diff options
author | Günther Deschner <gd@samba.org> | 2008-01-08 18:59:57 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2008-01-09 10:20:44 +0100 |
commit | ba922343dbfbdcc9a43e540051853c7877b21de1 (patch) | |
tree | bbbd60a58030d733104e29cc0899be00fe1b5f91 /source3 | |
parent | af02de700da25c964ef54968b89c6a0b11489b27 (diff) | |
download | samba-ba922343dbfbdcc9a43e540051853c7877b21de1.tar.gz samba-ba922343dbfbdcc9a43e540051853c7877b21de1.tar.bz2 samba-ba922343dbfbdcc9a43e540051853c7877b21de1.zip |
Add libnet_join_derive_salting_principal().
Guenther
(This used to be commit 95129a28cfa57d8e5bd767b92f065abd1d32a569)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/libnet/libnet_join.c | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 454c1f29fb..d139fa04a1 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -438,6 +438,57 @@ static bool libnet_join_create_keytab(TALLOC_CTX *mem_ctx, return true; } +#ifdef HAVE_LDAP + +/**************************************************************** +****************************************************************/ + +static bool libnet_join_derive_salting_principal(TALLOC_CTX *mem_ctx, + struct libnet_JoinCtx *r) +{ + uint32_t domain_func; + ADS_STATUS status; + const char *salt = NULL; + char *std_salt = NULL; + + status = ads_domain_func_level(r->in.ads, &domain_func); + if (!ADS_ERR_OK(status)) { + libnet_join_set_error_string(mem_ctx, r, + "Failed to determine domain functional level!\n"); + return false; + } + + std_salt = kerberos_standard_des_salt(); + if (!std_salt) { + libnet_join_set_error_string(mem_ctx, r, + "failed to obtain standard DES salt\n"); + return false; + } + + salt = talloc_strdup(mem_ctx, std_salt); + if (!salt) { + return false; + } + + SAFE_FREE(std_salt); + + if (domain_func == DS_DOMAIN_FUNCTION_2000) { + char *upn; + + upn = ads_get_upn(r->in.ads, mem_ctx, + r->in.machine_name); + if (upn) { + salt = talloc_strdup(mem_ctx, upn); + if (!salt) { + return false; + } + } + } + + return kerberos_secrets_store_des_salt(salt); +} +#endif + /**************************************************************** ****************************************************************/ @@ -1020,6 +1071,10 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, ads_errstr(ads_status)); return WERR_GENERAL_FAILURE; } + + if (!libnet_join_derive_salting_principal(mem_ctx, r)) { + return WERR_GENERAL_FAILURE; + } #endif if (!libnet_join_create_keytab(mem_ctx, r)) { libnet_join_set_error_string(mem_ctx, r, |