diff options
author | Volker Lendecke <vl@samba.org> | 2008-09-22 19:23:21 +0200 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2008-10-06 09:54:16 +0200 |
commit | f3ba7fc0b973ea66ee57fe0e1be73b3bcefc07fb (patch) | |
tree | 85c3977c3fe0df813676cea8a0d56a2170a04aa7 /source3 | |
parent | bb4e9d72dd7de46ae4635ff5fbe5427b2a93e7cc (diff) | |
download | samba-f3ba7fc0b973ea66ee57fe0e1be73b3bcefc07fb.tar.gz samba-f3ba7fc0b973ea66ee57fe0e1be73b3bcefc07fb.tar.bz2 samba-f3ba7fc0b973ea66ee57fe0e1be73b3bcefc07fb.zip |
Store a local schannel key in secrets.tdb
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/proto.h | 2 | ||||
-rw-r--r-- | source3/include/secrets.h | 2 | ||||
-rw-r--r-- | source3/passdb/secrets.c | 25 |
3 files changed, 29 insertions, 0 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 7cdcba19ab..41544da8c9 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -6421,6 +6421,8 @@ bool secrets_restore_schannel_session_info(TALLOC_CTX *mem_ctx, struct dcinfo **ppdc); bool secrets_store_generic(const char *owner, const char *key, const char *secret); char *secrets_fetch_generic(const char *owner, const char *key); +bool secrets_store_local_schannel_key(uint8_t schannel_key[16]); +bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]); /* The following definitions come from passdb/util_builtin.c */ diff --git a/source3/include/secrets.h b/source3/include/secrets.h index d9f457558b..3c8e2ccf81 100644 --- a/source3/include/secrets.h +++ b/source3/include/secrets.h @@ -45,6 +45,8 @@ #define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW" +#define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY" + /* Authenticated user info is stored in secrets.tdb under these keys */ #define SECRETS_AUTH_USER "SECRETS/AUTH_USER" diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index 4527ae7127..306d4d0a35 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -259,6 +259,31 @@ bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid) return True; } +bool secrets_store_local_schannel_key(uint8_t schannel_key[16]) +{ + return secrets_store(SECRETS_LOCAL_SCHANNEL_KEY, schannel_key, 16); +} + +bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]) +{ + size_t size = 0; + uint8_t *key; + + key = (uint8_t *)secrets_fetch(SECRETS_LOCAL_SCHANNEL_KEY, &size); + if (key == NULL) { + return false; + } + + if (size != 16) { + SAFE_FREE(key); + return false; + } + + memcpy(schannel_key, key, 16); + SAFE_FREE(key); + return true; +} + /** * Form a key for fetching the machine trust account sec channel type * |