Context Navigation

source: trunk-3.0/source/libads/kerberos.c@ 101

Visit:

Last change on this file since 101 was 71, checked in by Paul Smedley, 18 years ago
Update source to 3.0.26a
File size: 19.8 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3	kerberos utility library
4	Copyright (C) Andrew Tridgell 2001
5	Copyright (C) Remus Koos 2001
6	Copyright (C) Nalin Dahyabhai <nalin@redhat.com> 2004.
7	Copyright (C) Jeremy Allison 2004.
8	Copyright (C) Gerald Carter 2006.
9
10	This program is free software; you can redistribute it and/or modify
11	it under the terms of the GNU General Public License as published by
12	the Free Software Foundation; either version 2 of the License, or
13	(at your option) any later version.
14
15	This program is distributed in the hope that it will be useful,
16	but WITHOUT ANY WARRANTY; without even the implied warranty of
17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18	GNU General Public License for more details.
19
20	You should have received a copy of the GNU General Public License
21	along with this program; if not, write to the Free Software
22	Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23	*/
24
25	#include "includes.h"
26
27	#ifdef HAVE_KRB5
28
29	#define LIBADS_CCACHE_NAME "MEMORY:libads"
30
31	/*
32	we use a prompter to avoid a crash bug in the kerberos libs when
33	dealing with empty passwords
34	this prompter is just a string copy ...
35	*/
36	static krb5_error_code
37	kerb_prompter(krb5_context ctx, void *data,
38	const char *name,
39	const char *banner,
40	int num_prompts,
41	krb5_prompt prompts[])
42	{
43	if (num_prompts == 0) return 0;
44
45	memset(prompts[0].reply->data, '\0', prompts[0].reply->length);
46	if (prompts[0].reply->length > 0) {
47	if (data) {
48	strncpy(prompts[0].reply->data, (const char *)data,
49	prompts[0].reply->length-1);
50	prompts[0].reply->length = strlen(prompts[0].reply->data);
51	} else {
52	prompts[0].reply->length = 0;
53	}
54	}
55	return 0;
56	}
57
58	/*
59	simulate a kinit, putting the tgt in the given cache location. If cache_name == NULL
60	place in default cache location.
61	remus@snapserver.com
62	*/
63	int kerberos_kinit_password_ext(const char *principal,
64	const char *password,
65	int time_offset,
66	time_t *expire_time,
67	time_t *renew_till_time,
68	const char *cache_name,
69	BOOL request_pac,
70	BOOL add_netbios_addr,
71	time_t renewable_time)
72	{
73	krb5_context ctx = NULL;
74	krb5_error_code code = 0;
75	krb5_ccache cc = NULL;
76	krb5_principal me;
77	krb5_creds my_creds;
78	krb5_get_init_creds_opt *opt = NULL;
79	smb_krb5_addresses *addr = NULL;
80
81	initialize_krb5_error_table();
82	if ((code = krb5_init_context(&ctx)))
83	return code;
84
85	if (time_offset != 0) {
86	krb5_set_real_time(ctx, time(NULL) + time_offset, 0);
87	}
88
89	DEBUG(10,("kerberos_kinit_password: using [%s] as ccache and config [%s]\n",
90	cache_name ? cache_name: krb5_cc_default_name(ctx),
91	getenv("KRB5_CONFIG")));
92
93	if ((code = krb5_cc_resolve(ctx, cache_name ? cache_name : krb5_cc_default_name(ctx), &cc))) {
94	krb5_free_context(ctx);
95	return code;
96	}
97
98	if ((code = smb_krb5_parse_name(ctx, principal, &me))) {
99	krb5_cc_close(ctx, cc);
100	krb5_free_context(ctx);
101	return code;
102	}
103
104	code = smb_krb5_get_init_creds_opt_alloc(ctx, &opt);
105	if (code) {
106	krb5_cc_close(ctx, cc);
107	krb5_free_context(ctx);
108	return code;
109	}
110
111	krb5_get_init_creds_opt_set_renew_life(opt, renewable_time);
112	krb5_get_init_creds_opt_set_forwardable(opt, True);
113	#if 0
114	/* insane testing */
115	krb5_get_init_creds_opt_set_tkt_life(opt, 60);
116	#endif
117
118	#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PAC_REQUEST
119	if (request_pac) {
120	code = krb5_get_init_creds_opt_set_pac_request(ctx, opt, (krb5_boolean)request_pac);
121	if (code) {
122	krb5_cc_close(ctx, cc);
123	krb5_free_principal(ctx, me);
124	krb5_free_context(ctx);
125	return code;
126	}
127	}
128	#endif
129	if (add_netbios_addr) {
