1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s4-auth: Don't check for NULL saltPrincipal if it doesn't need it

This check causes 4.1 domains to be unable to change their DNS backend
correctly as they do not have the saltPrincipal value stored.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10882
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Garming Sam 2016-09-07 12:18:29 +12:00 committed by Garming Sam
parent 44d209c893
commit b02da11498

View File

@ -218,12 +218,6 @@ krb5_error_code smb_krb5_update_keytab(TALLOC_CTX *parent_ctx,
return ENOENT;
}
if (saltPrincipal == NULL) {
*perror_string = talloc_strdup(parent_ctx,
"No saltPrincipal provided");
return EINVAL;
}
ret = krb5_kt_resolve(context, keytab_name, &keytab);
if (ret) {
*perror_string = smb_get_krb5_error_message(context,
@ -283,6 +277,12 @@ krb5_error_code smb_krb5_update_keytab(TALLOC_CTX *parent_ctx,
/* Create a new keytab. If during the cleanout we found
* entires for kvno -1, then don't try and duplicate them.
* Otherwise, add kvno, and kvno -1 */
if (saltPrincipal == NULL) {
*perror_string = talloc_strdup(parent_ctx,
"No saltPrincipal provided");
ret = EINVAL;
goto done;
}
ret = create_keytab(tmp_ctx,
samAccountName, upper_realm, saltPrincipal,