1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

s4:kdc: Add flag to indicate the upper sixteen bits of the kvno are specified

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton 2023-10-17 20:18:28 +13:00 committed by Andrew Bartlett
parent 3759403554
commit d209cdf4f0
2 changed files with 3 additions and 2 deletions

View File

@ -2466,7 +2466,7 @@ static krb5_error_code samba_kdc_fetch_krbtgt(krb5_context context,
/* w2k8r2 sometimes gives us a kvno of 255 for inter-domain
trust tickets. We don't yet know what this means, but we do
seem to need to treat it as unspecified */
if (flags & SDB_F_KVNO_SPECIFIED) {
if (flags & (SDB_F_KVNO_SPECIFIED|SDB_F_RODC_NUMBER_SPECIFIED)) {
krbtgt_number = SAMBA_KVNO_GET_KRBTGT(kvno);
if (kdc_db_ctx->rodc) {
if (krbtgt_number != kdc_db_ctx->my_krbtgt_number) {

View File

@ -134,8 +134,9 @@ struct sdb_entry {
SDB_F_ARMOR_PRINCIPAL| \
SDB_F_USER2USER_PRINCIPAL)
/* This is not supported by HDB */
/* These are not supported by HDB */
#define SDB_F_FORCE_CANON 16384 /* force canonicalization */
#define SDB_F_RODC_NUMBER_SPECIFIED 32768 /* we want a particular RODC number */
void sdb_key_free(struct sdb_key *key);
void sdb_keys_free(struct sdb_keys *keys);