130	code = smb_krb5_gen_netbios_krb5_address(&addr);
131	if (code) {
132	krb5_cc_close(ctx, cc);
133	krb5_free_principal(ctx, me);
134	krb5_free_context(ctx);
135	return code;
136	}
137	krb5_get_init_creds_opt_set_address_list(opt, addr->addrs);
138	}
139
140	if ((code = krb5_get_init_creds_password(ctx, &my_creds, me, CONST_DISCARD(char *,password),
141	kerb_prompter, CONST_DISCARD(char *,password),
142	0, NULL, opt)))
143	{
144	smb_krb5_get_init_creds_opt_free(ctx, opt);
145	smb_krb5_free_addresses(ctx, addr);
146	krb5_cc_close(ctx, cc);
147	krb5_free_principal(ctx, me);
148	krb5_free_context(ctx);
149	return code;
150	}
151
152	smb_krb5_get_init_creds_opt_free(ctx, opt);
153
154	if ((code = krb5_cc_initialize(ctx, cc, me))) {
155	smb_krb5_free_addresses(ctx, addr);
156	krb5_free_cred_contents(ctx, &my_creds);
157	krb5_cc_close(ctx, cc);
158	krb5_free_principal(ctx, me);
159	krb5_free_context(ctx);
160	return code;
161	}
162
163	if ((code = krb5_cc_store_cred(ctx, cc, &my_creds))) {
164	krb5_cc_close(ctx, cc);
165	smb_krb5_free_addresses(ctx, addr);
166	krb5_free_cred_contents(ctx, &my_creds);
167	krb5_free_principal(ctx, me);
168	krb5_free_context(ctx);
169	return code;
170	}
171
172	if (expire_time) {
173	*expire_time = (time_t) my_creds.times.endtime;
174	}
175
176	if (renew_till_time) {
177	*renew_till_time = (time_t) my_creds.times.renew_till;
178	}
179
180	krb5_cc_close(ctx, cc);
181	smb_krb5_free_addresses(ctx, addr);
182	krb5_free_cred_contents(ctx, &my_creds);
183	krb5_free_principal(ctx, me);
184	krb5_free_context(ctx);
185
186	return 0;
187	}
188
189
190
191	/* run kinit to setup our ccache */
192	int ads_kinit_password(ADS_STRUCT *ads)
193	{
194	char *s;
195	int ret;
196	const char *account_name;
197	fstring acct_name;
198
199	if ( IS_DC ) {
200	/* this will end up getting a ticket for DOMAIN@RUSTED.REA.LM */
201	account_name = lp_workgroup();
202	} else {
203	/* always use the sAMAccountName for security = domain */
204	/* global_myname()$@REA.LM */
205	if ( lp_security() == SEC_DOMAIN ) {
206	fstr_sprintf( acct_name, "%s$", global_myname() );
207	account_name = acct_name;
208	}
209	else
210	/* This looks like host/global_myname()@REA.LM */
211	account_name = ads->auth.user_name;
212	}
213
214	if (asprintf(&s, "%s@%s", account_name, ads->auth.realm) == -1) {
215	return KRB5_CC_NOMEM;
216	}
217
218	if (!ads->auth.password) {
219	SAFE_FREE(s);
220	return KRB5_LIBOS_CANTREADPWD;
221	}
222
223	ret = kerberos_kinit_password_ext(s, ads->auth.password, ads->auth.time_offset,
224	&ads->auth.tgt_expire, NULL, NULL, False, False, ads->auth.renewable);
225
226	if (ret) {
227	DEBUG(0,("kerberos_kinit_password %s failed: %s\n",
228	s, error_message(ret)));
229	}
230	SAFE_FREE(s);
231	return ret;
232	}
233
234	int ads_kdestroy(const char *cc_name)
235	{
236	krb5_error_code code;
237	krb5_context ctx = NULL;
238	krb5_ccache cc = NULL;
239
240	initialize_krb5_error_table();
241	if ((code = krb5_init_context (&ctx))) {
242	DEBUG(3, ("ads_kdestroy: kdb5_init_context failed: %s\n",
243	error_message(code)));
244	return code;
245	}
246
247	if (!cc_name) {
248	if ((code = krb5_cc_default(ctx, &cc))) {
249	krb5_free_context(ctx);
250	return code;
251	}
252	} else {
253	if ((code = krb5_cc_resolve(ctx, cc_name, &cc))) {
254	DEBUG(3, ("ads_kdestroy: krb5_cc_resolve failed: %s\n",
255	error_message(code)));
256	krb5_free_context(ctx);
257	return code;
258	}
259	}
260
261	if ((code = krb5_cc_destroy (ctx, cc))) {
262	DEBUG(3, ("ads_kdestroy: krb5_cc_destroy failed: %s\n",
263	error_message(code)));
264	}
265
266	krb5_free_context (ctx);
267	return code;
268	}
269
270	/************************************************************************
271	Routine to fetch the salting principal for a service. Active
272	Directory may use a non-obvious principal name to generate the salt
273	when it determines the key to use for encrypting tickets for a service,
274	and hopefully we detected that when we joined the domain.
