diff options
| author | Michael Adam <obnox@samba.org> | 2008-07-29 15:19:18 +0200 |
|---|---|---|
| committer | Michael Adam <obnox@samba.org> | 2008-08-01 16:04:43 +0200 |
| commit | ca0cbabd36f894f94bdc0d95c670a6710906f9ac (patch) | |
| tree | 4c6a8f6678f63b58dc9eff87bdfcdb1626822519 /source3/libnet | |
| parent | d74f57826aaa697745e8abc7537325963f2698b2 (diff) | |
| download | samba-ca0cbabd36f894f94bdc0d95c670a6710906f9ac.tar.gz samba-ca0cbabd36f894f94bdc0d95c670a6710906f9ac.tar.bz2 samba-ca0cbabd36f894f94bdc0d95c670a6710906f9ac.zip | |
libnet keytab: add function libnet_keytab_add_entry()
This is a stripped down version of smb_krb5_kt_add_entry() that
takes one explicit enctype instead of an array. And it does
not neither salting of keys nor cleanup of old entries.
Michael
(This used to be commit c83e54f1eb3021d13fb0a3c3f6b556a338d2a8c3)
Diffstat (limited to 'source3/libnet')
| -rw-r--r-- | source3/libnet/libnet_keytab.c | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c index a748599c78..0b8327c38f 100644 --- a/source3/libnet/libnet_keytab.c +++ b/source3/libnet/libnet_keytab.c @@ -105,6 +105,60 @@ krb5_error_code libnet_keytab_init(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static krb5_error_code libnet_keytab_add_entry(krb5_context context, + krb5_keytab keytab, + krb5_kvno kvno, + const char *princ_s, + krb5_enctype enctype, + krb5_data password) +{ + krb5_keyblock *keyp; + krb5_keytab_entry kt_entry; + krb5_error_code ret; + + ZERO_STRUCT(kt_entry); + + kt_entry.vno = kvno; + + ret = smb_krb5_parse_name(context, princ_s, &kt_entry.principal); + if (ret) { + DEBUG(1, ("smb_krb5_parse_name(%s) failed (%s)\n", + princ_s, error_message(ret))); + return ret; + } + +#if !defined(HAVE_KRB5_KEYTAB_ENTRY_KEY) && !defined(HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK) +#error krb5_keytab_entry has no key or keyblock member +#endif +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEY /* MIT */ + keyp = &kt_entry.key; +#endif +#ifdef HAVE_KRB5_KEYTAB_ENTRY_KEYBLOCK /* Heimdal */ + keyp = &kt_entry.keyblock; +#endif + + if (create_kerberos_key_from_string(context, kt_entry.principal, + &password, keyp, enctype, true)) + { + ret = KRB5KRB_ERR_GENERIC; + goto done; + } + + ret = krb5_kt_add_entry(context, keytab, &kt_entry); + if (ret) { + DEBUG(1, ("adding entry to keytab failed (%s)\n", + error_message(ret))); + } + +done: + krb5_free_keyblock_contents(context, keyp); + krb5_free_principal(context, kt_entry.principal); + ZERO_STRUCT(kt_entry); + smb_krb5_kt_free_entry(context, &kt_entry); + + return ret; +} + krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx) { #if defined(ENCTYPE_ARCFOUR_HMAC) |