mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
kerberos: make sure we only use prompter type when available.
We also verified that we cannot simply remove the prompter as several older versions of Heimdal would crash. Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Günther Deschner <gd@samba.org> Autobuild-Date(master): Fri Oct 2 07:29:43 CEST 2015 on sn-devel-104
This commit is contained in:
parent
e524ab9f7e
commit
6755376ced
@ -47,6 +47,16 @@ kerb_prompter(krb5_context ctx, void *data,
|
||||
krb5_prompt prompts[])
|
||||
{
|
||||
if (num_prompts == 0) return 0;
|
||||
#if HAVE_KRB5_PROMPT_TYPE
|
||||
|
||||
/*
|
||||
* only heimdal has a prompt type and we need to deal with it here to
|
||||
* avoid loops.
|
||||
*
|
||||
* removing the prompter completely is not an option as at least these
|
||||
* versions would crash: heimdal-1.0.2 and heimdal-1.1. Later heimdal
|
||||
* version have looping detection and return with a proper error code.
|
||||
*/
|
||||
|
||||
if ((num_prompts == 2) &&
|
||||
(prompts[0].type == KRB5_PROMPT_TYPE_NEW_PASSWORD) &&
|
||||
@ -63,7 +73,7 @@ kerb_prompter(krb5_context ctx, void *data,
|
||||
*/
|
||||
return KRB5KDC_ERR_KEY_EXPIRED;
|
||||
}
|
||||
|
||||
#endif /* HAVE_KRB5_PROMPT_TYPE */
|
||||
memset(prompts[0].reply->data, '\0', prompts[0].reply->length);
|
||||
if (prompts[0].reply->length > 0) {
|
||||
if (data) {
|
||||
|
@ -168,6 +168,7 @@ conf.define('HAVE_KRB5_PRINCIPAL_SET_REALM', 1)
|
||||
conf.define('HAVE_KRB5_PRINCIPAL_SET_TYPE', 1)
|
||||
conf.define('HAVE_KRB5_PRINCIPAL_GET_TYPE', 1)
|
||||
conf.define('HAVE_KRB5_WARNX', 1)
|
||||
conf.define('HAVE_KRB5_PROMPT_TYPE', 1)
|
||||
|
||||
heimdal_includedirs = []
|
||||
heimdal_libdirs = []
|
||||
|
@ -137,6 +137,8 @@ conf.CHECK_STRUCTURE_MEMBER('krb5_address', 'addrtype', headers='krb5.h',
|
||||
define='HAVE_ADDRTYPE_IN_KRB5_ADDRESS')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_ap_req', 'ticket', headers='krb5.h',
|
||||
define='HAVE_TICKET_POINTER_IN_KRB5_AP_REQ')
|
||||
conf.CHECK_STRUCTURE_MEMBER('krb5_prompt', 'type', headers='krb5.h',
|
||||
define='HAVE_KRB5_PROMPT_TYPE')
|
||||
|
||||
conf.CHECK_TYPE('krb5_encrypt_block', headers='krb5.h')
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user