1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
Description: Cope with changes in Heimdal API
Author: Samuel Cabrero Alamán <scabrero@zentyal.com>
Status: not suitable for upstream in current form, as it also needs to support older Heimdal.
Last-Updated: 2012-12-16
Index: samba/source4/kdc/wdc-samba4.c
===================================================================
--- samba.orig/source4/kdc/wdc-samba4.c 2012-11-15 18:35:29.000000000 +0100
+++ samba/source4/kdc/wdc-samba4.c 2012-11-16 01:19:55.482813115 +0100
@@ -128,7 +128,7 @@
talloc_free(mem_ctx);
return EINVAL;
}
-
+
if (is_in_db) {
/* Now check the KDC signature, fetching the correct key based on the enc type */
ret = kdc_check_pac(context, pac_srv_sig->signature, pac_kdc_sig, krbtgt);
@@ -217,7 +217,7 @@
hdb_entry_ex *client_ex, const char *client_name,
hdb_entry_ex *server_ex, const char *server_name,
KDC_REQ *req,
- krb5_data *e_data)
+ METHOD_DATA *md)
{
struct samba_kdc_entry *kdc_entry;
bool password_change;
@@ -239,11 +239,19 @@
return ENOMEM;
}
- if (e_data) {
- DATA_BLOB data;
+ if (md) {
+ int ret;
+ krb5_data kd;
+ DATA_BLOB data;
samba_kdc_build_edata_reply(nt_status, &data);
- *e_data = fill_krb5_data(data.data, data.length);
+ kd = fill_krb5_data(data.data, data.length);
+ ret = krb5_padata_add(context, md,
+ KRB5_PADATA_FX_ERROR,
+ kd.data, kd.length);
+ if (ret) {
+ krb5_data_free(&kd);
+ }
}
return samba_kdc_map_policy_err(nt_status);
|
