git.samba.org / metze / samba / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 48738b2)
s3:net_ads: use cli_credentials_get_principal() in order to call kerberos functions
authorStefan Metzmacher <metze@samba.org>
Thu, 7 Mar 2024 13:55:09 +0000 (14:55 +0100)
committerStefan Metzmacher <metze@samba.org>
Wed, 8 May 2024 08:17:06 +0000 (10:17 +0200)
This is better than the value from cli_credentials_get_username()...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
source3/utils/net_ads.c patch | blob | history

diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 176438bb9f25e3014c598c0c024b8165937e63b6..0500174dd5f4fc20cd3e43154b5810001bb8e294 100644 (file)
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -3149,6 +3149,7 @@ static int net_ads_kerberos_pac_common(struct net_context *c, int argc, const ch
        int ret = -1;
        const char *impersonate_princ_s = NULL;
        const char *local_service = NULL;
+       const char *principal = NULL;
        const char *password = NULL;
        int i;
 
@@ -3175,10 +3176,15 @@ static int net_ads_kerberos_pac_common(struct net_context *c, int argc, const ch
                }
        }
 
+       principal = cli_credentials_get_principal(c->creds, c);
+       if (principal == NULL) {
+               d_printf("cli_credentials_get_principal() failed\n");
+               goto out;
+       }
        password = cli_credentials_get_password(c->creds);
 
        status = kerberos_return_pac(c,
-                                    c->opt_user_name,
+                                    principal,
                                     password,
                                     0,
                                     NULL,
@@ -3340,6 +3346,7 @@ static int net_ads_kerberos_kinit(struct net_context *c, int argc, const char **
 {
        int ret = -1;
        NTSTATUS status;
+       const char *principal = NULL;
        const char *password = NULL;
 
        if (c->display_usage) {
@@ -3351,9 +3358,14 @@ static int net_ads_kerberos_kinit(struct net_context *c, int argc, const char **
                return -1;
        }
 
+       principal = cli_credentials_get_principal(c->creds, c);
+       if (principal == NULL) {
+               d_printf("cli_credentials_get_principal() failed\n");
+               return -1;
+       }
        password = cli_credentials_get_password(c->creds);
 
-       ret = kerberos_kinit_password_ext(c->opt_user_name,
+       ret = kerberos_kinit_password_ext(principal,
                                          password,
                                          0,
                                          NULL,
Work in progress branches