From f7776975080c88bec9013ccac8185c582e818e54 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 9 May 2006 19:02:26 +0000 Subject: r15523: Honour the time_offset also when verifying kerberos tickets. This prevents a nasty failure condition in winbindd's pam_auth where a tgt and a service ticket could have been succefully retrieved, but just not validated. Guenther (This used to be commit a75dd80c6210d01aff104a86b0a9d39d65f2c348) --- source3/utils/ntlm_auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils') diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index 2e879cc113..ef24f9f161 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -916,7 +916,7 @@ static void manage_gss_spnego_request(enum stdio_helper_mode stdio_helper_mode, response.negTokenTarg.mechListMIC = data_blob(NULL, 0); response.negTokenTarg.responseToken = data_blob(NULL, 0); - status = ads_verify_ticket(mem_ctx, lp_realm(), + status = ads_verify_ticket(mem_ctx, lp_realm(), 0, &request.negTokenInit.mechToken, &principal, NULL, &ap_rep, &session_key); -- cgit