bool add_netbios_addr,
time_t renewable_time,
const char *impersonate_princ_s,
+ const char *local_service,
struct PAC_LOGON_INFO **_logon_info)
{
krb5_error_code ret;
NTSTATUS status = NT_STATUS_INVALID_PARAMETER;
DATA_BLOB tkt, tkt_wrapped, ap_rep, sesskey1;
const char *auth_princ = NULL;
- const char *local_service = NULL;
const char *cc = "MEMORY:kerberos_return_pac";
struct auth_session_info *session_info;
struct gensec_security *gensec_server_context;
}
NT_STATUS_HAVE_NO_MEMORY(auth_princ);
- local_service = talloc_asprintf(mem_ctx, "%s$@%s",
- lp_netbios_name(), lp_realm());
- NT_STATUS_HAVE_NO_MEMORY(local_service);
-
ret = kerberos_kinit_password_ext(auth_princ,
pass,
time_offset,
bool add_netbios_addr,
time_t renewable_time,
const char *impersonate_princ_s,
+ const char *local_service,
struct PAC_LOGON_INFO **logon_info);
/* The following definitions come from libads/krb5_setpw.c */
NTSTATUS status;
int ret = -1;
const char *impersonate_princ_s = NULL;
+ const char *local_service = NULL;
if (c->display_usage) {
d_printf( "%s\n"
impersonate_princ_s = argv[0];
}
+ local_service = talloc_asprintf(mem_ctx, "%s$@%s",
+ lp_netbios_name(), lp_realm());
+ if (local_service == NULL) {
+ goto out;
+ }
+
c->opt_password = net_prompt_pass(c, c->opt_user_name);
status = kerberos_return_pac(mem_ctx,
true,
2592000, /* one month */
impersonate_princ_s,
+ local_service,
&info);
if (!NT_STATUS_IS_OK(status)) {
d_printf(_("failed to query kerberos PAC: %s\n"),
time_t time_offset = 0;
const char *user_ccache_file;
struct PAC_LOGON_INFO *logon_info = NULL;
+ const char *local_service;
*info3 = NULL;
return NT_STATUS_NO_MEMORY;
}
+ local_service = talloc_asprintf(mem_ctx, "%s$@%s",
+ lp_netbios_name(), lp_realm());
+ if (local_service == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+
/* if this is a user ccache, we need to act as the user to let the krb5
* library handle the chown, etc. */
true,
WINBINDD_PAM_AUTH_KRB5_RENEW_TIME,
NULL,
+ local_service,
&logon_info);
if (user_ccache_file != NULL) {
gain_root_privilege();