From: Dmitry Timoshkov dmitry@baikal.ru
Signed-off-by: Dmitry Timoshkov dmitry@baikal.ru --- dlls/kerberos/unixlib.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/dlls/kerberos/unixlib.c b/dlls/kerberos/unixlib.c index 5bc1f72981f..ee32080f0e6 100644 --- a/dlls/kerberos/unixlib.c +++ b/dlls/kerberos/unixlib.c @@ -659,8 +659,12 @@ static NTSTATUS acquire_credentials_handle( void *args ) cred_usage = GSS_C_INITIATE; break;
+ case SECPKG_CRED_BOTH: + cred_usage = GSS_C_BOTH; + break; + default: - FIXME( "SECPKG_CRED_BOTH not supported\n" ); + FIXME( "%u not supported\n", (unsigned int)params->credential_use ); return SEC_E_UNKNOWN_CREDENTIALS; }
Hi,
It looks like your patch introduced the new failures shown below. Please investigate and fix them before resubmitting your patch. If they are not new, fixing them anyway would help a lot. Otherwise please ask for the known failures list to be updated.
The tests also ran into some preexisting test failures. If you know how to fix them that would be helpful. See the TestBot job for the details:
The full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=146880
Your paranoid android.
=== debian11b (64 bit WoW report) ===
user32: win.c:4037: Test failed: Expected active window 0000000003B50156, got 00000000035D016C. win.c:4038: Test failed: Expected focus window 0000000003B50156, got 00000000035D016C.
Hans Leidekker (@hans) commented about dlls/kerberos/unixlib.c:
cred_usage = GSS_C_INITIATE; break;
- case SECPKG_CRED_BOTH:
cred_usage = GSS_C_BOTH;break;
Shouldn't we call init_creds() here like we do for SECPKG_CRED_OUTBOUND?
On Mon Jul 8 19:07:32 2024 +0000, Hans Leidekker wrote:
Shouldn't we call init_creds() here like we do for SECPKG_CRED_OUTBOUND?
init_creds() does more harm actually, for instance when AcquireCredentialsHandle is called without password it completely trashes an existing kerberos ticket instead of relying on default behaviour, at least under Windows password is not required when the user is already logged on into the domain. So, I'd completely remove the init_creds() helper. If you think that's the intended behaviour I'll add the init_creds() call though.
On Mon Jul 8 19:21:03 2024 +0000, Dmitry Timoshkov wrote:
init_creds() does more harm actually, for instance when AcquireCredentialsHandle is called without password it completely trashes an existing kerberos ticket instead of relying on default behaviour, at least under Windows password is not required when the user is already logged on into the domain. So, I'd completely remove the init_creds() helper. If you think that's the intended behaviour I'll add the init_creds() call though.
It seems to me that if credentials are passed they should be used. I don't see why that would be different for SECPKG_CRED_BOTH. It could use a test I guess.
On Mon Jul 8 19:31:39 2024 +0000, Hans Leidekker wrote:
It seems to me that if credentials are passed they should be used. I don't see why that would be different for SECPKG_CRED_BOTH. It could use a test I guess.
Also note that your patch for msv1_0 does initialize credentials for SECPKG_CRED_BOTH.
-
Dmitry Timoshkov -
Dmitry Timoshkov (@dmitry)
-
Hans Leidekker (@hans)
-
Marvin