diff options
| author | Andreas Schneider <asn@samba.org> | 2016-09-29 02:04:00 +0200 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2017-04-29 23:31:11 +0200 |
| commit | bff4311ec4c4a8bcc9cfbee7cbf7cf6138f0c306 (patch) | |
| tree | a2766976791f0a05fb250ef2ed73650504a801c6 /source4/kdc | |
| parent | e240cff59137ee3f9234f5eb0da30d70a61cc85d (diff) | |
| download | samba-bff4311ec4c4a8bcc9cfbee7cbf7cf6138f0c306.tar.gz | |
s4-kdc: Use mit_samba_get_pac() in ks_get_pac()
This adds UPN_DNS_INFO to the PAC.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Diffstat (limited to 'source4/kdc')
| -rw-r--r-- | source4/kdc/mit-kdb/kdb_samba_policies.c | 30 |
1 files changed, 8 insertions, 22 deletions
diff --git a/source4/kdc/mit-kdb/kdb_samba_policies.c b/source4/kdc/mit-kdb/kdb_samba_policies.c index 396e6fe9d31..8c3a85b1f1f 100644 --- a/source4/kdc/mit-kdb/kdb_samba_policies.c +++ b/source4/kdc/mit-kdb/kdb_samba_policies.c @@ -155,11 +155,10 @@ done: static krb5_error_code ks_get_pac(krb5_context context, krb5_db_entry *client, + krb5_keyblock *client_key, krb5_pac *pac) { struct mit_samba_context *mit_ctx; - DATA_BLOB pac_data; - krb5_data data; krb5_error_code code; mit_ctx = ks_get_context(context); @@ -167,27 +166,15 @@ static krb5_error_code ks_get_pac(krb5_context context, return KRB5_KDB_DBNOTINITED; } - code = mit_samba_get_pac_data(mit_ctx, - client, - &pac_data); + code = mit_samba_get_pac(mit_ctx, + context, + client, + client_key, + pac); if (code != 0) { return code; } - code = krb5_pac_init(context, pac); - if (code != 0) { - goto done; - } - - data = ks_make_data(pac_data.data, pac_data.length); - - code = krb5_pac_add_buffer(context, *pac, PAC_LOGON_INFO, &data); - if (code != 0) { - goto done; - } - -done: - free(pac_data.data); return code; } @@ -332,8 +319,7 @@ krb5_error_code kdb_samba_db_sign_auth_data(krb5_context context, is_as_req = ((flags & KRB5_KDB_FLAG_CLIENT_REFERRALS_ONLY) != 0); if (is_as_req && (flags & KRB5_KDB_FLAG_INCLUDE_PAC)) { - - code = ks_get_pac(context, client, &pac); + code = ks_get_pac(context, client, client_key, &pac); if (code != 0) { goto done; } @@ -350,7 +336,7 @@ krb5_error_code kdb_samba_db_sign_auth_data(krb5_context context, if (pac == NULL && client != NULL) { - code = ks_get_pac(context, client, &pac); + code = ks_get_pac(context, client, client_key, &pac); if (code != 0) { goto done; } |