mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
s4:kdc: Make [client,device]_claims_blob const pointers
This is so that we can have them point to ‘null_data’ if we so choose. We can’t assign the result of data_blob_talloc() to a const pointer, so we go through an intermediary non-const pointer for the device_claims_blob case. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
parent
ebc27cf32a
commit
7a4fa2c564
@ -473,7 +473,7 @@ int mit_samba_get_pac(struct mit_samba_context *smb_ctx,
|
||||
DATA_BLOB *pcred_blob = NULL;
|
||||
DATA_BLOB *pac_attrs_blob = NULL;
|
||||
DATA_BLOB *requester_sid_blob = NULL;
|
||||
DATA_BLOB *client_claims_blob = NULL;
|
||||
const DATA_BLOB *client_claims_blob = NULL;
|
||||
NTSTATUS nt_status;
|
||||
krb5_error_code code;
|
||||
struct samba_kdc_entry *skdc_entry;
|
||||
|
@ -1130,7 +1130,7 @@ NTSTATUS samba_kdc_get_requester_sid_blob(TALLOC_CTX *mem_ctx,
|
||||
|
||||
NTSTATUS samba_kdc_get_claims_blob(TALLOC_CTX *mem_ctx,
|
||||
const struct samba_kdc_entry *p,
|
||||
DATA_BLOB **_claims_blob)
|
||||
const DATA_BLOB **_claims_blob)
|
||||
{
|
||||
DATA_BLOB *claims_blob = NULL;
|
||||
NTSTATUS nt_status;
|
||||
@ -2364,11 +2364,11 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx,
|
||||
DATA_BLOB *upn_blob = NULL;
|
||||
DATA_BLOB *deleg_blob = NULL;
|
||||
DATA_BLOB *requester_sid_blob = NULL;
|
||||
DATA_BLOB *client_claims_blob = NULL;
|
||||
const DATA_BLOB *client_claims_blob = NULL;
|
||||
bool client_pac_is_trusted = flags & SAMBA_KDC_FLAG_KRBTGT_IS_TRUSTED;
|
||||
bool device_pac_is_trusted = flags & SAMBA_KDC_FLAG_DEVICE_KRBTGT_IS_TRUSTED;
|
||||
bool delegated_proxy_pac_is_trusted = flags & SAMBA_KDC_FLAG_DELEGATED_PROXY_IS_TRUSTED;
|
||||
DATA_BLOB *device_claims_blob = NULL;
|
||||
const DATA_BLOB *device_claims_blob = NULL;
|
||||
DATA_BLOB *device_info_blob = NULL;
|
||||
int is_tgs = false;
|
||||
struct auth_user_info_dc *user_info_dc = NULL;
|
||||
@ -2422,23 +2422,27 @@ krb5_error_code samba_kdc_update_pac(TALLOC_CTX *mem_ctx,
|
||||
} else if (code != 0) {
|
||||
goto done;
|
||||
} else {
|
||||
device_claims_blob = talloc_zero(mem_ctx, DATA_BLOB);
|
||||
if (device_claims_blob == NULL) {
|
||||
DATA_BLOB *device_claims = NULL;
|
||||
|
||||
device_claims = talloc_zero(mem_ctx, DATA_BLOB);
|
||||
if (device_claims == NULL) {
|
||||
smb_krb5_free_data_contents(context, &device_claims_data);
|
||||
code = ENOMEM;
|
||||
goto done;
|
||||
}
|
||||
|
||||
*device_claims_blob = data_blob_talloc(mem_ctx,
|
||||
*device_claims = data_blob_talloc(mem_ctx,
|
||||
device_claims_data.data,
|
||||
device_claims_data.length);
|
||||
if (device_claims_blob->data == NULL && device_claims_data.length != 0) {
|
||||
if (device_claims->data == NULL && device_claims_data.length != 0) {
|
||||
smb_krb5_free_data_contents(context, &device_claims_data);
|
||||
code = ENOMEM;
|
||||
goto done;
|
||||
}
|
||||
|
||||
smb_krb5_free_data_contents(context, &device_claims_data);
|
||||
|
||||
device_claims_blob = device_claims;
|
||||
}
|
||||
|
||||
code = samba_kdc_create_device_info_blob(mem_ctx,
|
||||
|
@ -168,7 +168,7 @@ NTSTATUS samba_kdc_get_requester_sid_blob(TALLOC_CTX *mem_ctx,
|
||||
DATA_BLOB **_requester_sid_blob);
|
||||
NTSTATUS samba_kdc_get_claims_blob(TALLOC_CTX *mem_ctx,
|
||||
const struct samba_kdc_entry *p,
|
||||
DATA_BLOB **_claims_blob);
|
||||
const DATA_BLOB **_claims_blob);
|
||||
|
||||
krb5_error_code samba_kdc_allowed_to_authenticate_to(TALLOC_CTX *mem_ctx,
|
||||
struct ldb_context *samdb,
|
||||
|
@ -106,7 +106,7 @@ static krb5_error_code samba_wdc_get_pac(void *priv,
|
||||
DATA_BLOB *upn_blob = NULL;
|
||||
DATA_BLOB *pac_attrs_blob = NULL;
|
||||
DATA_BLOB *requester_sid_blob = NULL;
|
||||
DATA_BLOB *client_claims_blob = NULL;
|
||||
const DATA_BLOB *client_claims_blob = NULL;
|
||||
krb5_error_code ret;
|
||||
NTSTATUS nt_status;
|
||||
struct samba_kdc_entry *skdc_entry =
|
||||
|
Loading…
Reference in New Issue
Block a user