summaryrefslogtreecommitdiff
path: root/source4/kdc
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2005-07-12 09:02:27 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:20:12 -0500
commitf4ec5d45c313b20632654ceca3cab6e683a98894 (patch)
treebf40e9ca88ae09aec0aead5146760e618b8da834 /source4/kdc
parent1a539f3f0b4090fc09f1ccf1514f4a5b5c64a54c (diff)
downloadsamba-f4ec5d45c313b20632654ceca3cab6e683a98894.tar.gz
r8363: - we need to correct the realm for the krbtgt/NETBIOSDOMAINREALM
into krbtgt/DNS.DOMAIN.REALM too with this a windows client asks for the correct ticket when you try to login (but it's still not working correct, as some how we mess up the dns host name of the client and it asks for the wrong service principal) - fix some compiler wranings - fix some debug messages metze (This used to be commit c4c93eeec20ceb062d37f392139a5ef8bbb626f5)
Diffstat (limited to 'source4/kdc')
-rw-r--r--source4/kdc/hdb-ldb.c31
1 files changed, 24 insertions, 7 deletions
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c
index 1ca1aec4b9..1e99511792 100644
--- a/source4/kdc/hdb-ldb.c
+++ b/source4/kdc/hdb-ldb.c
@@ -321,8 +321,8 @@ static krb5_error_code LDB_message2entry(krb5_context context, HDB *db,
const char *user_principal_name = ldb_msg_find_string(msg, "userPrincipalName", NULL);
struct ldb_message_element *objectclasses;
struct ldb_val computer_val;
- computer_val.data = "computer";
- computer_val.length = strlen(computer_val.data);
+ computer_val.data = discard_const_p(uint8_t,"computer");
+ computer_val.length = strlen((const char *)computer_val.data);
objectclasses = ldb_msg_find_element(msg, "objectClass");
@@ -646,7 +646,7 @@ static krb5_error_code LDB_lookup_spn_alias(krb5_context context, struct ldb_con
for (i = 0; i < spnmappings->num_values; i++) {
char *mapping, *p, *str;
mapping = talloc_strdup(mem_ctx,
- spnmappings->values[i].data);
+ (const char *)spnmappings->values[i].data);
if (!mapping) {
krb5_warnx(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn);
krb5_set_error_string(context, "LDB_lookup_spn_alias: ldb_search: dn: %s did not have an sPNMapping", service_dn);
@@ -719,6 +719,7 @@ static krb5_error_code LDB_fetch(krb5_context context, HDB *db, unsigned flags,
{
struct ldb_message **msg = NULL;
struct ldb_message **realm_msg = NULL;
+ struct ldb_message **realm_fixed_msg = NULL;
enum hdb_ldb_ent_type ldb_ent_type;
krb5_error_code ret;
@@ -732,7 +733,7 @@ static krb5_error_code LDB_fetch(krb5_context context, HDB *db, unsigned flags,
}
realm = krb5_principal_get_realm(context, principal);
-
+
ret = LDB_lookup_realm(context, (struct ldb_context *)db->hdb_db,
mem_ctx, realm, &realm_msg);
if (ret != 0) {
@@ -752,7 +753,23 @@ static krb5_error_code LDB_fetch(krb5_context context, HDB *db, unsigned flags,
if (principal->name.name_string.len == 2
&& (strcmp(principal->name.name_string.val[0], KRB5_TGS_NAME) == 0)
&& (LDB_lookup_realm(context, (struct ldb_context *)db->hdb_db,
- mem_ctx, principal->name.name_string.val[1], NULL) == 0)) {
+ mem_ctx, principal->name.name_string.val[1], &realm_fixed_msg) == 0)) {
+ const char *dnsdomain = ldb_msg_find_string(realm_fixed_msg[0], "dnsDomain", NULL);
+ char *realm_fixed = strupper_talloc(mem_ctx, dnsdomain);
+ if (!realm_fixed) {
+ krb5_set_error_string(context, "strupper_talloc: out of memory");
+ talloc_free(mem_ctx);
+ return ENOMEM;
+ }
+
+ free(principal->name.name_string.val[1]);
+ principal->name.name_string.val[1] = strdup(realm_fixed);
+ talloc_free(realm_fixed);
+ if (!principal->name.name_string.val[1]) {
+ krb5_set_error_string(context, "LDB_fetch: strdup() failed!");
+ talloc_free(mem_ctx);
+ return ENOMEM;
+ }
ldb_ent_type = HDB_LDB_ENT_TYPE_KRBTGT;
} else {
ldb_ent_type = HDB_LDB_ENT_TYPE_SERVER;
@@ -944,7 +961,7 @@ static krb5_error_code LDB_firstkey(krb5_context context, HDB *db, unsigned flag
if (ret != 0) {
talloc_free(priv);
- krb5_warnx(context, "LDB_fetch: could not find realm\n");
+ krb5_warnx(context, "LDB_firstkey: could not find realm\n");
return HDB_ERR_NOENTRY;
}
@@ -952,7 +969,7 @@ static krb5_error_code LDB_firstkey(krb5_context context, HDB *db, unsigned flag
priv->realm_msgs = talloc_steal(priv, realm_msgs);
- krb5_warnx(context, "LDB_lookup_principal: realm ok\n");
+ krb5_warnx(context, "LDB_firstkey: realm ok\n");
priv->count = ldb_search(ldb_ctx, realm_dn,
LDB_SCOPE_SUBTREE, "(objectClass=user)",