return ret;
}
+#ifdef SAMBA4_USES_HEIMDAL /* MIT lacks krb5_get_default_in_tkt_etypes */
/*
* transfer the enctypes from the smb_krb5_context to the gssapi layer
*
return ret;
}
}
+#endif
+#ifdef SAMBA4_USES_HEIMDAL /* MIT lacks GSS_KRB5_CRED_NO_CI_FLAGS_X */
/* don't force GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG */
maj_stat = gss_set_cred_option(&min_stat, &gcc->creds,
(*error_string) = talloc_asprintf(cred, "gss_set_cred_option failed: %s", error_message(ret));
return ret;
}
-
+#endif
cred->client_gss_creds_obtained = cred->ccache_obtained;
talloc_set_destructor(gcc, free_gssapi_creds);
cred->client_gss_creds = gcc;
unix_to_nt_time(&k->service_tkt_lifetime, svc_tkt_lifetime);
unix_to_nt_time(&k->user_tkt_lifetime, usr_tkt_lifetime);
unix_to_nt_time(&k->user_tkt_renewaltime, renewal_lifetime);
+#ifdef SAMBA4_USES_HEIMDAL /* MIT lacks krb5_get_max_time_skew.
+ However in the parent function we basically just did a full
+ krb5_context init with the only purpose of getting a global
+ config option (the max skew), it would probably make more sense
+ to have a lp_ or ldb global option as the samba default */
if (smb_krb5_context) {
unix_to_nt_time(&k->clock_skew,
krb5_get_max_time_skew(smb_krb5_context->krb5_context));
}
+#endif
k->reserved = 0;
}
/*
git.samba.org / mat / samba.git / commitdiff