diff options
author | Stefan Metzmacher <metze@samba.org> | 2005-07-12 09:02:27 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:20:12 -0500 |
commit | f4ec5d45c313b20632654ceca3cab6e683a98894 (patch) | |
tree | bf40e9ca88ae09aec0aead5146760e618b8da834 /source4/kdc | |
parent | 1a539f3f0b4090fc09f1ccf1514f4a5b5c64a54c (diff) | |
download | samba-f4ec5d45c313b20632654ceca3cab6e683a98894.tar.gz |
r8363: - we need to correct the realm for the krbtgt/NETBIOSDOMAINREALM
into krbtgt/DNS.DOMAIN.REALM too
with this a windows client asks for the correct ticket when you try to login
(but it's still not working correct, as some how we mess up the dns host name of the
client and it asks for the wrong service principal)
- fix some compiler wranings
- fix some debug messages
metze
(This used to be commit c4c93eeec20ceb062d37f392139a5ef8bbb626f5)
Diffstat (limited to 'source4/kdc')
-rw-r--r-- | source4/kdc/hdb-ldb.c | 31 |
1 files changed, 24 insertions, 7 deletions
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c index 1ca1aec4b9..1e99511792 100644 --- a/source4/kdc/hdb-ldb.c +++ b/source4/kdc/hdb-ldb.c @@ -321,8 +321,8 @@ static krb5_error_code LDB_message2entry(krb5_context context, HDB *db, const char *user_principal_name = ldb_msg_find_string(msg, "userPrincipalName", NULL); struct ldb_message_element *objectclasses; struct ldb_val computer_val; - computer_val.data = "computer"; - computer_val.length = strlen(computer_val.data); + computer_val.data = discard_const_p(uint8_t,"computer"); + computer_val.length = strlen((const char *)computer_val.data); objectclasses = ldb_msg_find_element(msg, "objectClass"); @@ -646,7 +646,7 @@ static krb5_error_code LDB_lookup_spn_alias(krb5_context context, struct ldb_con for (i = 0; i < spnmappings->num_values; i++) { char *mapping, *p, *str; mapping = talloc_strdup(mem_ctx, - spnmappings->values[i].data); + (const char *)spnmappings->values[i].data); if (!mapping) { krb5_warnx(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn); krb5_set_error_string(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn); @@ -719,6 +719,7 @@ static krb5_error_code LDB_fetch(krb5_context context, HDB *db, unsigned flags, { struct ldb_message **msg = NULL; struct ldb_message **realm_msg = NULL; + struct ldb_message **realm_fixed_msg = NULL; enum hdb_ldb_ent_type ldb_ent_type; krb5_error_code ret; @@ -732,7 +733,7 @@ static krb5_error_code LDB_fetch(krb5_context context, HDB *db, unsigned flags, } realm = krb5_principal_get_realm(context, principal); - + ret = LDB_lookup_realm(context, (struct ldb_context *)db->hdb_db, mem_ctx, realm, &realm_msg); if (ret != 0) { @@ -752,7 +753,23 @@ static krb5_error_code LDB_fetch(krb5_context context, HDB *db, unsigned flags, if (principal->name.name_string.len == 2 && (strcmp(principal->name.name_string.val[0], KRB5_TGS_NAME) == 0) && (LDB_lookup_realm(context, (struct ldb_context *)db->hdb_db, - mem_ctx, principal->name.name_string.val[1], NULL) == 0)) { + mem_ctx, principal->name.name_string.val[1], &realm_fixed_msg) == 0)) { + const char *dnsdomain = ldb_msg_find_string(realm_fixed_msg[0], "dnsDomain", NULL); + char *realm_fixed = strupper_talloc(mem_ctx, dnsdomain); + if (!realm_fixed) { + krb5_set_error_string(context, "strupper_talloc: out of memory"); + talloc_free(mem_ctx); + return ENOMEM; + } + + free(principal->name.name_string.val[1]); + principal->name.name_string.val[1] = strdup(realm_fixed); + talloc_free(realm_fixed); + if (!principal->name.name_string.val[1]) { + krb5_set_error_string(context, "LDB_fetch: strdup() failed!"); + talloc_free(mem_ctx); + return ENOMEM; + } ldb_ent_type = HDB_LDB_ENT_TYPE_KRBTGT; } else { ldb_ent_type = HDB_LDB_ENT_TYPE_SERVER; @@ -944,7 +961,7 @@ static krb5_error_code LDB_firstkey(krb5_context context, HDB *db, unsigned flag if (ret != 0) { talloc_free(priv); - krb5_warnx(context, "LDB_fetch: could not find realm\n"); + krb5_warnx(context, "LDB_firstkey: could not find realm\n"); return HDB_ERR_NOENTRY; } @@ -952,7 +969,7 @@ static krb5_error_code LDB_firstkey(krb5_context context, HDB *db, unsigned flag priv->realm_msgs = talloc_steal(priv, realm_msgs); - krb5_warnx(context, "LDB_lookup_principal: realm ok\n"); + krb5_warnx(context, "LDB_firstkey: realm ok\n"); priv->count = ldb_search(ldb_ctx, realm_dn, LDB_SCOPE_SUBTREE, "(objectClass=user)", |