kdc: Remove UF_NO_AUTH_DATA_REQUIRED from client principals

author Andrew Bartlett <abartlet@samba.org>

Mon, 18 Oct 2021 02:21:50 +0000 (15:21 +1300)

committer Stefan Metzmacher <metze@samba.org>

Wed, 20 Oct 2021 08:31:31 +0000 (08:31 +0000)
author Andrew Bartlett <abartlet@samba.org>
Mon, 18 Oct 2021 02:21:50 +0000 (15:21 +1300)
committer Stefan Metzmacher <metze@samba.org>
Wed, 20 Oct 2021 08:31:31 +0000 (08:31 +0000)
diff --git a/selftest/knownfail_heimdal_kdc b/selftest/knownfail_heimdal_kdc

index 5008b998b782d9a904a4b2e9523feab96317dcfd..a013860ddf9afa31687024331d890a05e2a9d751 100644 (file)
--- a/selftest/knownfail_heimdal_kdc
+++ b/selftest/knownfail_heimdal_kdc
@@ -90,5 +90,4 @@
  #
  # TGS tests
  #
-^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_client_no_auth_data_required
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_service_no_auth_data_required
diff --git a/selftest/knownfail_mit_kdc b/selftest/knownfail_mit_kdc

index 5c04b677e38641e8cd3674741ce9d02d9b092e89..7aa95cbb1c7863d38754e2830b5c8ee8e26504e3 100644 (file)
--- a/selftest/knownfail_mit_kdc
+++ b/selftest/knownfail_mit_kdc
@@ -256,7 +256,6 @@ samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_ldap_service_ticket\(ad_dc\)
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_get_ticket_for_host_service_of_machine_account\(ad_dc\)
  #
-^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_client_no_auth_data_required\(ad_dc\)
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_remove_pac\(ad_dc\)
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_request_no_pac\(ad_dc\)
  ^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_service_no_auth_data_required\(ad_dc\)
diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c

index 60ba46cf2c3cc5e25b07484abf5ae4154f62f20c..22f9a54a05be06c54171aac6e72b2af06e1f8832 100644 (file)
--- a/source4/kdc/mit_samba.c
+++ b/source4/kdc/mit_samba.c
@@ -521,18 +521,11 @@ krb5_error_code mit_samba_reget_pac(struct mit_samba_context *ctx,
         ssize_t srv_checksum_idx = -1;
         ssize_t kdc_checksum_idx = -1;
         krb5_pac new_pac = NULL;
-       bool ok;
  
         if (client != NULL) {
                 client_skdc_entry =
                         talloc_get_type_abort(client->e_data,
                                               struct samba_kdc_entry);
-
-               /* The user account may be set not to want the PAC */
-               ok = samba_princ_needs_pac(client_skdc_entry);
-               if (!ok) {
-                       return EINVAL;
-               }
         }
  
         if (server == NULL) {
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c

index 88bcb734fc5646fe9abce54fd0c054cbe2509a1f..688103d8477bbbb0547dd866711d6e731dfa3302 100644 (file)
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -651,11 +651,6 @@ NTSTATUS samba_kdc_get_pac_blobs(TALLOC_CTX *mem_ctx,
         }
         *_upn_info_blob = NULL;
  
-       /* The user account may be set not to want the PAC */
-       if ( ! samba_princ_needs_pac(p)) {
-               return NT_STATUS_OK;
-       }
-
         logon_blob = talloc_zero(mem_ctx, DATA_BLOB);
         if (logon_blob == NULL) {
                 return NT_STATUS_NO_MEMORY;
author	Andrew Bartlett <abartlet@samba.org>
	Mon, 18 Oct 2021 02:21:50 +0000 (15:21 +1300)
committer	Stefan Metzmacher <metze@samba.org>
	Wed, 20 Oct 2021 08:31:31 +0000 (08:31 +0000)
selftest/knownfail_heimdal_kdc		patch \| blob \| blame \| history
selftest/knownfail_mit_kdc		patch \| blob \| blame \| history
source4/kdc/mit_samba.c		patch \| blob \| blame \| history
source4/kdc/pac-glue.c		patch \| blob \| blame \| history