diff options
author | Michael Adam <obnox@samba.org> | 2008-07-29 14:13:37 +0200 |
---|---|---|
committer | Michael Adam <obnox@samba.org> | 2008-08-01 16:04:42 +0200 |
commit | 86f91a2ba149c05f292aedf764ce83bcb49e5e57 (patch) | |
tree | 2e19e43b416fc16c9c676a11953482fa6d39bfb6 | |
parent | 7205dd5d12476c265bb8cec26df78a531d750db6 (diff) | |
download | samba-86f91a2ba149c05f292aedf764ce83bcb49e5e57.tar.gz samba-86f91a2ba149c05f292aedf764ce83bcb49e5e57.tar.bz2 samba-86f91a2ba149c05f292aedf764ce83bcb49e5e57.zip |
dssync keytab: remove old UpToDateNess vectors from keytab before storing new one.
Michael
(This used to be commit 717bd6f6c3ec94e3b8b5845c43717a5fbd41c38f)
-rw-r--r-- | source3/libnet/libnet_dssync_keytab.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/source3/libnet/libnet_dssync_keytab.c b/source3/libnet/libnet_dssync_keytab.c index 0d17fdad3d..cfcbb6f34c 100644 --- a/source3/libnet/libnet_dssync_keytab.c +++ b/source3/libnet/libnet_dssync_keytab.c @@ -113,6 +113,7 @@ static NTSTATUS keytab_finish(struct dssync_context *ctx, TALLOC_CTX *mem_ctx, if (new_utdv) { enum ndr_err_code ndr_err; DATA_BLOB blob; + char *principal; if (DEBUGLEVEL >= 10) { NDR_PRINT_DEBUG(replUpToDateVectorBlob, new_utdv); @@ -135,6 +136,24 @@ static NTSTATUS keytab_finish(struct dssync_context *ctx, TALLOC_CTX *mem_ctx, if (!NT_STATUS_IS_OK(status)) { goto done; } + + principal = talloc_asprintf(mem_ctx, "UTDV/%s@%s", + ctx->nc_dn, ctx->dns_domain_name); + if (!principal) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + + ret = libnet_keytab_remove_entries(keytab_ctx, principal, + 0, ENCTYPE_ARCFOUR_HMAC); + if (ret) { + status = krb5_to_nt_status(ret); + ctx->error_message = talloc_asprintf(mem_ctx, + "Failed to remove old UTDV entries from " + "keytab %s: %s", keytab_ctx->keytab_name, + error_message(ret)); + goto done; + } } ret = libnet_keytab_add(keytab_ctx); |