diff options
| author | Günther Deschner <gd@samba.org> | 2014-03-11 18:07:11 +0100 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2014-03-12 10:13:20 +0100 |
| commit | a8c2807a26d2f1ff094ed7ea5724c0394f79b888 (patch) | |
| tree | dfaacb872f6009007bee97f98cd6281b9a8050f7 /source3/libads | |
| parent | 1270e35ba70a4e4881512d375c767023512f67bd (diff) | |
| download | samba-a8c2807a26d2f1ff094ed7ea5724c0394f79b888.tar.gz | |
s3-kerberos: let kerberos_return_pac() return a PAC container.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'source3/libads')
| -rw-r--r-- | source3/libads/authdata.c | 29 | ||||
| -rw-r--r-- | source3/libads/kerberos_proto.h | 7 |
2 files changed, 27 insertions, 9 deletions
diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c index 53e40ef71b8..276408d880e 100644 --- a/source3/libads/authdata.c +++ b/source3/libads/authdata.c @@ -53,6 +53,7 @@ static NTSTATUS kerberos_fetch_pac(struct auth4_context *auth_ctx, { TALLOC_CTX *tmp_ctx; struct PAC_DATA *pac_data = NULL; + struct PAC_DATA_CTR *pac_data_ctr = NULL; NTSTATUS status = NT_STATUS_INTERNAL_ERROR; tmp_ctx = talloc_new(mem_ctx); @@ -74,9 +75,21 @@ static NTSTATUS kerberos_fetch_pac(struct auth4_context *auth_ctx, } } - talloc_set_name_const(pac_data, "struct PAC_DATA"); + pac_data_ctr = talloc(mem_ctx, struct PAC_DATA_CTR); + if (pac_data_ctr == NULL) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + + talloc_set_name_const(pac_data_ctr, "struct PAC_DATA_CTR"); + + pac_data_ctr->pac_data = talloc_steal(pac_data_ctr, pac_data); + pac_data_ctr->pac_blob = data_blob_talloc(pac_data_ctr, + pac_blob->data, + pac_blob->length); + + auth_ctx->private_data = talloc_steal(auth_ctx, pac_data_ctr); - auth_ctx->private_data = talloc_steal(auth_ctx, pac_data); *session_info = talloc_zero(mem_ctx, struct auth_session_info); if (!*session_info) { status = NT_STATUS_NO_MEMORY; @@ -108,7 +121,7 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx, time_t renewable_time, const char *impersonate_princ_s, const char *local_service, - struct PAC_DATA **_pac_data) + struct PAC_DATA_CTR **_pac_data_ctr) { krb5_error_code ret; NTSTATUS status = NT_STATUS_INVALID_PARAMETER; @@ -122,7 +135,7 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx, size_t idx = 0; struct auth4_context *auth_context; struct loadparm_context *lp_ctx; - struct PAC_DATA *pac_data = NULL; + struct PAC_DATA_CTR *pac_data_ctr = NULL; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); NT_STATUS_HAVE_NO_MEMORY(tmp_ctx); @@ -278,15 +291,15 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx, goto out; } - pac_data = talloc_get_type_abort(gensec_server_context->auth_context->private_data, - struct PAC_DATA); - if (pac_data == NULL) { + pac_data_ctr = talloc_get_type_abort(gensec_server_context->auth_context->private_data, + struct PAC_DATA_CTR); + if (pac_data_ctr == NULL) { DEBUG(1,("no PAC\n")); status = NT_STATUS_INVALID_PARAMETER; goto out; } - *_pac_data = talloc_move(mem_ctx, &pac_data); + *_pac_data_ctr = talloc_move(mem_ctx, &pac_data_ctr); out: talloc_free(tmp_ctx); diff --git a/source3/libads/kerberos_proto.h b/source3/libads/kerberos_proto.h index b2f74865afe..3d0ad4bb89a 100644 --- a/source3/libads/kerberos_proto.h +++ b/source3/libads/kerberos_proto.h @@ -34,6 +34,11 @@ struct PAC_DATA; +struct PAC_DATA_CTR { + DATA_BLOB pac_blob; + struct PAC_DATA *pac_data; +}; + #include "libads/ads_status.h" /* The following definitions come from libads/kerberos.c */ @@ -78,7 +83,7 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx, time_t renewable_time, const char *impersonate_princ_s, const char *local_service, - struct PAC_DATA **pac_data); + struct PAC_DATA_CTR **pac_data_ctr); /* The following definitions come from libads/krb5_setpw.c */ |