#define HDB_ERR_NO_MKEY 36150284
#define HDB_ERR_MANDATORY_OPTION 36150285
+#define PAC_LOGON_INFO 1
+
typedef struct hdb_entry_ex {
void *ctx;
hdb_entry entry;
#define KS_GET_NEXTKEY(ks, pptr) \
(ks)->fns->get_nextkey((ks)->ctx, pptr)
-#define KS_GET_PAC(ks, ptr1, ptr2) \
- (ks)->fns->get_pac((ks)->ctx, ptr1, ptr2)
-#define KS_UPDATE_PAC(ks, ptr1, ptr2) \
- (ks)->fns->get_pac((ks)->ctx, ptr1, ptr2)
+#define KS_GET_PAC(ks, cli, ptr) \
+ (ks)->fns->get_pac((ks)->ctx, cli, ptr)
+#define KS_UPDATE_PAC(ks, cli, ptr1, ptr2) \
+ (ks)->fns->update_pac((ks)->ctx, cli, ptr1, ptr2)
#define KS_CLIENT_ACCESS(ks, cli, clin, srv, srvn, nbn, pwc, ptr) \
(ks)->fns->client_access((ks)->ctx, cli, clin, srv, srvn, nbn, pwc, ptr)
data = make_data(pac_data.data, pac_data.length);
- /* FIXME: PAC buffer types are not in a header */
- #define PAC_LOGON_INFO 1
code = krb5_pac_add_buffer(context, *pac, PAC_LOGON_INFO, &data);
if (code != 0) {
goto done;
krb5_pac *pac)
{
struct ks_context *ks = GET_KS_CONTEXT(context);
- hdb_entry_ex *hentry = (hdb_entry_ex *)req->client->e_data;
+ hdb_entry_ex *hentry = NULL;
krb5_authdata **authdata = NULL;
krb5_pac ipac = NULL;
- DATA_BLOB pac_data;
+ DATA_BLOB pac_data = { NULL, 0 };
+ DATA_BLOB logon_data = { NULL, 0 };
krb5_data data;
krb5_error_code code;
int error;
goto done;
}
+ /* check and update PAC */
+ if (req->client) {
+ hentry = (hdb_entry_ex *)req->client->e_data;
+ }
+
pac_data.data = authdata[0]->contents;
pac_data.length = authdata[0]->length;
- error = KS_UPDATE_PAC(ks, hentry, &pac_data);
+ error = KS_UPDATE_PAC(ks, hentry, &pac_data, &logon_data);
code = ks_map_error(error);
if (code != 0) {
goto done;
goto done;
}
- data = make_data(pac_data.data, pac_data.length);
+ data = make_data(logon_data.data, logon_data.length);
- /* FIXME: PAC buffer types are not in a header */
- #define PAC_LOGON_INFO 1
code = krb5_pac_add_buffer(context, *pac, PAC_LOGON_INFO, &data);
if (code != 0) {
goto done;
done:
krb5_free_authdata(context, authdata);
krb5_pac_free(context, ipac);
- free(pac_data.data);
+ free(logon_data.data);
return code;
}
/* windc */
int (*get_pac)(struct mit_samba_context *, hdb_entry_ex *, DATA_BLOB *);
- int (*update_pac)(struct mit_samba_context *, hdb_entry_ex *, DATA_BLOB *);
+ int (*update_pac)(struct mit_samba_context *, hdb_entry_ex *,
+ DATA_BLOB *, DATA_BLOB *);
int (*client_access)(struct mit_samba_context *,
hdb_entry_ex *, const char *,
hdb_entry_ex *, const char *,