diff options
author | Günther Deschner <gd@samba.org> | 2008-06-30 10:32:15 +0200 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2008-06-30 12:38:40 +0200 |
commit | 16e44ee1126a5126346689785d240ac37a32fad7 (patch) | |
tree | 7cec7b504f03ca13e6736b920c09653e3946d892 | |
parent | 52635c6f58edaa0e948851fd3f06b95d05ab10a4 (diff) | |
download | samba-16e44ee1126a5126346689785d240ac37a32fad7.tar.gz samba-16e44ee1126a5126346689785d240ac37a32fad7.tar.bz2 samba-16e44ee1126a5126346689785d240ac37a32fad7.zip |
kerberos: allow to keep entries with old kvno's while creating keytab.
Guenther
(This used to be commit 6194244bd9fcc1fb736f3d91433f107270cac1c9)
-rw-r--r-- | source3/include/includes.h | 3 | ||||
-rw-r--r-- | source3/libads/kerberos_keytab.c | 6 | ||||
-rw-r--r-- | source3/libnet/libnet_keytab.c | 1 |
3 files changed, 7 insertions, 3 deletions
diff --git a/source3/include/includes.h b/source3/include/includes.h index e9addf6ee0..aa99dc0b63 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -1231,7 +1231,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context, const char *princ_s, krb5_enctype *enctypes, krb5_data password, - bool no_salt); + bool no_salt, + bool keep_old_entries); #endif /* HAVE_KRB5 */ diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index 04804fc27c..b905cb4a0f 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -38,7 +38,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context, const char *princ_s, krb5_enctype *enctypes, krb5_data password, - bool no_salt) + bool no_salt, + bool keep_old_entries) { krb5_error_code ret = 0; krb5_kt_cursor cursor; @@ -96,7 +97,7 @@ int smb_krb5_kt_add_entry_ext(krb5_context context, if (kt_entry.vno == kvno - 1) { DEBUG(5,("smb_krb5_kt_add_entry_ext: Saving previous (kvno %d) entry for principal: %s.\n", kvno - 1, princ_s)); - } else { + } else if (!keep_old_entries) { DEBUG(5,("smb_krb5_kt_add_entry_ext: Found old entry for principal: %s (kvno %d) - trying to remove it.\n", princ_s, kt_entry.vno)); ret = krb5_kt_end_seq_get(context, keytab, &cursor); @@ -224,6 +225,7 @@ int smb_krb5_kt_add_entry(krb5_context context, princ_s, enctypes, password, + false, false); } diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c index faa491471e..02c2b6f761 100644 --- a/source3/libnet/libnet_keytab.c +++ b/source3/libnet/libnet_keytab.c @@ -126,6 +126,7 @@ krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx) entry->principal, enctypes, password, + true, true); if (ret) { DEBUG(1,("libnet_keytab_add: " |