1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

s4:kdc: make use of gensec_update() in kpasswd_process()

This avoids using gensec_update_ev() with a nested event loop.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Stefan Metzmacher 2017-05-15 07:50:31 +02:00 committed by Andrew Bartlett
parent c198dee8ea
commit 31c7493094

View File

@ -206,12 +206,20 @@ kdc_code kpasswd_process(struct kdc_server *kdc,
goto done;
}
/* Accept the AP-REQ and generate the AP-REP we need for the reply */
status = gensec_update_ev(gensec_security,
tmp_ctx,
kdc->task->event_ctx,
ap_req_blob,
&ap_rep_blob);
/*
* Accept the AP-REQ and generate the AP-REP we need for the reply
*
* We only allow KRB5 and make sure the backend to is RPC/IPC free.
*
* See gensec_krb5_update_internal() as GENSEC_SERVER.
*
* It allows gensec_update() not to block.
*
* If that changes in future we need to use
* gensec_update_send/recv here!
*/
status = gensec_update(gensec_security, tmp_ctx,
ap_req_blob, &ap_rep_blob);
if (!NT_STATUS_IS_OK(status) &&
!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
ap_rep_blob = data_blob_null;