s4:kdc/mit_samba: disable mit_samba_check_s4u2proxy()

As mit_samba_update_pac_data() doesn't support adding
S4U_DELEGATION_INFO to the pac (and I have no clue how to add that)
we should disable S4U2Proxy until this is implemented.

metze

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue Jun 28 20:35:19 CEST 2011 on sn-devel-104

diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
index 4905a19d99e3fa9a8677d1edfe39e6462a63cc2c..06ee46eac0243bc8c085038658f42e290d5f1662 100644 (file)
--- a/source4/kdc/mit_samba.c
+++ b/source4/kdc/mit_samba.c
@@ -316,6 +316,14 @@ static int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx,
                                     const char *target_name,
                                     bool is_nt_enterprise_name)
 {
+#if 1
+       /*
+        * This is disabled because mit_samba_update_pac_data() does not handle
+        * S4U_DELEGATION_INFO
+        */
+
+       return KRB5KDC_ERR_BADOPTION;
+#else
        krb5_principal target_principal;
        int flags = 0;
        int ret;
@@ -338,6 +346,7 @@ static int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx,
        krb5_free_principal(ctx->context, target_principal);
 
        return ret;
+#endif
 }
 
 struct mit_samba_function_table mit_samba_function_table = {