275	************************************************************************/
276
277	static char kerberos_secrets_fetch_salting_principal(const char service, int enctype)
278	{
279	char *key = NULL;
280	char *ret = NULL;
281
282	asprintf(&key, "%s/%s/enctype=%d", SECRETS_SALTING_PRINCIPAL, service, enctype);
283	if (!key) {
284	return NULL;
285	}
286	ret = (char *)secrets_fetch(key, NULL);
287	SAFE_FREE(key);
288	return ret;
289	}
290
291	/************************************************************************
292	Return the standard DES salt key
293	************************************************************************/
294
295	char* kerberos_standard_des_salt( void )
296	{
297	fstring salt;
298
299	fstr_sprintf( salt, "host/%s.%s@", global_myname(), lp_realm() );
300	strlower_m( salt );
301	fstrcat( salt, lp_realm() );
302
303	return SMB_STRDUP( salt );
304	}
305
306	/************************************************************************
307	************************************************************************/
308
309	static char* des_salt_key( void )
310	{
311	char *key;
312
313	asprintf(&key, "%s/DES/%s", SECRETS_SALTING_PRINCIPAL, lp_realm());
314
315	return key;
316	}
317
318	/************************************************************************
319	************************************************************************/
320
321	BOOL kerberos_secrets_store_des_salt( const char* salt )
322	{
323	char* key;
324	BOOL ret;
325
326	if ( (key = des_salt_key()) == NULL ) {
327	DEBUG(0,("kerberos_secrets_store_des_salt: failed to generate key!\n"));
328	return False;
329	}
330
331	if ( !salt ) {
332	DEBUG(8,("kerberos_secrets_store_des_salt: deleting salt\n"));
333	secrets_delete( key );
334	return True;
335	}
336
337	DEBUG(3,("kerberos_secrets_store_des_salt: Storing salt \"%s\"\n", salt));
338
339	ret = secrets_store( key, salt, strlen(salt)+1 );
340
341	SAFE_FREE( key );
342
343	return ret;
344	}
345
346	/************************************************************************
347	************************************************************************/
348
349	char* kerberos_secrets_fetch_des_salt( void )
350	{
351	char salt, key;
352
353	if ( (key = des_salt_key()) == NULL ) {
354	DEBUG(0,("kerberos_secrets_fetch_des_salt: failed to generate key!\n"));
355	return False;
356	}
357
358	salt = (char*)secrets_fetch( key, NULL );
359
360	SAFE_FREE( key );
361
362	return salt;
363	}
364
365
366	/************************************************************************
367	Routine to get the salting principal for this service. This is
368	maintained for backwards compatibilty with releases prior to 3.0.24.
369	Since we store the salting principal string only at join, we may have
370	to look for the older tdb keys. Caller must free if return is not null.
