{
TALLOC_CTX *tmp_ctx;
struct PAC_DATA *pac_data = NULL;
+ struct PAC_DATA_CTR *pac_data_ctr = NULL;
NTSTATUS status = NT_STATUS_INTERNAL_ERROR;
tmp_ctx = talloc_new(mem_ctx);
}
}
- talloc_set_name_const(pac_data, "struct PAC_DATA");
+ pac_data_ctr = talloc(mem_ctx, struct PAC_DATA_CTR);
+ if (pac_data_ctr == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ talloc_set_name_const(pac_data_ctr, "struct PAC_DATA_CTR");
+
+ pac_data_ctr->pac_data = talloc_steal(pac_data_ctr, pac_data);
+ pac_data_ctr->pac_blob = data_blob_talloc(pac_data_ctr,
+ pac_blob->data,
+ pac_blob->length);
+
+ auth_ctx->private_data = talloc_steal(auth_ctx, pac_data_ctr);
- auth_ctx->private_data = talloc_steal(auth_ctx, pac_data);
*session_info = talloc_zero(mem_ctx, struct auth_session_info);
if (!*session_info) {
status = NT_STATUS_NO_MEMORY;
time_t renewable_time,
const char *impersonate_princ_s,
const char *local_service,
- struct PAC_DATA **_pac_data)
+ struct PAC_DATA_CTR **_pac_data_ctr)
{
krb5_error_code ret;
NTSTATUS status = NT_STATUS_INVALID_PARAMETER;
size_t idx = 0;
struct auth4_context *auth_context;
struct loadparm_context *lp_ctx;
- struct PAC_DATA *pac_data = NULL;
+ struct PAC_DATA_CTR *pac_data_ctr = NULL;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
goto out;
}
- pac_data = talloc_get_type_abort(gensec_server_context->auth_context->private_data,
- struct PAC_DATA);
- if (pac_data == NULL) {
+ pac_data_ctr = talloc_get_type_abort(gensec_server_context->auth_context->private_data,
+ struct PAC_DATA_CTR);
+ if (pac_data_ctr == NULL) {
DEBUG(1,("no PAC\n"));
status = NT_STATUS_INVALID_PARAMETER;
goto out;
}
- *_pac_data = talloc_move(mem_ctx, &pac_data);
+ *_pac_data_ctr = talloc_move(mem_ctx, &pac_data_ctr);
out:
talloc_free(tmp_ctx);
struct PAC_DATA;
+struct PAC_DATA_CTR {
+ DATA_BLOB pac_blob;
+ struct PAC_DATA *pac_data;
+};
+
#include "libads/ads_status.h"
/* The following definitions come from libads/kerberos.c */
time_t renewable_time,
const char *impersonate_princ_s,
const char *local_service,
- struct PAC_DATA **pac_data);
+ struct PAC_DATA_CTR **pac_data_ctr);
/* The following definitions come from libads/krb5_setpw.c */
{
struct PAC_LOGON_INFO *info = NULL;
struct PAC_DATA *pac_data = NULL;
+ struct PAC_DATA_CTR *pac_data_ctr = NULL;
TALLOC_CTX *mem_ctx = NULL;
NTSTATUS status;
int ret = -1;
2592000, /* one month */
impersonate_princ_s,
local_service,
- &pac_data);
+ &pac_data_ctr);
if (!NT_STATUS_IS_OK(status)) {
d_printf(_("failed to query kerberos PAC: %s\n"),
nt_errstr(status));
goto out;
}
+ pac_data = pac_data_ctr->pac_data;
+
for (i=0; i < pac_data->num_buffers; i++) {
if (pac_data->buffers[i].type != PAC_TYPE_LOGON_INFO) {
const char *user_ccache_file;
struct PAC_LOGON_INFO *logon_info = NULL;
struct PAC_DATA *pac_data = NULL;
+ struct PAC_DATA_CTR *pac_data_ctr = NULL;
const char *local_service;
int i;
WINBINDD_PAM_AUTH_KRB5_RENEW_TIME,
NULL,
local_service,
- &pac_data);
+ &pac_data_ctr);
if (user_ccache_file != NULL) {
gain_root_privilege();
}
goto failed;
}
+ if (pac_data_ctr == NULL) {
+ goto failed;
+ }
+
+ pac_data = pac_data_ctr->pac_data;
if (pac_data == NULL) {
goto failed;
}