diff options
author | Simo Sorce <idra@samba.org> | 2012-04-25 17:29:09 -0400 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2012-05-04 16:51:28 +0200 |
commit | 38a5a2c5c59029889d6c7c6dc80ab087956ca651 (patch) | |
tree | 91cef3faaa076439ea4497dc2b84be4577780bdb /source4/auth/kerberos | |
parent | aa1a0d80de8b8c9116f5d5b576e2422d104e6b75 (diff) | |
download | samba-38a5a2c5c59029889d6c7c6dc80ab087956ca651.tar.gz samba-38a5a2c5c59029889d6c7c6dc80ab087956ca651.tar.bz2 samba-38a5a2c5c59029889d6c7c6dc80ab087956ca651.zip |
Move kerberos_kinit_keyblock_cc to krb5samba lib
Make it also work with MIT where krb5_get_in_tkt_with_keyblock is not
available.
Diffstat (limited to 'source4/auth/kerberos')
-rw-r--r-- | source4/auth/kerberos/kerberos.c | 48 | ||||
-rw-r--r-- | source4/auth/kerberos/kerberos.h | 7 |
2 files changed, 0 insertions, 55 deletions
diff --git a/source4/auth/kerberos/kerberos.c b/source4/auth/kerberos/kerberos.c index 0fc9d143ab..b4e989d2ae 100644 --- a/source4/auth/kerberos/kerberos.c +++ b/source4/auth/kerberos/kerberos.c @@ -30,54 +30,6 @@ /* simulate a kinit, putting the tgt in the given credentials cache. Orignally by remus@snapserver.com - - This version is built to use a keyblock, rather than needing the - original password. - - The impersonate_principal is the principal if NULL, or the principal to impersonate - - The target_service defaults to the krbtgt if NULL, but could be kpasswd/realm or the local service (if we are doing s4u2self) -*/ - krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc, - krb5_principal principal, krb5_keyblock *keyblock, - const char *target_service, - krb5_get_init_creds_opt *krb_options, - time_t *expire_time, time_t *kdc_time) -{ - krb5_error_code code = 0; - krb5_creds my_creds; - - if ((code = krb5_get_init_creds_keyblock(ctx, &my_creds, principal, keyblock, - 0, target_service, krb_options))) { - return code; - } - - if ((code = krb5_cc_initialize(ctx, cc, principal))) { - krb5_free_cred_contents(ctx, &my_creds); - return code; - } - - if ((code = krb5_cc_store_cred(ctx, cc, &my_creds))) { - krb5_free_cred_contents(ctx, &my_creds); - return code; - } - - if (expire_time) { - *expire_time = (time_t) my_creds.times.endtime; - } - - if (kdc_time) { - *kdc_time = (time_t) my_creds.times.starttime; - } - - krb5_free_cred_contents(ctx, &my_creds); - - return 0; -} - -/* - simulate a kinit, putting the tgt in the given credentials cache. - Orignally by remus@snapserver.com The impersonate_principal is the principal if NULL, or the principal to impersonate diff --git a/source4/auth/kerberos/kerberos.h b/source4/auth/kerberos/kerberos.h index cc02aee27f..018f6b80b1 100644 --- a/source4/auth/kerberos/kerberos.h +++ b/source4/auth/kerberos/kerberos.h @@ -74,13 +74,6 @@ const krb5_data *krb5_princ_component(krb5_context context, krb5_principal princ #endif /* Samba wrapper function for krb5 functionality. */ -krb5_error_code kerberos_kinit_password_cc(krb5_context ctx, krb5_ccache cc, - krb5_principal principal, const char *password, - krb5_principal impersonate_principal, - const char *self_service, - const char *target_service, - krb5_get_init_creds_opt *krb_options, - time_t *expire_time, time_t *kdc_time); krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc, krb5_principal principal, krb5_keyblock *keyblock, const char *target_service, |