mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
s4-auth: Don't check for NULL saltPrincipal if it doesn't need it
This check causes 4.1 domains to be unable to change their DNS backend correctly as they do not have the saltPrincipal value stored. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10882 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
44d209c893
commit
b02da11498
@ -218,12 +218,6 @@ krb5_error_code smb_krb5_update_keytab(TALLOC_CTX *parent_ctx,
|
|||||||
return ENOENT;
|
return ENOENT;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (saltPrincipal == NULL) {
|
|
||||||
*perror_string = talloc_strdup(parent_ctx,
|
|
||||||
"No saltPrincipal provided");
|
|
||||||
return EINVAL;
|
|
||||||
}
|
|
||||||
|
|
||||||
ret = krb5_kt_resolve(context, keytab_name, &keytab);
|
ret = krb5_kt_resolve(context, keytab_name, &keytab);
|
||||||
if (ret) {
|
if (ret) {
|
||||||
*perror_string = smb_get_krb5_error_message(context,
|
*perror_string = smb_get_krb5_error_message(context,
|
||||||
@ -283,6 +277,12 @@ krb5_error_code smb_krb5_update_keytab(TALLOC_CTX *parent_ctx,
|
|||||||
/* Create a new keytab. If during the cleanout we found
|
/* Create a new keytab. If during the cleanout we found
|
||||||
* entires for kvno -1, then don't try and duplicate them.
|
* entires for kvno -1, then don't try and duplicate them.
|
||||||
* Otherwise, add kvno, and kvno -1 */
|
* Otherwise, add kvno, and kvno -1 */
|
||||||
|
if (saltPrincipal == NULL) {
|
||||||
|
*perror_string = talloc_strdup(parent_ctx,
|
||||||
|
"No saltPrincipal provided");
|
||||||
|
ret = EINVAL;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
ret = create_keytab(tmp_ctx,
|
ret = create_keytab(tmp_ctx,
|
||||||
samAccountName, upper_realm, saltPrincipal,
|
samAccountName, upper_realm, saltPrincipal,
|
||||||
|
Loading…
Reference in New Issue
Block a user