371	************************************************************************/
372
373	krb5_principal kerberos_fetch_salt_princ_for_host_princ(krb5_context context,
374	krb5_principal host_princ,
375	int enctype)
376	{
377	char unparsed_name = NULL, salt_princ_s = NULL;
378	krb5_principal ret_princ = NULL;
379
380	/* lookup new key first */
381
382	if ( (salt_princ_s = kerberos_secrets_fetch_des_salt()) == NULL ) {
383
384	/* look under the old key. If this fails, just use the standard key */
385
386	if (smb_krb5_unparse_name(context, host_princ, &unparsed_name) != 0) {
387	return (krb5_principal)NULL;
388	}
389	if ((salt_princ_s = kerberos_secrets_fetch_salting_principal(unparsed_name, enctype)) == NULL) {
390	/* fall back to host/machine.realm@REALM */
391	salt_princ_s = kerberos_standard_des_salt();
392	}
393	}
394
395	if (smb_krb5_parse_name(context, salt_princ_s, &ret_princ) != 0) {
396	ret_princ = NULL;
397	}
398
399	SAFE_FREE(unparsed_name);
400	SAFE_FREE(salt_princ_s);
401
402	return ret_princ;
403	}
404
405	/************************************************************************
406	Routine to set the salting principal for this service. Active
407	Directory may use a non-obvious principal name to generate the salt
408	when it determines the key to use for encrypting tickets for a service,
409	and hopefully we detected that when we joined the domain.
410	Setting principal to NULL deletes this entry.
411	************************************************************************/
412
413	BOOL kerberos_secrets_store_salting_principal(const char *service,
414	int enctype,
415	const char *principal)
416	{
417	char *key = NULL;
418	BOOL ret = False;
419	krb5_context context = NULL;
420	krb5_principal princ = NULL;
421	char *princ_s = NULL;
422	char *unparsed_name = NULL;
423
424	krb5_init_context(&context);
425	if (!context) {
426	return False;
427	}
428	if (strchr_m(service, '@')) {
429	asprintf(&princ_s, "%s", service);
430	} else {
431	asprintf(&princ_s, "%s@%s", service, lp_realm());
432	}
433
434	if (smb_krb5_parse_name(context, princ_s, &princ) != 0) {
435	goto out;
436
437	}
438	if (smb_krb5_unparse_name(context, princ, &unparsed_name) != 0) {
439	goto out;
440	}
441
442	asprintf(&key, "%s/%s/enctype=%d", SECRETS_SALTING_PRINCIPAL, unparsed_name, enctype);
443	if (!key) {
444	goto out;
445	}
446
447	if ((principal != NULL) && (strlen(principal) > 0)) {
448	ret = secrets_store(key, principal, strlen(principal) + 1);
449	} else {
450	ret = secrets_delete(key);
451	}
452
453	out:
454
455	SAFE_FREE(key);
456	SAFE_FREE(princ_s);
457	SAFE_FREE(unparsed_name);
458
459	if (context) {
460	krb5_free_context(context);
461	}
462
463	return ret;
464	}
465
466
467	/************************************************************************
468	************************************************************************/
469
470	int kerberos_kinit_password(const char *principal,
471	const char *password,
472	int time_offset,
473	const char *cache_name)
474	{
475	return kerberos_kinit_password_ext(principal,
476	password,
477	time_offset,
478	0,
479	0,
480	cache_name,
481	False,
482	False,
483	0);
