DATA_BLOB ap_rep = data_blob_null;
DATA_BLOB sesskey1 = data_blob_null;
const char *auth_princ = NULL;
- const char *cc = "MEMORY:kerberos_return_pac";
+ const char *cc = NULL;
struct auth_session_info *session_info;
struct gensec_security *gensec_server_context;
const struct gensec_security_ops **backends;
struct PAC_DATA_CTR *pac_data_ctr = NULL;
char *canon_principal = NULL;
char *canon_realm = NULL;
+ krb5_context ctx = NULL;
+ krb5_ccache ccid = NULL;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
if (cache_name) {
cc = cache_name;
+ } else {
+ char *ccname = NULL;
+
+ ret = smb_krb5_init_context_common(&ctx);
+ if (ret != 0) {
+ status = krb5_to_nt_status(ret);
+ goto out;
+ }
+
+ ret = smb_krb5_cc_new_unique_memory(ctx,
+ tmp_ctx,
+ &ccname,
+ &ccid);
+ if (ret != 0) {
+ status = krb5_to_nt_status(ret);
+ goto out;
+ }
+ cc = ccname;
}
if (!strchr_m(name, '@')) {
}
out:
- talloc_free(tmp_ctx);
- if (cc != cache_name) {
- ads_kdestroy(cc);
+ if (ccid != NULL) {
+ krb5_cc_destroy(ctx, ccid);
+ ccid = NULL;
}
+ if (ctx != NULL) {
+ krb5_free_context(ctx);
+ ctx = NULL;
+ }
+ talloc_free(tmp_ctx);
data_blob_free(&tkt);
data_blob_free(&ap_rep);