diff options
author | Michael Adam <obnox@samba.org> | 2008-07-29 15:19:18 +0200 |
---|---|---|
committer | Michael Adam <obnox@samba.org> | 2008-08-01 16:04:43 +0200 |
commit | ca0cbabd36f894f94bdc0d95c670a6710906f9ac (patch) | |
tree | 4c6a8f6678f63b58dc9eff87bdfcdb1626822519 | |
parent | d74f57826aaa697745e8abc7537325963f2698b2 (diff) | |
download | samba-ca0cbabd36f894f94bdc0d95c670a6710906f9ac.tar.gz samba-ca0cbabd36f894f94bdc0d95c670a6710906f9ac.tar.bz2 samba-ca0cbabd36f894f94bdc0d95c670a6710906f9ac.zip |
libnet keytab: add function libnet_keytab_add_entry()
This is a stripped down version of smb_krb5_kt_add_entry() that
takes one explicit enctype instead of an array. And it does
not neither salting of keys nor cleanup of old entries.
Michael
(This used to be commit c83e54f1eb3021d13fb0a3c3f6b556a338d2a8c3)
-rw-r--r-- | source3/libnet/libnet_keytab.c | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c index a748599c78..0b8327c38f 100644 --- a/source3/libnet/libnet_keytab.c +++ b/source3/libnet/libnet_keytab.c @@ -105,6 +105,60 @@ krb5_error_code libnet_keytab_init(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static krb5_error_code libnet_keytab_add_entry(krb5_context context, + krb5_keytab keytab, + krb5_kvno kvno, + const char *princ_s, + krb5_enctype enctype, + krb5_data password) +{ + krb5_keyblock *keyp; + krb5_keytab_entry kt_entry; + krb5_error_code ret; + + ZERO_STRUCT(kt_entry); + + kt_entry.vno = kvno; + + ret = smb_krb5_parse_name(context, princ_s, &kt_entry.principal); + if (ret) { + DEBUG(1, ("smb_krb5_parse_name(%s) failed (%s)\n", + princ_s, error_message(ret))); + return ret; + } + +#if !defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) && !defined(HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK) +#error krb5_keytab_entry has no key or keyblock member +#endif +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */ + keyp = &kt_entry.key; +#endif +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */ + keyp = &kt_entry.keyblock; +#endif + + if (create_kerberos_key_from_string(context, kt_entry.principal, + &password, keyp, enctype, true)) + { + ret = KRB5KRB_ERR_GENERIC; + goto done; + } + + ret = krb5_kt_add_entry(context, keytab, &kt_entry); + if (ret) { + DEBUG(1, ("adding entry to keytab failed (%s)\n", + error_message(ret))); + } + +done: + krb5_free_keyblock_contents(context, keyp); + krb5_free_principal(context, kt_entry.principal); + ZERO_STRUCT(kt_entry); + smb_krb5_kt_free_entry(context, &kt_entry); + + return ret; +} + krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx) { #if defined(ENCTYPE_ARCFOUR_HMAC) |