diff options
| author | Günther Deschner <gd@samba.org> | 2007-04-23 08:40:54 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:19:37 -0500 |
| commit | 1ee9650a1dfa28badac1f37b4c14fca920c6330c (patch) | |
| tree | 93eff73551f46617de97c27f999913cebb6d8d5c /source3/libads/kerberos_keytab.c | |
| parent | b9c4009037079bddb032d582d59e9e4c7b6ceb6e (diff) | |
| download | samba-1ee9650a1dfa28badac1f37b4c14fca920c6330c.tar.gz samba-1ee9650a1dfa28badac1f37b4c14fca920c6330c.tar.bz2 samba-1ee9650a1dfa28badac1f37b4c14fca920c6330c.zip | |
r22479: Add "net ads keytab list".
Guenther
(This used to be commit 9ec76c542775ae58ff03f42ebfa1acc1a63a1bb1)
Diffstat (limited to 'source3/libads/kerberos_keytab.c')
| -rw-r--r-- | source3/libads/kerberos_keytab.c | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c index 0ad225fbeb..d99e322b99 100644 --- a/source3/libads/kerberos_keytab.c +++ b/source3/libads/kerberos_keytab.c @@ -691,4 +691,116 @@ done: } return ret; } + +/********************************************************************** + List system keytab. +***********************************************************************/ + +int ads_keytab_list(void) +{ + krb5_error_code ret = 0; + krb5_context context = NULL; + krb5_keytab keytab = NULL; + krb5_kt_cursor cursor; + krb5_keytab_entry kt_entry; + char keytab_name[MAX_KEYTAB_NAME_LEN]; + + ZERO_STRUCT(kt_entry); + ZERO_STRUCT(cursor); + + initialize_krb5_error_table(); + ret = krb5_init_context(&context); + if (ret) { + DEBUG(1,("ads_keytab_list: could not krb5_init_context: %s\n",error_message(ret))); + return ret; + } +#if 0 /* HAVE_WRFILE_KEYTAB */ + keytab_name[0] = 'W'; + keytab_name[1] = 'R'; + ret = krb5_kt_default_name(context, (char *) &keytab_name[2], MAX_KEYTAB_NAME_LEN - 4); +#else + ret = krb5_kt_default_name(context, (char *) &keytab_name[0], MAX_KEYTAB_NAME_LEN - 2); +#endif + if (ret) { + DEBUG(1,("ads_keytab_list: krb5_kt_default failed (%s)\n", error_message(ret))); + goto out; + } + DEBUG(3,("ads_keytab_list: Using default keytab: %s\n", (char *) &keytab_name)); + ret = krb5_kt_resolve(context, (char *) &keytab_name, &keytab); + if (ret) { + DEBUG(1,("ads_keytab_list: krb5_kt_resolve failed (%s)\n", error_message(ret))); + goto out; + } + + ret = krb5_kt_start_seq_get(context, keytab, &cursor); + if (ret) { + goto out; + } + + printf("Vno Type Principal\n"); + + while (krb5_kt_next_entry(context, keytab, &kt_entry, &cursor) == 0) { + + char *princ_s = NULL; + char *etype_s = NULL; + krb5_enctype enctype = 0; + + ret = smb_krb5_unparse_name(context, kt_entry.principal, &princ_s); + if (ret) { + goto out; + } + + enctype = smb_get_enctype_from_kt_entry(&kt_entry); + + ret = smb_krb5_enctype_to_string(context, enctype, &etype_s); + if (ret) { + SAFE_FREE(princ_s); + goto out; + } + + printf("%3d %s\t\t %s\n", kt_entry.vno, etype_s, princ_s); + + SAFE_FREE(princ_s); + SAFE_FREE(etype_s); + + ret = smb_krb5_kt_free_entry(context, &kt_entry); + if (ret) { + goto out; + } + } + + ret = krb5_kt_end_seq_get(context, keytab, &cursor); + if (ret) { + goto out; + } + + /* Ensure we don't double free. */ + ZERO_STRUCT(kt_entry); + ZERO_STRUCT(cursor); +out: + + { + krb5_keytab_entry zero_kt_entry; + ZERO_STRUCT(zero_kt_entry); + if (memcmp(&zero_kt_entry, &kt_entry, sizeof(krb5_keytab_entry))) { + smb_krb5_kt_free_entry(context, &kt_entry); + } + } + { + krb5_kt_cursor zero_csr; + ZERO_STRUCT(zero_csr); + if ((memcmp(&cursor, &zero_csr, sizeof(krb5_kt_cursor)) != 0) && keytab) { + krb5_kt_end_seq_get(context, keytab, &cursor); + } + } + + if (keytab) { + krb5_kt_close(context, keytab); + } + if (context) { + krb5_free_context(context); + } + return ret; +} + #endif /* HAVE_KRB5 */ |