client_pac_entry = samba_kdc_entry_pac(header_pac,
client_skdc_entry,
- samba_kdc_entry_is_trust(client_krbtgt_skdc_entry));
+ client_krbtgt_skdc_entry);
code = samba_kdc_get_user_info_dc(mem_ctx,
context,
device_pac_entry = samba_kdc_entry_pac(device_pac,
device_skdc_entry,
- samba_kdc_entry_is_trust(device_krbtgt_skdc_entry));
+ device_krbtgt_skdc_entry);
code = samba_kdc_get_user_info_dc(mem_ctx,
context,
return samba_kdc_entry_pac(device_pac,
device_skdc_entry,
- samba_kdc_entry_is_trust(device_krbtgt_skdc_entry));
+ device_krbtgt_skdc_entry);
}
client_pac_entry = samba_kdc_entry_pac_from_trusted(old_pac,
client_skdc_entry,
- samba_kdc_entry_is_trust(krbtgt_skdc_entry),
+ krbtgt_skdc_entry,
is_trusted);
code = samba_kdc_verify_pac(tmp_ctx,
#ifdef HAVE_KRB5_PAC_IS_TRUSTED /* Heimdal */
struct samba_kdc_entry_pac samba_kdc_entry_pac(krb5_const_pac pac,
struct samba_kdc_entry *entry,
- bool is_from_trust)
+ const struct samba_kdc_entry *krbtgt)
{
return (struct samba_kdc_entry_pac) {
.entry = entry,
+ .krbtgt = krbtgt,
.pac = pac,
- .is_from_trust = is_from_trust,
};
}
#else /* MIT */
struct samba_kdc_entry_pac samba_kdc_entry_pac_from_trusted(krb5_const_pac pac,
struct samba_kdc_entry *entry,
- bool is_from_trust,
+ const struct samba_kdc_entry *krbtgt,
bool is_trusted)
{
return (struct samba_kdc_entry_pac) {
.entry = entry,
+ .krbtgt = krbtgt,
.pac = pac,
- .is_from_trust = is_from_trust,
.pac_is_trusted = is_trusted,
};
}
static bool samba_kdc_entry_pac_issued_by_trust(const struct samba_kdc_entry_pac entry)
{
- return entry.pac != NULL && entry.is_from_trust;
+ return entry.pac != NULL && samba_kdc_entry_is_trust(entry.krbtgt);
}
NTSTATUS samba_kdc_get_logon_info_blob(TALLOC_CTX *mem_ctx,
struct samba_kdc_entry_pac {
struct samba_kdc_entry *entry;
+ const struct samba_kdc_entry *krbtgt;
krb5_const_pac pac; /* NULL indicates that no PAC is present. */
- bool is_from_trust : 1;
#ifndef HAVE_KRB5_PAC_IS_TRUSTED /* MIT */
bool pac_is_trusted : 1;
#endif /* HAVE_KRB5_PAC_IS_TRUSTED */
#ifdef HAVE_KRB5_PAC_IS_TRUSTED /* Heimdal */
struct samba_kdc_entry_pac samba_kdc_entry_pac(krb5_const_pac pac,
struct samba_kdc_entry *entry,
- bool is_from_trust);
+ const struct samba_kdc_entry *krbtgt_entry);
#else /* MIT */
struct samba_kdc_entry_pac samba_kdc_entry_pac_from_trusted(krb5_const_pac pac,
struct samba_kdc_entry *entry,
- bool is_from_trust,
+ const struct samba_kdc_entry *krbtgt_entry,
bool is_trusted);
#endif /* HAVE_KRB5_PAC_IS_TRUSTED */
device_pac_entry = samba_kdc_entry_pac(device_pac,
device_skdc_entry,
- samba_kdc_entry_is_trust(device_krbtgt_skdc_entry));
+ device_krbtgt_skdc_entry);
ret = samba_kdc_get_user_info_dc(mem_ctx,
context,
krb5_pac_set_trusted(pac, is_trusted);
client_pac_entry = samba_kdc_entry_pac(pac,
client_skdc_entry,
- samba_kdc_entry_is_trust(krbtgt_skdc_entry));
+ krbtgt_skdc_entry);
if (is_s4u2self) {
flags |= SAMBA_KDC_FLAG_PROTOCOL_TRANSITION;
* not have been signed
* or issued by a krbtgt
* trust account. */
- false /* is_from_trust */);
+ NULL /* krbtgt */);
if (client != NULL) {
client_skdc_entry = talloc_get_type_abort(client->context,
client_pac_entry = samba_kdc_entry_pac(*pac,
client_skdc_entry,
- samba_kdc_entry_is_trust(krbtgt_skdc_entry));
+ krbtgt_skdc_entry);
ret = samba_kdc_update_pac(mem_ctx,
context,
projects / thirdparty / samba.git / commitdiff
