diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2010-05-01 10:33:08 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-05-02 06:54:23 +1000 |
| commit | 44e7ea692708c1c956fc9bd20ed9a6d5de9479a4 (patch) | |
| tree | c2677201a5cdab1772371611242f0fcdac6826a7 /source4/auth/credentials/credentials.c | |
| parent | 485def3b5dae7c77fb0c01ed99b6865b7c5ceeb8 (diff) | |
| download | samba-44e7ea692708c1c956fc9bd20ed9a6d5de9479a4.tar.gz samba-44e7ea692708c1c956fc9bd20ed9a6d5de9479a4.tar.bz2 samba-44e7ea692708c1c956fc9bd20ed9a6d5de9479a4.zip | |
s4:credentials Make the CCACHE in credentials depend on the things that built it
This means that we consider the ccache only as reliable as the least
specified of the inputs we used.
This means that we will regenerate the ccache if any of the inputs change.
Andrew Bartlett
Diffstat (limited to 'source4/auth/credentials/credentials.c')
| -rw-r--r-- | source4/auth/credentials/credentials.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c index 5f2658d5bd..6f7630a206 100644 --- a/source4/auth/credentials/credentials.c +++ b/source4/auth/credentials/credentials.c @@ -222,7 +222,7 @@ _PUBLIC_ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred) * @retval The username set on this context. * @note Return value will never be NULL except by programmer error. */ -_PUBLIC_ const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx) +const char *cli_credentials_get_principal_and_obtained(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, enum credentials_obtained *obtained) { if (cred->machine_account_pending) { cli_credentials_set_machine_account(cred, @@ -238,20 +238,36 @@ _PUBLIC_ const char *cli_credentials_get_principal(struct cli_credentials *cred, cli_credentials_invalidate_ccache(cred, cred->principal_obtained); } - if (cred->principal_obtained < cred->username_obtained) { + if (cred->principal_obtained < cred->username_obtained + || cred->principal_obtained < MAX(cred->domain_obtained, cred->realm_obtained)) { if (cred->domain_obtained > cred->realm_obtained) { + *obtained = MIN(cred->domain_obtained, cred->username_obtained); return talloc_asprintf(mem_ctx, "%s@%s", cli_credentials_get_username(cred), cli_credentials_get_domain(cred)); } else { + *obtained = MIN(cred->domain_obtained, cred->username_obtained); return talloc_asprintf(mem_ctx, "%s@%s", cli_credentials_get_username(cred), cli_credentials_get_realm(cred)); } } + *obtained = cred->principal_obtained; return talloc_reference(mem_ctx, cred->principal); } +/** + * Obtain the client principal for this credentials context. + * @param cred credentials context + * @retval The username set on this context. + * @note Return value will never be NULL except by programmer error. + */ +_PUBLIC_ const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx) +{ + enum credentials_obtained obtained; + return cli_credentials_get_principal_and_obtained(cred, mem_ctx, &obtained); +} + bool cli_credentials_set_principal(struct cli_credentials *cred, const char *val, enum credentials_obtained obtained) |