From 906c142423dde9518a49eaa4819011d99216c711 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 30 Dec 2005 03:57:11 +0000 Subject: r12594: Jelmer pushed some proposed header reductions to the list today. This commits some of these that I know to be correct in the kerberos area. Andrew Bartlett (This used to be commit 6787b3737c27f5136152b007b0ee2ae314efac3c) --- source4/auth/kerberos/kerberos_verify.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'source4/auth/kerberos/kerberos_verify.c') diff --git a/source4/auth/kerberos/kerberos_verify.c b/source4/auth/kerberos/kerberos_verify.c index 020b63478e..29d704b148 100644 --- a/source4/auth/kerberos/kerberos_verify.c +++ b/source4/auth/kerberos/kerberos_verify.c @@ -24,12 +24,8 @@ */ #include "includes.h" -#include "system/network.h" #include "system/kerberos.h" #include "auth/kerberos/kerberos.h" -#include "asn_1.h" -#include "lib/ldb/include/ldb.h" -#include "secrets.h" #ifdef HAVE_KRB5 @@ -57,10 +53,6 @@ struct keytab_container *keytab_container; - /* This whole process is far more complex than I would - like. We have to go through all this to allow us to store - the secret internally, instead of using /etc/krb5.keytab */ - /* * TODO: Actually hook in the replay cache in Heimdal, then * re-add calls to setup a replay cache here, in our private @@ -70,11 +62,13 @@ packet.length = enc_ticket->length; packet.data = (krb5_pointer)enc_ticket->data; + /* Grab the keytab, however generated */ ret = cli_credentials_get_keytab(machine_account, &keytab_container); if (ret) { return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } + /* This ensures we lookup the correct entry in that keytab */ ret = principal_from_credentials(mem_ctx, machine_account, smb_krb5_context, &server); if (ret == 0) { -- cgit