484	}
485
486	/************************************************************************
487	Create a string list of available kdc's, possibly searching by sitename.
488	Does DNS queries.
489	************************************************************************/
490
491	static char get_kdc_ip_string(char mem_ctx, const char realm, const char sitename, struct in_addr primary_ip)
492	{
493	int i;
494	struct ip_service *ip_srv_site = NULL;
495	struct ip_service *ip_srv_nonsite;
496	int count_site = 0;
497	int count_nonsite;
498	char *kdc_str = talloc_asprintf(mem_ctx, "\tkdc = %s\n",
499	inet_ntoa(primary_ip));
500
501	if (kdc_str == NULL) {
502	return NULL;
503	}
504
505	/* Get the KDC's only in this site. */
506
507	if (sitename) {
508
509	get_kdc_list(realm, sitename, &ip_srv_site, &count_site);
510
511	for (i = 0; i < count_site; i++) {
512	if (ip_equal(ip_srv_site[i].ip, primary_ip)) {
513	continue;
514	}
515	/* Append to the string - inefficient but not done often. */
516	kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
517	kdc_str, inet_ntoa(ip_srv_site[i].ip));
518	if (!kdc_str) {
519	SAFE_FREE(ip_srv_site);
520	return NULL;
521	}
522	}
523	}
524
525	/* Get all KDC's. */
526
527	get_kdc_list(realm, NULL, &ip_srv_nonsite, &count_nonsite);
528
529	for (i = 0; i < count_nonsite; i++) {
530	int j;
531
532	if (ip_equal(ip_srv_nonsite[i].ip, primary_ip)) {
533	continue;
534	}
535
536	/* Ensure this isn't an IP already seen (YUK! this is nn....) /
537	for (j = 0; j < count_site; j++) {
538	if (ip_equal(ip_srv_nonsite[i].ip, ip_srv_site[j].ip)) {
539	break;
540	}
541	/* As the lists are sorted we can break early if nonsite > site. */
542	if (ip_service_compare(&ip_srv_nonsite[i], &ip_srv_site[j]) > 0) {
543	break;
544	}
545	}
546	if (j != i) {
547	continue;
548	}
549
550	/* Append to the string - inefficient but not done often. */
551	kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n",
552	kdc_str, inet_ntoa(ip_srv_nonsite[i].ip));
553	if (!kdc_str) {
554	SAFE_FREE(ip_srv_site);
555	SAFE_FREE(ip_srv_nonsite);
556	return NULL;
557	}
558	}
559
560
561	SAFE_FREE(ip_srv_site);
562	SAFE_FREE(ip_srv_nonsite);
563
564	DEBUG(10,("get_kdc_ip_string: Returning %s\n",
565	kdc_str ));
566
567	return kdc_str;
568	}
569
570	/************************************************************************
571	Create a specific krb5.conf file in the private directory pointing
572	at a specific kdc for a realm. Keyed off domain name. Sets
573	KRB5_CONFIG environment variable to point to this file. Must be
574	run as root or will fail (which is a good thing :-).
575	************************************************************************/
576
577	BOOL create_local_private_krb5_conf_for_domain(const char realm, const char domain,
578	const char *sitename, struct in_addr ip)
579	{
580	char *dname = talloc_asprintf(NULL, "%s/smb_krb5", lp_lockdir());
581	char *tmpname = NULL;
582	char *fname = NULL;
583	char *file_contents = NULL;
584	char *kdc_ip_string = NULL;
585	size_t flen = 0;
586	ssize_t ret;
587	int fd;
588	char *realm_upper = NULL;
589
590	if (!dname) {
591	return False;
592	}
593	if ((mkdir(dname, 0755)==-1) && (errno != EEXIST)) {
594	DEBUG(0,("create_local_private_krb5_conf_for_domain: "
595	"failed to create directory %s. Error was %s\n",
596	dname, strerror(errno) ));
597	TALLOC_FREE(dname);
598	return False;
599	}
600
601	tmpname = talloc_asprintf(dname, "%s/smb_tmp_krb5.XXXXXX", lp_lockdir());
602	if (!tmpname) {
603	TALLOC_FREE(dname);
604	return False;
605	}
606
607	fname = talloc_asprintf(dname, "%s/krb5.conf.%s", dname, domain);
608	if (!fname) {
609	TALLOC_FREE(dname);
610	return False;
611	}
612
613	DEBUG(10,("create_local_private_krb5_conf_for_domain: fname = %s, realm = %s, domain = %s\n",
614	fname, realm, domain ));
615
616	realm_upper = talloc_strdup(fname, realm);
617	strupper_m(realm_upper);
618
619	kdc_ip_string = get_kdc_ip_string(dname, realm, sitename, ip);
620	if (!kdc_ip_string) {
621	TALLOC_FREE(dname);
622	return False;
623	}
624
625	file_contents = talloc_asprintf(fname, "[libdefaults]\n\tdefault_realm = %s\n\n"
626	"[realms]\n\t%s = {\n"
627	"\t%s\t}\n",
628	realm_upper, realm_upper, kdc_ip_string);
629
630	if (!file_contents) {
631	TALLOC_FREE(dname);
632	return False;
633	}
634
635	flen = strlen(file_contents);
636
637	fd = smb_mkstemp(tmpname);
638	if (fd == -1) {
639	DEBUG(0,("create_local_private_krb5_conf_for_domain: smb_mkstemp failed,"
640	" for file %s. Errno %s\n",
641	tmpname, strerror(errno) ));
