summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Adam <obnox@samba.org>2008-07-29 14:13:37 +0200
committerMichael Adam <obnox@samba.org>2008-08-01 16:04:42 +0200
commit86f91a2ba149c05f292aedf764ce83bcb49e5e57 (patch)
tree2e19e43b416fc16c9c676a11953482fa6d39bfb6
parent7205dd5d12476c265bb8cec26df78a531d750db6 (diff)
downloadsamba-86f91a2ba149c05f292aedf764ce83bcb49e5e57.tar.gz
samba-86f91a2ba149c05f292aedf764ce83bcb49e5e57.tar.bz2
samba-86f91a2ba149c05f292aedf764ce83bcb49e5e57.zip
dssync keytab: remove old UpToDateNess vectors from keytab before storing new one.
Michael (This used to be commit 717bd6f6c3ec94e3b8b5845c43717a5fbd41c38f)
-rw-r--r--source3/libnet/libnet_dssync_keytab.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/source3/libnet/libnet_dssync_keytab.c b/source3/libnet/libnet_dssync_keytab.c
index 0d17fdad3d..cfcbb6f34c 100644
--- a/source3/libnet/libnet_dssync_keytab.c
+++ b/source3/libnet/libnet_dssync_keytab.c
@@ -113,6 +113,7 @@ static NTSTATUS keytab_finish(struct dssync_context *ctx, TALLOC_CTX *mem_ctx,
if (new_utdv) {
enum ndr_err_code ndr_err;
DATA_BLOB blob;
+ char *principal;
if (DEBUGLEVEL >= 10) {
NDR_PRINT_DEBUG(replUpToDateVectorBlob, new_utdv);
@@ -135,6 +136,24 @@ static NTSTATUS keytab_finish(struct dssync_context *ctx, TALLOC_CTX *mem_ctx,
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
+
+ principal = talloc_asprintf(mem_ctx, "UTDV/%s@%s",
+ ctx->nc_dn, ctx->dns_domain_name);
+ if (!principal) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ ret = libnet_keytab_remove_entries(keytab_ctx, principal,
+ 0, ENCTYPE_ARCFOUR_HMAC);
+ if (ret) {
+ status = krb5_to_nt_status(ret);
+ ctx->error_message = talloc_asprintf(mem_ctx,
+ "Failed to remove old UTDV entries from "
+ "keytab %s: %s", keytab_ctx->keytab_name,
+ error_message(ret));
+ goto done;
+ }
}
ret = libnet_keytab_add(keytab_ctx);