krbtgt_skdc_entry->kdc_db_ctx->samdb,
krbtgt_skdc_entry->kdc_db_ctx->lp_ctx,
flags,
+ krbtgt_skdc_entry,
client_skdc_entry,
server->princ,
server_skdc_entry,
delegated_proxy_principal,
delegated_proxy_entry,
NULL /* delegated_proxy_pac */,
+ NULL /* device_krbtgt */,
NULL /* device */,
NULL /* device_pac */,
*pac,
krbtgt_skdc_entry->kdc_db_ctx->samdb,
krbtgt_skdc_entry->kdc_db_ctx->lp_ctx,
flags,
+ krbtgt_skdc_entry,
client_skdc_entry,
server->princ,
server_skdc_entry,
NULL /* delegated_proxy_principal */,
NULL /* delegated_proxy */,
NULL /* delegated_proxy_pac */,
+ NULL /* device_krbtgt */,
NULL /* device */,
NULL /* device_pac */,
old_pac,
*
* @param client The client samba kdc entry.
*
+ * @param client_krbtgt The krbtgt samba kdc entry that verified the client
+ *
* @param server_principal The server principal
*
* @param server The server samba kdc entry.
* @param device The computer's samba kdc entry; used for compound
* authentication.
*
+ * @param device_krbtgt The krbtgt samba kdc entry that verified the device
+ *
* @param device_pac The PAC from the computer's TGT; used
* for compound authentication.
*
struct ldb_context *samdb,
struct loadparm_context *lp_ctx,
uint32_t flags,
+ const struct samba_kdc_entry *client_krbtgt,
struct samba_kdc_entry *client,
const krb5_const_principal server_principal,
const struct samba_kdc_entry *server,
const krb5_const_principal delegated_proxy_principal,
struct samba_kdc_entry *delegated_proxy,
const krb5_const_pac delegated_proxy_pac,
+ const struct samba_kdc_entry *device_krbtgt,
struct samba_kdc_entry *device,
const krb5_const_pac device_pac,
const krb5_const_pac old_pac,
struct ldb_context *samdb,
struct loadparm_context *lp_ctx,
uint32_t flags,
+ const struct samba_kdc_entry *client_krbtgt,
struct samba_kdc_entry *client,
const krb5_const_principal server_principal,
const struct samba_kdc_entry *server,
const krb5_const_principal delegated_proxy_principal,
struct samba_kdc_entry *delegated_proxy,
const krb5_const_pac delegated_proxy_pac,
+ const struct samba_kdc_entry *device_krbtgt,
struct samba_kdc_entry *device,
const krb5_const_pac device_pac,
const krb5_const_pac old_pac,
talloc_get_type_abort(server->context, struct samba_kdc_entry);
const struct samba_kdc_entry *krbtgt_skdc_entry =
talloc_get_type_abort(krbtgt->context, struct samba_kdc_entry);
+ const struct samba_kdc_entry *client_krbtgt_skdc_entry = krbtgt_skdc_entry;
+ const struct samba_kdc_entry *device_krbtgt_skdc_entry = NULL;
TALLOC_CTX *mem_ctx = NULL;
krb5_pac new_pac = NULL;
struct authn_audit_info *server_audit_info = NULL;
}
if (device != NULL) {
+ const hdb_entry *device_krbtgt = NULL;
+
device_skdc_entry = talloc_get_type_abort(device->context,
struct samba_kdc_entry);
+
+ device_krbtgt = kdc_request_get_explicit_armor_server(r);
+ device_krbtgt_skdc_entry = talloc_get_type_abort(device_krbtgt->context,
+ struct samba_kdc_entry);
}
ret = krb5_pac_init(context, &new_pac);
krbtgt_skdc_entry->kdc_db_ctx->samdb,
krbtgt_skdc_entry->kdc_db_ctx->lp_ctx,
flags,
+ client_krbtgt_skdc_entry,
client_skdc_entry,
server->principal,
server_skdc_entry,
delegated_proxy_principal,
delegated_proxy_skdc_entry,
delegated_proxy_pac,
+ device_krbtgt_skdc_entry,
device_skdc_entry,
device_pac,
*pac,
projects / thirdparty / samba.git / commitdiff
