From 9a9cb35cbd96d813f047c4b57a8b8c0c0cb7c25b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 22 Dec 2005 06:50:04 +0000 Subject: r12422: Some kerberos comments and clarifications. Andrew Bartlett (This used to be commit 31046cd22b45de6c62c9f122a81cfc898e818308) --- source4/auth/kerberos/kerberos_util.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'source4/auth/kerberos/kerberos_util.c') diff --git a/source4/auth/kerberos/kerberos_util.c b/source4/auth/kerberos/kerberos_util.c index d8c650b098..d3edd1b26c 100644 --- a/source4/auth/kerberos/kerberos_util.c +++ b/source4/auth/kerberos/kerberos_util.c @@ -89,6 +89,8 @@ krb5_error_code salt_principal_from_credentials(TALLOC_CTX *parent_ctx, } if (ret == 0) { + /* This song-and-dance effectivly puts the principal + * into talloc, so we can't loose it. */ mem_ctx->smb_krb5_context = talloc_reference(mem_ctx, smb_krb5_context); mem_ctx->principal = *salt_princ; talloc_set_destructor(mem_ctx, free_principal); @@ -115,7 +117,8 @@ krb5_error_code principal_from_credentials(TALLOC_CTX *parent_ctx, princ_string = cli_credentials_get_principal(credentials, mem_ctx); - /* A NULL here has meaning, as the gssapi server case will then use the principal from the client */ + /* A NULL here has meaning, as the gssapi server case will + * then use the principal from the client */ if (!princ_string) { talloc_free(mem_ctx); princ = NULL; @@ -548,7 +551,7 @@ static krb5_error_code remove_old_entries(TALLOC_CTX *parent_ctx, * because deletes during enumeration may not * always be consistant. * - * Also, the enumeration locks the keytab + * Also, the enumeration locks a FILE: keytab */ krb5_kt_end_seq_get(smb_krb5_context->krb5_context, keytab, &cursor); -- cgit