The branch, v4-0-test has been updated via 0aa6d63ec571b0ca05fbfe14d2b4e9ba3e1082e9 (commit) via 9fc5750156467f579ea8d7755987d091f5b579c2 (commit) from 2f06fbe06be2e1b77ea013ddba853ce819e58e88 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test - Log ----------------------------------------------------------------- commit 0aa6d63ec571b0ca05fbfe14d2b4e9ba3e1082e9 Author: Stefan Metzmacher <[EMAIL PROTECTED]> Date: Fri Jul 25 16:02:29 2008 +0200 lib/ldb/tools: allow -W and --realm when build from samba4 metze commit 9fc5750156467f579ea8d7755987d091f5b579c2 Author: Stefan Metzmacher <[EMAIL PROTECTED]> Date: Fri Jul 25 16:00:50 2008 +0200 auth/credentials: use the same enctypes when getting a TGT and a TGS metze ----------------------------------------------------------------------- Summary of changes: source/auth/credentials/credentials_krb5.c | 23 +++++++++++++++++++++++ source/lib/ldb/tools/cmdline.c | 1 + 2 files changed, 24 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/credentials/credentials_krb5.c b/source/auth/credentials/credentials_krb5.c index a880486..c4c5839 100644 --- a/source/auth/credentials/credentials_krb5.c +++ b/source/auth/credentials/credentials_krb5.c @@ -360,6 +360,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, struct gssapi_creds_container *gcc; struct ccache_container *ccache; gss_buffer_desc empty_buffer = GSS_C_EMPTY_BUFFER; + krb5_enctype *etypes = NULL; if (cred->client_gss_creds_obtained >= cred->client_gss_creds_threshold && cred->client_gss_creds_obtained > CRED_UNINITIALISED) { @@ -391,6 +392,28 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, return ret; } + /* transfer the enctypes from the smb_krb5_context to the gssapi layer */ + min_stat = krb5_get_default_in_tkt_etypes(ccache->smb_krb5_context->krb5_context, + &etypes); + if (min_stat == 0) { + OM_uint32 num_ktypes; + + for (num_ktypes = 0; etypes[num_ktypes]; num_ktypes++); + + maj_stat = gss_krb5_set_allowable_enctypes(&min_stat, gcc->creds, + num_ktypes, etypes); + krb5_xfree (etypes); + if (maj_stat) { + talloc_free(gcc); + if (min_stat) { + ret = min_stat; + } else { + ret = EINVAL; + } + return ret; + } + } + /* don't force GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG */ maj_stat = gss_set_cred_option(&min_stat, &gcc->creds, GSS_KRB5_CRED_NO_CI_FLAGS_X, diff --git a/source/lib/ldb/tools/cmdline.c b/source/lib/ldb/tools/cmdline.c index c9c77c4..765d8b9 100644 --- a/source/lib/ldb/tools/cmdline.c +++ b/source/lib/ldb/tools/cmdline.c @@ -75,6 +75,7 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, #if (_SAMBA_BUILD_ >= 4) POPT_COMMON_SAMBA POPT_COMMON_CREDENTIALS + POPT_COMMON_CONNECTION POPT_COMMON_VERSION #endif { NULL } -- Samba Shared Repository