s4-kdc: pass down only a samba_kdc_entry to samba_krbtgt_is_in_db().
authorGünther Deschner <gd@samba.org>
Fri, 9 May 2014 22:49:44 +0000 (00:49 +0200)
committerGünther Deschner <gd@samba.org>
Fri, 27 Mar 2015 00:26:16 +0000 (01:26 +0100)
Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source4/kdc/pac-glue.c
source4/kdc/pac-glue.h
source4/kdc/wdc-samba4.c

index 31ad506a592cbbb3be90c0f4d108ce1e03085cb3..e6794a768c2b85b76f9192d8d728ff846f7d82b6 100644 (file)
@@ -150,10 +150,11 @@ bool samba_princ_needs_pac(struct samba_kdc_entry *skdc_entry)
 }
 
 /* Was the krbtgt in this DB (ie, should we check the incoming signature) and was it an RODC */
-int samba_krbtgt_is_in_db(struct hdb_entry_ex *princ, bool *is_in_db, bool *is_untrusted)
+int samba_krbtgt_is_in_db(struct samba_kdc_entry *p,
+                         bool *is_in_db,
+                         bool *is_untrusted)
 {
        NTSTATUS status;
-       struct samba_kdc_entry *p = talloc_get_type(princ->ctx, struct samba_kdc_entry);
        int rodc_krbtgt_number, trust_direction;
        uint32_t rid;
 
index e7cba71cc02aa05ea0cb51d70820c552c16be82c..22b50dc69bb96c0dea27f6d3e16a1bab51264765 100644 (file)
@@ -28,7 +28,9 @@ krb5_error_code samba_make_krb5_pac(krb5_context context,
 
 bool samba_princ_needs_pac(struct samba_kdc_entry *skdc_entry);
 
-int samba_krbtgt_is_in_db(struct hdb_entry_ex *princ, bool *is_in_db, bool *is_untrusted);
+int samba_krbtgt_is_in_db(struct samba_kdc_entry *skdc_entry,
+                         bool *is_in_db,
+                         bool *is_untrusted);
 
 NTSTATUS samba_kdc_get_pac_blob(TALLOC_CTX *mem_ctx,
                                struct samba_kdc_entry *skdc_entry,
index 9bd0422c7f26f1603bad232edac5733585002acd..b8929e6047ac7084a1aef8e3bea49c2bc6617090 100644 (file)
@@ -68,6 +68,9 @@ static krb5_error_code samba_wdc_reget_pac(void *priv, krb5_context context,
        struct samba_kdc_entry *p =
                talloc_get_type_abort(server->ctx,
                struct samba_kdc_entry);
+       struct samba_kdc_entry *krbtgt_skdc_entry =
+               talloc_get_type_abort(krbtgt->ctx,
+               struct samba_kdc_entry);
        TALLOC_CTX *mem_ctx = talloc_named(p, 0, "samba_kdc_reget_pac context");
        DATA_BLOB *pac_blob;
        DATA_BLOB *deleg_blob = NULL;
@@ -90,7 +93,7 @@ static krb5_error_code samba_wdc_reget_pac(void *priv, krb5_context context,
        /* If the krbtgt was generated by an RODC, and we are not that
         * RODC, then we need to regenerate the PAC - we can't trust
         * it */
-       ret = samba_krbtgt_is_in_db(krbtgt, &is_in_db, &is_untrusted);
+       ret = samba_krbtgt_is_in_db(krbtgt_skdc_entry, &is_in_db, &is_untrusted);
        if (ret != 0) {
                talloc_free(mem_ctx);
                return ret;