diff options
author | Stefan Metzmacher <metze@samba.org> | 2005-07-05 10:57:39 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:19:16 -0500 |
commit | f1031746e51268d64559b9eb3ab1affbc436af00 (patch) | |
tree | 112f7a241887d4f040953dc969b7213472a24144 /source4/auth/kerberos | |
parent | 1f01bafd44dea9dd497f67fe4c50790d4c21256f (diff) | |
download | samba-f1031746e51268d64559b9eb3ab1affbc436af00.tar.gz samba-f1031746e51268d64559b9eb3ab1affbc436af00.tar.xz samba-f1031746e51268d64559b9eb3ab1affbc436af00.zip |
r8164: - match the ordering w2k3 uses for the PAC_BUFFER:
LOGON_INFO
LOGON_NAME
SRV_CHECKSUM
KDC_CHECKSUM
- w2k3 also don't use the groupmembership array with rids
it uses the othersids array
metze
(This used to be commit 2286fad27d749ebba14f5448f1f635bb36750c9c)
Diffstat (limited to 'source4/auth/kerberos')
-rw-r--r-- | source4/auth/kerberos/kerberos_pac.c | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c index c659db064b..b0844187e5 100644 --- a/source4/auth/kerberos/kerberos_pac.c +++ b/source4/auth/kerberos/kerberos_pac.c @@ -230,7 +230,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, DATA_BLOB server_checksum_blob; krb5_error_code ret; struct PAC_DATA *pac_data = talloc(mem_ctx, struct PAC_DATA); - struct netr_SamBaseInfo *sam; + struct netr_SamInfo3 *sam3; struct timeval tv = timeval_current(); union PAC_INFO *u_LOGON_INFO; struct PAC_LOGON_INFO *LOGON_INFO; @@ -244,8 +244,8 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, enum { PAC_BUF_LOGON_INFO = 0, PAC_BUF_LOGON_NAME = 1, - PAC_BUF_KDC_CHECKSUM = 2, - PAC_BUF_SRV_CHECKSUM = 3, + PAC_BUF_SRV_CHECKSUM = 2, + PAC_BUF_KDC_CHECKSUM = 3, PAC_BUF_NUM_BUFFERS = 4 }; @@ -283,16 +283,6 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, pac_data->buffers[PAC_BUF_LOGON_NAME].info = u_LOGON_NAME; LOGON_NAME = &u_LOGON_NAME->logon_name; - /* KDC_CHECKSUM */ - u_KDC_CHECKSUM = talloc_zero(pac_data->buffers, union PAC_INFO); - if (!u_KDC_CHECKSUM) { - talloc_free(pac_data); - return ENOMEM; - } - pac_data->buffers[PAC_BUF_KDC_CHECKSUM].type = PAC_TYPE_KDC_CHECKSUM; - pac_data->buffers[PAC_BUF_KDC_CHECKSUM].info = u_KDC_CHECKSUM; - KDC_CHECKSUM = &u_KDC_CHECKSUM->kdc_cksum; - /* SRV_CHECKSUM */ u_SRV_CHECKSUM = talloc_zero(pac_data->buffers, union PAC_INFO); if (!u_SRV_CHECKSUM) { @@ -303,6 +293,16 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, pac_data->buffers[PAC_BUF_SRV_CHECKSUM].info = u_SRV_CHECKSUM; SRV_CHECKSUM = &u_SRV_CHECKSUM->srv_cksum; + /* KDC_CHECKSUM */ + u_KDC_CHECKSUM = talloc_zero(pac_data->buffers, union PAC_INFO); + if (!u_KDC_CHECKSUM) { + talloc_free(pac_data); + return ENOMEM; + } + pac_data->buffers[PAC_BUF_KDC_CHECKSUM].type = PAC_TYPE_KDC_CHECKSUM; + pac_data->buffers[PAC_BUF_KDC_CHECKSUM].info = u_KDC_CHECKSUM; + KDC_CHECKSUM = &u_KDC_CHECKSUM->kdc_cksum; + /* now the real work begins... */ LOGON_INFO = talloc_zero(u_LOGON_INFO, struct PAC_LOGON_INFO); @@ -310,7 +310,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, talloc_free(pac_data); return ENOMEM; } - nt_status = auth_convert_server_info_sambaseinfo(LOGON_INFO, server_info, &sam); + nt_status = auth_convert_server_info_saminfo3(LOGON_INFO, server_info, &sam3); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(1, ("Getting Samba info failed: %s\n", nt_errstr(nt_status))); talloc_free(pac_data); @@ -318,7 +318,8 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, } u_LOGON_INFO->logon_info.info = LOGON_INFO; - LOGON_INFO->info3.base = *sam; + LOGON_INFO->info3 = *sam3; + LOGON_INFO->info3.base.last_logon = timeval_to_nttime(&tv); LOGON_NAME->account_name = server_info->account_name; LOGON_NAME->logon_time = timeval_to_nttime(&tv); |