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit All the callers just want the PAC_LOGON_INFO, so search for that in ads_verify_ticket(), and don't bother the callers with the rest of the PAC. This change makes sense on it's own (removing boilerplate wrappers that just confuse the code), but it also makes it much easier to implement a matching ads_verify_ticket() function in Samba4 for the s3compat proposal. Andrew Bartlett Signed-off-by: Günther Deschner --- source3/smbd/sesssetup.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) (limited to 'source3/smbd/sesssetup.c') diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index a00a362537..df39aed0ed 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -243,7 +243,6 @@ static void reply_spnego_kerberos(struct smb_request *req, fstring user; int sess_vuid = req->vuid; NTSTATUS ret = NT_STATUS_OK; - struct PAC_DATA *pac_data = NULL; DATA_BLOB ap_rep, ap_rep_wrapped, response; struct auth_serversupplied_info *server_info = NULL; DATA_BLOB session_key = data_blob_null; @@ -276,7 +275,7 @@ static void reply_spnego_kerberos(struct smb_request *req, } ret = ads_verify_ticket(mem_ctx, lp_realm(), 0, &ticket, - &client, &pac_data, &ap_rep, + &client, &logon_info, &ap_rep, &session_key, True); data_blob_free(&ticket); @@ -353,11 +352,8 @@ static void reply_spnego_kerberos(struct smb_request *req, /* save the PAC data if we have it */ - if (pac_data) { - logon_info = get_logon_info_from_pac(pac_data); - if (logon_info) { - netsamlogon_cache_store( client, &logon_info->info3 ); - } + if (logon_info) { + netsamlogon_cache_store( client, &logon_info->info3 ); } if (!strequal(p+1, lp_realm())) { -- cgit