diff options
| author | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-10-12 19:09:18 +0200 |
|---|---|---|
| committer | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-10-14 10:50:43 +0200 |
| commit | e9686985cbf1f5234d9e9731176b1eb4e02911e8 (patch) | |
| tree | 0426dc196c4223079f11c29c465b631e7d0eecdd /source4/auth | |
| parent | ccfbe7bcb1f09530091ad6c986eae19a378bd2ea (diff) | |
| download | samba-e9686985cbf1f5234d9e9731176b1eb4e02911e8.tar.gz | |
s4: Changes the old occurences of "lp_realm" in "lp_dnsdomain" where needed
For KERBEROS applications the realm should be upcase (function "lp_realm") but
for DNS ones it should be used lowcase (function "lp_dnsdomain"). This patch
implements the use of both in the right way.
Diffstat (limited to 'source4/auth')
| -rw-r--r-- | source4/auth/gensec/gensec_gssapi.c | 14 | ||||
| -rw-r--r-- | source4/auth/kerberos/krb5_init_context.c | 13 |
2 files changed, 9 insertions, 18 deletions
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index a23f913264b..2759ab41c30 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -147,6 +147,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security) struct gensec_gssapi_state *gensec_gssapi_state; krb5_error_code ret; struct gsskrb5_send_to_kdc send_to_kdc; + const char *realm; gensec_gssapi_state = talloc(gensec_security, struct gensec_gssapi_state); if (!gensec_gssapi_state) { @@ -226,15 +227,10 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security) talloc_free(gensec_gssapi_state); return NT_STATUS_INTERNAL_ERROR; } - if (lp_realm(gensec_security->settings->lp_ctx) && *lp_realm(gensec_security->settings->lp_ctx)) { - char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(gensec_security->settings->lp_ctx)); - if (!upper_realm) { - DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(gensec_security->settings->lp_ctx))); - talloc_free(gensec_gssapi_state); - return NT_STATUS_NO_MEMORY; - } - ret = gsskrb5_set_default_realm(upper_realm); - talloc_free(upper_realm); + + realm = lp_realm(gensec_security->settings->lp_ctx); + if (realm != NULL) { + ret = gsskrb5_set_default_realm(realm); if (ret) { DEBUG(1,("gensec_krb5_start: gsskrb5_set_default_realm failed\n")); talloc_free(gensec_gssapi_state); diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c index 04f0718a62e..c00d7b16182 100644 --- a/source4/auth/kerberos/krb5_init_context.c +++ b/source4/auth/kerberos/krb5_init_context.c @@ -368,7 +368,7 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, krb5_error_code ret; TALLOC_CTX *tmp_ctx; char **config_files; - const char *config_file; + const char *config_file, *realm; initialize_krb5_error_table(); @@ -415,14 +415,9 @@ krb5_error_code smb_krb5_init_context(void *parent_ctx, return ret; } - if (lp_realm(lp_ctx) && *lp_realm(lp_ctx)) { - char *upper_realm = strupper_talloc(tmp_ctx, lp_realm(lp_ctx)); - if (!upper_realm) { - DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(lp_ctx))); - talloc_free(tmp_ctx); - return ENOMEM; - } - ret = krb5_set_default_realm((*smb_krb5_context)->krb5_context, upper_realm); + realm = lp_realm(lp_ctx); + if (realm != NULL) { + ret = krb5_set_default_realm((*smb_krb5_context)->krb5_context, realm); if (ret) { DEBUG(1,("krb5_set_default_realm failed (%s)\n", smb_get_krb5_error_message((*smb_krb5_context)->krb5_context, ret, tmp_ctx))); |