#ifdef HAVE_KRB5
-#ifdef HAVE_KRB5_KEYBLOCK_KEYVALUE /* Heimdal */
-#define KRB5_KEY_TYPE(k) ((k)->keytype)
-#define KRB5_KEY_LENGTH(k) ((k)->keyvalue.length)
-#define KRB5_KEY_DATA(k) ((k)->keyvalue.data)
-#define KRB5_KEY_DATA_CAST void
-#else /* MIT */
-#define KRB5_KEY_TYPE(k) ((k)->enctype)
-#define KRB5_KEY_LENGTH(k) ((k)->length)
-#define KRB5_KEY_DATA(k) ((k)->contents)
-#define KRB5_KEY_DATA_CAST krb5_octet
-#endif /* HAVE_KRB5_KEYBLOCK_KEYVALUE */
-
#define GSSAPI_CHECKSUM 0x8003 /* Checksum type value for Kerberos */
#define GSSAPI_BNDLENGTH 16 /* Bind Length (rfc-1964 pg.3) */
#define GSSAPI_CHECKSUM_SIZE (12+GSSAPI_BNDLENGTH)
ccache,
&in_data );
if (retval) {
- DEBUG( 1, ("ads_krb5_get_fwd_ticket failed (%s)\n", error_message( retval ) ) );
- goto cleanup_creds;
- }
-
- if (retval) {
- DEBUG( 1, ("krb5_auth_con_set_req_cksumtype failed (%s)\n",
- error_message( retval ) ) );
- goto cleanup_creds;
+ DEBUG( 3, ("ads_krb5_get_fwd_ticket failed (%s)\n",
+ error_message( retval ) ) );
+
+ /*
+ * This is not fatal. Delete the *auth_context and continue
+ * with krb5_mk_req_extended to get a non-forwardable ticket.
+ */
+
+ if (in_data.data) {
+ free( in_data.data );
+ in_data.data = NULL;
+ in_data.length = 0;
+ }
+ krb5_auth_con_free(context, *auth_context);
+ *auth_context = NULL;
}
-
}
#endif
krb5_error_code ret;
krb5_keytab keytab;
char *name = NULL;
+ krb5_keyblock *keyp;
/* We have to open a new keytab handle here, as MIT does
an implicit open/getnext/close on krb5_kt_get_entry. We
goto out;
}
-#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */
- ret = krb5_copy_keyblock(context, &entry.keyblock, out_key);
-#elif defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) /* MIT */
- ret = krb5_copy_keyblock(context, &entry.key, out_key);
-#else
-#error UNKNOWN_KRB5_KEYTAB_ENTRY_FORMAT
-#endif
+ keyp = KRB5_KT_KEY(&entry);
+ ret = krb5_copy_keyblock(context, keyp, out_key);
if (ret) {
DEBUG(0,("get_key_from_keytab: failed to copy key: %s\n", error_message(ret)));
goto out;
#endif /* HAVE_KRB5_GET_INIT_CREDS_OPT_FREE */
}
- krb5_enctype smb_get_enctype_from_kt_entry(const krb5_keytab_entry *kt_entry)
+ krb5_enctype smb_get_enctype_from_kt_entry(krb5_keytab_entry *kt_entry)
{
-#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */
- return kt_entry->key.enctype;
-#elif defined(HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK) /* Heimdal */
- return kt_entry->keyblock.keytype;
-#else
-#error UNKNOWN_KRB5_KEYTAB_ENTRY_KEYBLOCK_FORMAT
-#endif
+ return KRB5_KEY_TYPE(KRB5_KT_KEY(kt_entry));
}