diff options
| author | Günther Deschner <gd@samba.org> | 2014-05-09 23:26:42 +0200 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2015-03-27 01:26:16 +0100 |
| commit | 78c0cf292b138f122e198037646bfdf19e1584fd (patch) | |
| tree | 7d63b64cab68022500396c70770c05b811562131 /source4/kdc | |
| parent | ba1838300cab30ca42bf2226e00be84067078fff (diff) | |
| download | samba-78c0cf292b138f122e198037646bfdf19e1584fd.tar.gz | |
s4-kdc: pass down only a samba_kdc_entry to samba_princ_needs_pac().
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source4/kdc')
| -rw-r--r-- | source4/kdc/mit_samba.c | 8 | ||||
| -rw-r--r-- | source4/kdc/pac-glue.c | 8 | ||||
| -rw-r--r-- | source4/kdc/pac-glue.h | 2 | ||||
| -rw-r--r-- | source4/kdc/wdc-samba4.c | 2 |
4 files changed, 12 insertions, 8 deletions
diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c index a51f18da0df..9f2d04d8dbc 100644 --- a/source4/kdc/mit_samba.c +++ b/source4/kdc/mit_samba.c @@ -230,9 +230,15 @@ static int mit_samba_update_pac_data(struct mit_samba_context *ctx, NTSTATUS nt_status; krb5_pac pac = NULL; int ret; + struct samba_kdc_entry *skdc_entry = NULL; + + if (client) { + skdc_entry = talloc_get_type_abort(client->ctx, + struct samba_kdc_entry); + } /* The user account may be set not to want the PAC */ - if (client && !samba_princ_needs_pac(client)) { + if (client && !samba_princ_needs_pac(skdc_entry)) { return EINVAL; } diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 1558d2185f3..e51dbad6fc0 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -135,15 +135,13 @@ krb5_error_code samba_make_krb5_pac(krb5_context context, return ret; } -bool samba_princ_needs_pac(struct hdb_entry_ex *princ) +bool samba_princ_needs_pac(struct samba_kdc_entry *skdc_entry) { - struct samba_kdc_entry *p = talloc_get_type(princ->ctx, struct samba_kdc_entry); uint32_t userAccountControl; - /* The service account may be set not to want the PAC */ - userAccountControl = ldb_msg_find_attr_as_uint(p->msg, "userAccountControl", 0); + userAccountControl = ldb_msg_find_attr_as_uint(skdc_entry->msg, "userAccountControl", 0); if (userAccountControl & UF_NO_AUTH_DATA_REQUIRED) { return false; } @@ -231,7 +229,7 @@ NTSTATUS samba_kdc_get_pac_blob(TALLOC_CTX *mem_ctx, NTSTATUS nt_status; /* The user account may be set not to want the PAC */ - if ( ! samba_princ_needs_pac(client)) { + if ( ! samba_princ_needs_pac(p)) { *_pac_blob = NULL; return NT_STATUS_OK; } diff --git a/source4/kdc/pac-glue.h b/source4/kdc/pac-glue.h index 0e1cdcd2f25..cc37f2ae5be 100644 --- a/source4/kdc/pac-glue.h +++ b/source4/kdc/pac-glue.h @@ -26,7 +26,7 @@ krb5_error_code samba_make_krb5_pac(krb5_context context, DATA_BLOB *deleg_blob, krb5_pac *pac); -bool samba_princ_needs_pac(struct hdb_entry_ex *princ); +bool samba_princ_needs_pac(struct samba_kdc_entry *skdc_entry); int samba_krbtgt_is_in_db(struct hdb_entry_ex *princ, bool *is_in_db, bool *is_untrusted); diff --git a/source4/kdc/wdc-samba4.c b/source4/kdc/wdc-samba4.c index 2f4945c312c..50a37fcdb1a 100644 --- a/source4/kdc/wdc-samba4.c +++ b/source4/kdc/wdc-samba4.c @@ -77,7 +77,7 @@ static krb5_error_code samba_wdc_reget_pac(void *priv, krb5_context context, } /* The user account may be set not to want the PAC */ - if (!samba_princ_needs_pac(server)) { + if (!samba_princ_needs_pac(p)) { talloc_free(mem_ctx); return EINVAL; } |