diff options
author | Stefan Metzmacher <metze@samba.org> | 2015-03-20 15:29:30 +0100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2015-03-20 23:25:53 +0100 |
commit | 8b2cada705644dd398b0eed73c43b53483f00f71 (patch) | |
tree | 5fb91bdaf03b3fd5557c1c5fd4986536b74d1165 /source4/kdc/db-glue.c | |
parent | 463be9f676b93c39f5fed3e3b8903bfb21d9c380 (diff) | |
download | samba-8b2cada705644dd398b0eed73c43b53483f00f71.tar.gz |
s4:kdc/db-glue: pass a valid principal from samba_kdc_seq() to samba_kdc_message2entry()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source4/kdc/db-glue.c')
-rw-r--r-- | source4/kdc/db-glue.c | 37 |
1 files changed, 31 insertions, 6 deletions
diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c index 33eeb986d94..94917a3b0e3 100644 --- a/source4/kdc/db-glue.c +++ b/source4/kdc/db-glue.c @@ -1707,6 +1707,10 @@ static krb5_error_code samba_kdc_seq(krb5_context context, { krb5_error_code ret; struct samba_kdc_seq *priv = kdc_db_ctx->seq_ctx; + const char *realm = lpcfg_realm(kdc_db_ctx->lp_ctx); + struct ldb_message *msg = NULL; + const char *sAMAccountName = NULL; + krb5_principal principal = NULL; TALLOC_CTX *mem_ctx; if (!priv) { @@ -1721,13 +1725,34 @@ static krb5_error_code samba_kdc_seq(krb5_context context, return ret; } - if (priv->index < priv->count) { - ret = samba_kdc_message2entry(context, kdc_db_ctx, mem_ctx, - NULL, SAMBA_KDC_ENT_TYPE_ANY, - HDB_F_ADMIN_DATA|HDB_F_GET_ANY, - priv->realm_dn, priv->msgs[priv->index++], entry); - } else { + while (priv->index < priv->count) { + msg = priv->msgs[priv->index++]; + + sAMAccountName = ldb_msg_find_attr_as_string(msg, "sAMAccountName", NULL); + if (sAMAccountName != NULL) { + break; + } + } + + if (sAMAccountName == NULL) { ret = HDB_ERR_NOENTRY; + goto out; + } + + ret = smb_krb5_make_principal(context, &principal, + realm, sAMAccountName, NULL); + if (ret != 0) { + goto out; + } + + ret = samba_kdc_message2entry(context, kdc_db_ctx, mem_ctx, + principal, SAMBA_KDC_ENT_TYPE_ANY, + HDB_F_ADMIN_DATA|HDB_F_GET_ANY, + priv->realm_dn, msg, entry); + +out: + if (principal != NULL) { + krb5_free_principal(context, principal); } if (ret != 0) { |