From 96cd2d34ff47b9abbb8e6b712230b6439d8993c3 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 17 Mar 2006 13:57:00 +0000 Subject: [PATCH] r14512: Guenther, This code breaks winbind with MIT krb1.3. I'm disabling it for now until we have en effective means of dealing with the ticket request flags for users and computers. --- source/libads/kerberos.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/source/libads/kerberos.c b/source/libads/kerberos.c index c82310dd084..17e350d7548 100644 --- a/source/libads/kerberos.c +++ b/source/libads/kerberos.c @@ -72,7 +72,9 @@ int kerberos_kinit_password(const char *principal, krb5_ccache cc = NULL; krb5_principal me; krb5_creds my_creds; +#if 0 krb5_get_init_creds_opt opt; +#endif initialize_krb5_error_table(); if ((code = krb5_init_context(&ctx))) @@ -95,9 +97,12 @@ int kerberos_kinit_password(const char *principal, return code; } +#if 0 /* This code causes problems with MIT krb5 1.3 when asking for a + TGT for the machine account */ krb5_get_init_creds_opt_init(&opt); krb5_get_init_creds_opt_set_renew_life(&opt, renewable_time); krb5_get_init_creds_opt_set_forwardable(&opt, 1); +#endif if (request_pac) { #ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST @@ -105,9 +110,14 @@ int kerberos_kinit_password(const char *principal, #endif } +#if 0 if ((code = krb5_get_init_creds_password(ctx, &my_creds, me, CONST_DISCARD(char *,password), - kerb_prompter, - NULL, 0, NULL, &opt))) { + kerb_prompter, NULL, 0, NULL, &opt))) +#else + if ((code = krb5_get_init_creds_password(ctx, &my_creds, me, CONST_DISCARD(char *,password), + kerb_prompter, NULL, 0, NULL, NULL))) +#endif + { krb5_free_principal(ctx, me); krb5_free_context(ctx); return code; -- 2.11.4.GIT