NTSTATUS nt_status;
krb5_pac pac = NULL;
int ret;
+ struct samba_kdc_entry *skdc_entry = NULL;
+
+ if (client) {
+ skdc_entry = talloc_get_type_abort(client->ctx,
+ struct samba_kdc_entry);
+ }
/* The user account may be set not to want the PAC */
- if (client && !samba_princ_needs_pac(client)) {
+ if (client && !samba_princ_needs_pac(skdc_entry)) {
return EINVAL;
}
return ret;
}
-bool samba_princ_needs_pac(struct hdb_entry_ex *princ)
+bool samba_princ_needs_pac(struct samba_kdc_entry *skdc_entry)
{
- struct samba_kdc_entry *p = talloc_get_type(princ->ctx, struct samba_kdc_entry);
uint32_t userAccountControl;
-
/* The service account may be set not to want the PAC */
- userAccountControl = ldb_msg_find_attr_as_uint(p->msg, "userAccountControl", 0);
+ userAccountControl = ldb_msg_find_attr_as_uint(skdc_entry->msg, "userAccountControl", 0);
if (userAccountControl & UF_NO_AUTH_DATA_REQUIRED) {
return false;
}
NTSTATUS nt_status;
/* The user account may be set not to want the PAC */
- if ( ! samba_princ_needs_pac(client)) {
+ if ( ! samba_princ_needs_pac(p)) {
*_pac_blob = NULL;
return NT_STATUS_OK;
}
DATA_BLOB *deleg_blob,
krb5_pac *pac);
-bool samba_princ_needs_pac(struct hdb_entry_ex *princ);
+bool samba_princ_needs_pac(struct samba_kdc_entry *skdc_entry);
int samba_krbtgt_is_in_db(struct hdb_entry_ex *princ, bool *is_in_db, bool *is_untrusted);