mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s3:gse: don't call krb5_cc_resolve() as server
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
parent
6ced3c6af2
commit
e3f97f35b1
@ -176,7 +176,6 @@ static NTSTATUS gse_setup_server_principal(TALLOC_CTX *mem_ctx,
|
||||
|
||||
static NTSTATUS gse_context_init(struct gensec_security *gensec_security,
|
||||
bool do_sign, bool do_seal,
|
||||
const char *ccache_name,
|
||||
uint32_t add_gss_c_flags,
|
||||
struct gse_context **_gse_ctx)
|
||||
{
|
||||
@ -254,18 +253,6 @@ static NTSTATUS gse_context_init(struct gensec_security *gensec_security,
|
||||
}
|
||||
#endif
|
||||
|
||||
if (!ccache_name) {
|
||||
ccache_name = krb5_cc_default_name(gse_ctx->k5ctx);
|
||||
}
|
||||
k5ret = krb5_cc_resolve(gse_ctx->k5ctx, ccache_name,
|
||||
&gse_ctx->ccache);
|
||||
if (k5ret) {
|
||||
DEBUG(1, ("Failed to resolve credential cache '%s'! (%s)\n",
|
||||
ccache_name, error_message(k5ret)));
|
||||
status = NT_STATUS_INTERNAL_ERROR;
|
||||
goto err_out;
|
||||
}
|
||||
|
||||
/* TODO: Should we enforce a enc_types list ?
|
||||
ret = krb5_set_default_tgs_ktypes(gse_ctx->k5ctx, enc_types);
|
||||
*/
|
||||
@ -290,15 +277,29 @@ static NTSTATUS gse_init_client(struct gensec_security *gensec_security,
|
||||
gss_buffer_desc empty_buffer = GSS_C_EMPTY_BUFFER;
|
||||
gss_OID oid = discard_const(GSS_KRB5_CRED_NO_CI_FLAGS_X);
|
||||
#endif
|
||||
krb5_error_code k5ret;
|
||||
NTSTATUS status;
|
||||
|
||||
status = gse_context_init(gensec_security, do_sign, do_seal,
|
||||
ccache_name, add_gss_c_flags,
|
||||
add_gss_c_flags,
|
||||
&gse_ctx);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
if (ccache_name == NULL) {
|
||||
ccache_name = krb5_cc_default_name(gse_ctx->k5ctx);
|
||||
}
|
||||
|
||||
k5ret = krb5_cc_resolve(gse_ctx->k5ctx,
|
||||
ccache_name,
|
||||
&gse_ctx->ccache);
|
||||
if (k5ret) {
|
||||
DBG_WARNING("Failed to resolve credential cache '%s'! (%s)\n",
|
||||
ccache_name, error_message(k5ret));
|
||||
return NT_STATUS_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
#ifdef SAMBA4_USES_HEIMDAL
|
||||
{
|
||||
int ret;
|
||||
@ -652,7 +653,7 @@ static NTSTATUS gse_init_server(struct gensec_security *gensec_security,
|
||||
NTSTATUS status;
|
||||
|
||||
status = gse_context_init(gensec_security, do_sign, do_seal,
|
||||
NULL, add_gss_c_flags, &gse_ctx);
|
||||
add_gss_c_flags, &gse_ctx);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user