642	}
643
644	if (fchmod(fd, 0644)==-1) {
645	DEBUG(0,("create_local_private_krb5_conf_for_domain: fchmod failed for %s."
646	" Errno %s\n",
647	tmpname, strerror(errno) ));
648	unlink(tmpname);
649	close(fd);
650	TALLOC_FREE(dname);
651	return False;
652	}
653
654	ret = write(fd, file_contents, flen);
655	if (flen != ret) {
656	DEBUG(0,("create_local_private_krb5_conf_for_domain: write failed,"
657	" returned %d (should be %u). Errno %s\n",
658	(int)ret, (unsigned int)flen, strerror(errno) ));
659	unlink(tmpname);
660	close(fd);
661	TALLOC_FREE(dname);
662	return False;
663	}
664	if (close(fd)==-1) {
665	DEBUG(0,("create_local_private_krb5_conf_for_domain: close failed."
666	" Errno %s\n", strerror(errno) ));
667	unlink(tmpname);
668	TALLOC_FREE(dname);
669	return False;
670	}
671
672	if (rename(tmpname, fname) == -1) {
673	DEBUG(0,("create_local_private_krb5_conf_for_domain: rename "
674	"of %s to %s failed. Errno %s\n",
675	tmpname, fname, strerror(errno) ));
676	unlink(tmpname);
677	TALLOC_FREE(dname);
678	return False;
679	}
680
681	DEBUG(5,("create_local_private_krb5_conf_for_domain: wrote "
682	"file %s with realm %s KDC = %s\n",
683	fname, realm_upper, inet_ntoa(ip) ));
684
685	/* Set the environment variable to this file. */
686	setenv("KRB5_CONFIG", fname, 1);
687
688	#if defined(OVERWRITE_SYSTEM_KRB5_CONF)
689
690	#define SYSTEM_KRB5_CONF_PATH "/etc/krb5.conf"
691	/* Insanity, sheer insanity..... */
692
693	if (strequal(realm, lp_realm())) {
694	pstring linkpath;
695	int lret;
696
697	lret = readlink(SYSTEM_KRB5_CONF_PATH, linkpath, sizeof(linkpath)-1);
698	linkpath[sizeof(pstring)-1] = '\0';
699
700	if (lret == 0 \|\| strcmp(linkpath, fname) == 0) {
701	/* Symlink already exists. */
702	TALLOC_FREE(dname);
703	return True;
704	}
705
706	/* Try and replace with a symlink. */
707	if (symlink(fname, SYSTEM_KRB5_CONF_PATH) == -1) {
708	if (errno != EEXIST) {
709	DEBUG(0,("create_local_private_krb5_conf_for_domain: symlink "
710	"of %s to %s failed. Errno %s\n",
711	fname, SYSTEM_KRB5_CONF_PATH, strerror(errno) ));
712	TALLOC_FREE(dname);
713	return True; /* Not a fatal error. */
714	}
715
716	pstrcpy(linkpath, SYSTEM_KRB5_CONF_PATH);
717	pstrcat(linkpath, ".saved");
718
719	/* Yes, this is a race conditon... too bad. */
720	if (rename(SYSTEM_KRB5_CONF_PATH, linkpath) == -1) {
721	DEBUG(0,("create_local_private_krb5_conf_for_domain: rename "
722	"of %s to %s failed. Errno %s\n",
723	SYSTEM_KRB5_CONF_PATH, linkpath,
724	strerror(errno) ));
725	TALLOC_FREE(dname);
726	return True; /* Not a fatal error. */
727	}
728
729	if (symlink(fname, "/etc/krb5.conf") == -1) {
730	DEBUG(0,("create_local_private_krb5_conf_for_domain: "
731	"forced symlink of %s to /etc/krb5.conf failed. Errno %s\n",
732	fname, strerror(errno) ));
733	TALLOC_FREE(dname);
734	return True; /* Not a fatal error. */
735	}
736	}
737	}
738	#endif
739
740	TALLOC_FREE(dname);
741
742	return True;
743	}
744	#endif

Note: See TracBrowser for help on using the repository browser.

Download in other formats: