diff options
author | Günther Deschner <gd@samba.org> | 2009-08-26 00:31:27 +0200 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2009-08-27 15:55:19 +0200 |
commit | a09b627ecc446e78aa293e9e8b79c12f75a6b74e (patch) | |
tree | dfcfe41f8e165532d4b6a4b917e65608a213c96b | |
parent | 7c972d83d268a277501626122ab1c7cdddc0f4a3 (diff) | |
download | samba-a09b627ecc446e78aa293e9e8b79c12f75a6b74e.tar.gz samba-a09b627ecc446e78aa293e9e8b79c12f75a6b74e.tar.bz2 samba-a09b627ecc446e78aa293e9e8b79c12f75a6b74e.zip |
s3-schannel: add simple wrappers to fetch and store schannel auth info.
Guenther
-rw-r--r-- | source3/Makefile.in | 3 | ||||
-rw-r--r-- | source3/include/proto.h | 8 | ||||
-rw-r--r-- | source3/passdb/secrets.c | 1 | ||||
-rw-r--r-- | source3/passdb/secrets_schannel.c | 68 |
4 files changed, 79 insertions, 1 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 765250595d..3af97db967 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -492,7 +492,8 @@ TLDAP_OBJ = lib/tldap.o lib/tldap_util.o lib/util_tsock.o SCHANNEL_OBJ = libsmb/credentials.o \ ../libcli/auth/credentials.o \ ../libcli/auth/schannel_state_tdb.o \ - ../librpc/gen_ndr/ndr_schannel.o + ../librpc/gen_ndr/ndr_schannel.o \ + passdb/secrets_schannel.o LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \ libsmb/clikrb5.o libsmb/clispnego.o ../lib/util/asn1.o \ diff --git a/source3/include/proto.h b/source3/include/proto.h index d6ee5ed65f..bed592c6cb 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -4744,6 +4744,14 @@ char *secrets_fetch_generic(const char *owner, const char *key); bool secrets_store_local_schannel_key(uint8_t schannel_key[16]); bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]); +/* The following definitions come from passdb/secrets_schannel.c */ + +NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx, + const char *computer_name, + struct netlogon_creds_CredentialState **pcreds); +NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx, + struct netlogon_creds_CredentialState *creds); + /* The following definitions come from passdb/util_builtin.c */ bool lookup_builtin_rid(TALLOC_CTX *mem_ctx, uint32 rid, const char **name); diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index ee0dcaf42c..0a3871e620 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -24,6 +24,7 @@ #include "includes.h" #include "../libcli/auth/libcli_auth.h" + #undef DBGC_CLASS #define DBGC_CLASS DBGC_PASSDB diff --git a/source3/passdb/secrets_schannel.c b/source3/passdb/secrets_schannel.c new file mode 100644 index 0000000000..84a860ee6a --- /dev/null +++ b/source3/passdb/secrets_schannel.c @@ -0,0 +1,68 @@ +/* + Unix SMB/CIFS implementation. + Copyright (C) Guenther Deschner 2009 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "../libcli/auth/libcli_auth.h" +#include "../libcli/auth/schannel_state.h" + +/****************************************************************************** + Wrapper around schannel_fetch_session_key_tdb() + Note we must be root here. +*******************************************************************************/ + +NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx, + const char *computer_name, + struct netlogon_creds_CredentialState **pcreds) +{ + struct tdb_context *tdb; + NTSTATUS status; + + tdb = open_schannel_session_store(mem_ctx); + if (!tdb) { + return NT_STATUS_ACCESS_DENIED; + } + + status = schannel_fetch_session_key_tdb(tdb, mem_ctx, computer_name, pcreds); + + tdb_close(tdb); + + return status; +} + +/****************************************************************************** + Wrapper around schannel_store_session_key_tdb() + Note we must be root here. +*******************************************************************************/ + +NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx, + struct netlogon_creds_CredentialState *creds) +{ + struct tdb_context *tdb; + NTSTATUS status; + + tdb = open_schannel_session_store(mem_ctx); + if (!tdb) { + return NT_STATUS_ACCESS_DENIED; + } + + status = schannel_store_session_key_tdb(tdb, mem_ctx, creds); + + tdb_close(tdb); + + return status; +} |