summaryrefslogtreecommitdiff
path: root/source4/auth/kerberos
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2012-04-25 17:29:09 -0400
committerSimo Sorce <idra@samba.org>2012-05-04 16:51:28 +0200
commit38a5a2c5c59029889d6c7c6dc80ab087956ca651 (patch)
tree91cef3faaa076439ea4497dc2b84be4577780bdb /source4/auth/kerberos
parentaa1a0d80de8b8c9116f5d5b576e2422d104e6b75 (diff)
downloadsamba-38a5a2c5c59029889d6c7c6dc80ab087956ca651.tar.gz
samba-38a5a2c5c59029889d6c7c6dc80ab087956ca651.tar.bz2
samba-38a5a2c5c59029889d6c7c6dc80ab087956ca651.zip
Move kerberos_kinit_keyblock_cc to krb5samba lib
Make it also work with MIT where krb5_get_in_tkt_with_keyblock is not available.
Diffstat (limited to 'source4/auth/kerberos')
-rw-r--r--source4/auth/kerberos/kerberos.c48
-rw-r--r--source4/auth/kerberos/kerberos.h7
2 files changed, 0 insertions, 55 deletions
diff --git a/source4/auth/kerberos/kerberos.c b/source4/auth/kerberos/kerberos.c
index 0fc9d143ab..b4e989d2ae 100644
--- a/source4/auth/kerberos/kerberos.c
+++ b/source4/auth/kerberos/kerberos.c
@@ -30,54 +30,6 @@
/*
simulate a kinit, putting the tgt in the given credentials cache.
Orignally by remus@snapserver.com
-
- This version is built to use a keyblock, rather than needing the
- original password.
-
- The impersonate_principal is the principal if NULL, or the principal to impersonate
-
- The target_service defaults to the krbtgt if NULL, but could be kpasswd/realm or the local service (if we are doing s4u2self)
-*/
- krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
- krb5_principal principal, krb5_keyblock *keyblock,
- const char *target_service,
- krb5_get_init_creds_opt *krb_options,
- time_t *expire_time, time_t *kdc_time)
-{
- krb5_error_code code = 0;
- krb5_creds my_creds;
-
- if ((code = krb5_get_init_creds_keyblock(ctx, &my_creds, principal, keyblock,
- 0, target_service, krb_options))) {
- return code;
- }
-
- if ((code = krb5_cc_initialize(ctx, cc, principal))) {
- krb5_free_cred_contents(ctx, &my_creds);
- return code;
- }
-
- if ((code = krb5_cc_store_cred(ctx, cc, &my_creds))) {
- krb5_free_cred_contents(ctx, &my_creds);
- return code;
- }
-
- if (expire_time) {
- *expire_time = (time_t) my_creds.times.endtime;
- }
-
- if (kdc_time) {
- *kdc_time = (time_t) my_creds.times.starttime;
- }
-
- krb5_free_cred_contents(ctx, &my_creds);
-
- return 0;
-}
-
-/*
- simulate a kinit, putting the tgt in the given credentials cache.
- Orignally by remus@snapserver.com
The impersonate_principal is the principal if NULL, or the principal to impersonate
diff --git a/source4/auth/kerberos/kerberos.h b/source4/auth/kerberos/kerberos.h
index cc02aee27f..018f6b80b1 100644
--- a/source4/auth/kerberos/kerberos.h
+++ b/source4/auth/kerberos/kerberos.h
@@ -74,13 +74,6 @@ const krb5_data *krb5_princ_component(krb5_context context, krb5_principal princ
#endif
/* Samba wrapper function for krb5 functionality. */
-krb5_error_code kerberos_kinit_password_cc(krb5_context ctx, krb5_ccache cc,
- krb5_principal principal, const char *password,
- krb5_principal impersonate_principal,
- const char *self_service,
- const char *target_service,
- krb5_get_init_creds_opt *krb_options,
- time_t *expire_time, time_t *kdc_time);
krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
krb5_principal principal, krb5_keyblock *keyblock,
const char *target_service,