diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-12-21 22:02:52 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:47:35 -0500 |
| commit | 221c1512a8b4de9a568c0a0cdafa97ab5c53368c (patch) | |
| tree | a3c696e37929ef2b758ba9466a07b0779b659b61 /source4/auth/credentials/credentials_krb5.c | |
| parent | f45b0ff698414f4fcdb49f1324ebfc5576f785ae (diff) | |
| download | samba-221c1512a8b4de9a568c0a0cdafa97ab5c53368c.tar.gz samba-221c1512a8b4de9a568c0a0cdafa97ab5c53368c.tar.bz2 samba-221c1512a8b4de9a568c0a0cdafa97ab5c53368c.zip | |
r12411: Add 'net samdump keytab <keytab>'.
This extracts a remote windows domain into a keytab, suitable for use
in ethereal for kerberos decryption.
For the moment, like net samdump and net samsync, the 'password
server' smb.conf option must be set to the binding string for the
server. eg:
password server = ncacn_np:mypdc
Andrew Bartlett
(This used to be commit 272013438f53bb168f74e09eb70fc96112b84772)
Diffstat (limited to 'source4/auth/credentials/credentials_krb5.c')
| -rw-r--r-- | source4/auth/credentials/credentials_krb5.c | 27 |
1 files changed, 7 insertions, 20 deletions
diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c index 173739e9b8..5f40ca1046 100644 --- a/source4/auth/credentials/credentials_krb5.c +++ b/source4/auth/credentials/credentials_krb5.c @@ -398,7 +398,7 @@ int cli_credentials_get_keytab(struct cli_credentials *cred, return ENOMEM; } - ret = create_memory_keytab(mem_ctx, cred, smb_krb5_context, &ktc); + ret = smb_krb5_create_memory_keytab(mem_ctx, cred, smb_krb5_context, &ktc); if (ret) { talloc_free(mem_ctx); return ret; @@ -417,14 +417,13 @@ int cli_credentials_get_keytab(struct cli_credentials *cred, /* Given the name of a keytab (presumably in the format * FILE:/etc/krb5.keytab), open it and attach it */ -int cli_credentials_set_keytab(struct cli_credentials *cred, - const char *keytab_name, - enum credentials_obtained obtained) +int cli_credentials_set_keytab_name(struct cli_credentials *cred, + const char *keytab_name, + enum credentials_obtained obtained) { krb5_error_code ret; struct keytab_container *ktc; struct smb_krb5_context *smb_krb5_context; - krb5_keytab keytab; TALLOC_CTX *mem_ctx; if (cred->keytab_obtained >= obtained) { @@ -441,24 +440,12 @@ int cli_credentials_set_keytab(struct cli_credentials *cred, return ENOMEM; } - ret = krb5_kt_resolve(smb_krb5_context->krb5_context, keytab_name, &keytab); + ret = smb_krb5_open_keytab(mem_ctx, smb_krb5_context, + keytab_name, &ktc); if (ret) { - DEBUG(1,("failed to open krb5 keytab: %s\n", - smb_get_krb5_error_message(smb_krb5_context->krb5_context, - ret, mem_ctx))); - talloc_free(mem_ctx); return ret; } - ktc = talloc(mem_ctx, struct keytab_container); - if (!ktc) { - talloc_free(mem_ctx); - return ENOMEM; - } - - ktc->smb_krb5_context = talloc_reference(ktc, smb_krb5_context); - ktc->keytab = keytab; - cred->keytab_obtained = obtained; talloc_steal(cred, ktc); @@ -492,7 +479,7 @@ int cli_credentials_update_keytab(struct cli_credentials *cred) return ret; } - ret = update_keytab(mem_ctx, cred, smb_krb5_context, ktc); + ret = smb_krb5_update_keytab(mem_ctx, cred, smb_krb5_context, ktc); talloc_free(mem_ctx); return ret; |