The Samba-Bugzilla – Attachment 8463 Details for
Bug 9581
Samba4 running under a kerberos only realm (not AD) fails to authenticate
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch by Andrew
0001-gensec-Allow-login-without-a-PAC-by-default.patch (text/plain), 1.09 KB, created by
Kyle Brantley
on 2013-01-22 04:13:03 UTC
(
hide
)
Description:
proposed patch by Andrew
Filename:
MIME Type:
Creator:
Kyle Brantley
Created:
2013-01-22 04:13:03 UTC
Size:
1.09 KB
patch
obsolete
>From c4675579b4f42c1e05de7ae5741c5cd941039822 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Tue, 22 Jan 2013 14:45:14 +1100 >Subject: [PATCH] gensec: Allow login without a PAC by default > >The sense of this test was inverted. We only want to take the ACCESS_DENIED error >if gensec:require_pac=true. > >Andrew Bartlett >--- > auth/gensec/gensec_util.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > >diff --git a/auth/gensec/gensec_util.c b/auth/gensec/gensec_util.c >index d732213..64952b1 100644 >--- a/auth/gensec/gensec_util.c >+++ b/auth/gensec/gensec_util.c >@@ -42,7 +42,7 @@ NTSTATUS gensec_generate_session_info_pac(TALLOC_CTX *mem_ctx, > session_info_flags |= AUTH_SESSION_INFO_DEFAULT_GROUPS; > > if (!pac_blob) { >- if (!gensec_setting_bool(gensec_security->settings, "gensec", "require_pac", false)) { >+ if (gensec_setting_bool(gensec_security->settings, "gensec", "require_pac", false)) { > DEBUG(1, ("Unable to find PAC in ticket from %s, failing to allow access\n", > principal_string)); > return NT_STATUS_ACCESS_DENIED; >-- >1.7.11.7 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=8463">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 9581
:
8462
|
8463
|
8499