s4:kdc: Pass claims and device info into samba_kdc_check_s4u2proxy_rbcd()

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index f8535fade87a9236e7297f9c31b0b866a604e867..89de751f616d48162a6823833136b87cc3903f34 100644 (file)
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -3375,6 +3375,8 @@ krb5_error_code samba_kdc_check_s4u2proxy_rbcd(
                krb5_const_principal client_principal,
                krb5_const_principal server_principal,
                const struct auth_user_info_dc *user_info_dc,
+               const struct auth_user_info_dc *device_info_dc,
+               const struct auth_claims auth_claims,
                struct samba_kdc_entry *proxy_skdc_entry)
 {
        krb5_error_code code;
@@ -3460,8 +3462,8 @@ krb5_error_code samba_kdc_check_s4u2proxy_rbcd(
                                                 kdc_db_ctx->lp_ctx,
                                                 kdc_db_ctx->samdb,
                                                 user_info_dc,
-                                                NULL /*device_info_dc */,
-                                                (struct auth_claims) {},
+                                                device_info_dc,
+                                                auth_claims,
                                                 session_info_flags,
                                                 &security_token);
        if (!NT_STATUS_IS_OK(nt_status)) {

diff --git a/source4/kdc/db-glue.h b/source4/kdc/db-glue.h
index b570029f5734d7246f864a3b928e9fe4621d3b20..fb74726b40c08548cc08339e1eb7b5427063404c 100644 (file)
--- a/source4/kdc/db-glue.h
+++ b/source4/kdc/db-glue.h
@@ -96,6 +96,8 @@ krb5_error_code samba_kdc_check_s4u2proxy_rbcd(
                krb5_const_principal client_principal,
                krb5_const_principal server_principal,
                const struct auth_user_info_dc *user_info_dc,
+               const struct auth_user_info_dc *device_info_dc,
+               const struct auth_claims auth_claims,
                struct samba_kdc_entry *proxy_skdc_entry);
 
 NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_context *base_ctx,

diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index eea4fd90b8ed7a62ffdd72ba204d6ce22512d0a4..48151c582d6295ce25c34e72c7b741f507222dfb 100644 (file)
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -370,6 +370,8 @@ hdb_samba4_check_rbcd(krb5_context context, HDB *db,
                                              client->principal,
                                              server_principal,
                                              client_info,
+                                             NULL /* device_info_dc */,
+                                             (struct auth_claims) {},
                                              proxy_skdc_entry);
 out:
        talloc_free(mem_ctx);

diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
index a3904a4d75d11d4ad453ef53f86cf979e41ea8d2..2da054cb84e078d66505a62542219ff823843aa7 100644 (file)
--- a/source4/kdc/mit_samba.c
+++ b/source4/kdc/mit_samba.c
@@ -863,6 +863,8 @@ krb5_error_code mit_samba_check_allowed_to_delegate_from(
                                              client_principal,
                                              server_principal,
                                              user_info_dc,
+                                             NULL /* device_info_dc */,
+                                             (struct auth_claims) {},
                                              proxy_skdc_entry);
 out:
        talloc_free(mem_ctx);