Set the heimdal always_include_pac configuration flag, based on the samba
kdc always include pac option
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Thu Nov 13 23:12:55 UTC 2025 on atb-devel-224
+++ /dev/null
-^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_renew_pac_request_false.*ad_dc
-^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_request_no_pac.*ad_dc
-^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_tgs_pac_request_false.*ad_dc
-^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_user2user_user_pac_request_false.*ad_dc
-^samba.tests.krb5.kdc_tgs_tests.samba.tests.krb5.kdc_tgs_tests.KdcTgsTests.test_validate_pac_request_false.*ad_dc
-^samba.tests.krb5.fast_tests.samba.tests.krb5.fast_tests.FAST_Tests.test_simple_as_req_self_pac_request_false
#include "../lib/util/util_tdb.h"
#include <krb5/send_to_kdc_plugin.h>
#endif
+#ifdef USING_EMBEDDED_HEIMDAL
+#include <krb5_locl.h>
+#endif
/*
context structure for operations on cldap packets
}
krb5_set_warn_dest(kctx, logf);
#endif
+#ifdef USING_EMBEDDED_HEIMDAL
+ /*
+ * The KRB5_CTX_F_ALWAYS_INCLUDE_PAC flag is a Samba extension to
+ * Heimdal and is only available in the embedded heimdal
+ */
+ if (lpcfg_kdc_always_include_pac(lp_ctx)) {
+ kctx->flags |= KRB5_CTX_F_ALWAYS_INCLUDE_PAC;
+ }
+#endif
+
talloc_steal(parent_ctx, *smb_krb5_context);
talloc_free(tmp_ctx);
projects / thirdparty / samba.git / commitdiff
