summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2008-06-30 10:32:15 +0200
committerGünther Deschner <gd@samba.org>2008-06-30 12:38:40 +0200
commit16e44ee1126a5126346689785d240ac37a32fad7 (patch)
tree7cec7b504f03ca13e6736b920c09653e3946d892
parent52635c6f58edaa0e948851fd3f06b95d05ab10a4 (diff)
downloadsamba-16e44ee1126a5126346689785d240ac37a32fad7.tar.gz
samba-16e44ee1126a5126346689785d240ac37a32fad7.tar.bz2
samba-16e44ee1126a5126346689785d240ac37a32fad7.zip
kerberos: allow to keep entries with old kvno's while creating keytab.
Guenther (This used to be commit 6194244bd9fcc1fb736f3d91433f107270cac1c9)
-rw-r--r--source3/include/includes.h3
-rw-r--r--source3/libads/kerberos_keytab.c6
-rw-r--r--source3/libnet/libnet_keytab.c1
3 files changed, 7 insertions, 3 deletions
diff --git a/source3/include/includes.h b/source3/include/includes.h
index e9addf6ee0..aa99dc0b63 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -1231,7 +1231,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
const char *princ_s,
krb5_enctype *enctypes,
krb5_data password,
- bool no_salt);
+ bool no_salt,
+ bool keep_old_entries);
#endif /* HAVE_KRB5 */
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 04804fc27c..b905cb4a0f 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -38,7 +38,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
const char *princ_s,
krb5_enctype *enctypes,
krb5_data password,
- bool no_salt)
+ bool no_salt,
+ bool keep_old_entries)
{
krb5_error_code ret = 0;
krb5_kt_cursor cursor;
@@ -96,7 +97,7 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
if (kt_entry.vno == kvno - 1) {
DEBUG(5,("smb_krb5_kt_add_entry_ext: Saving previous (kvno %d) entry for principal: %s.\n",
kvno - 1, princ_s));
- } else {
+ } else if (!keep_old_entries) {
DEBUG(5,("smb_krb5_kt_add_entry_ext: Found old entry for principal: %s (kvno %d) - trying to remove it.\n",
princ_s, kt_entry.vno));
ret = krb5_kt_end_seq_get(context, keytab, &cursor);
@@ -224,6 +225,7 @@ int smb_krb5_kt_add_entry(krb5_context context,
princ_s,
enctypes,
password,
+ false,
false);
}
diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c
index faa491471e..02c2b6f761 100644
--- a/source3/libnet/libnet_keytab.c
+++ b/source3/libnet/libnet_keytab.c
@@ -126,6 +126,7 @@ krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx)
entry->principal,
enctypes,
password,
+ true,
true);
if (ret) {
DEBUG(1,("libnet_keytab_add: "