diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-09-28 13:07:53 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-09-29 04:23:07 +1000 |
commit | 9b5e304ccedc8f0f7ce2342e4d9c621417dd1c1e (patch) | |
tree | 3e11b02e04b6791939a8dda1606bf1ab7b7de38f /source4/heimdal/kdc/misc.c | |
parent | 3021af2777ffd28f595835630510e367e7286c1c (diff) | |
download | samba-9b5e304ccedc8f0f7ce2342e4d9c621417dd1c1e.tar.gz samba-9b5e304ccedc8f0f7ce2342e4d9c621417dd1c1e.tar.bz2 samba-9b5e304ccedc8f0f7ce2342e4d9c621417dd1c1e.zip |
heimdal Add support for extracting a particular KVNO from the database
This should allow master key rollover.
(but the real reason is to allow multiple krbtgt accounts, as used by
Active Directory to implement RODC support)
Andrew Bartlett
Diffstat (limited to 'source4/heimdal/kdc/misc.c')
-rw-r--r-- | source4/heimdal/kdc/misc.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/source4/heimdal/kdc/misc.c b/source4/heimdal/kdc/misc.c index 39f91dcf10..3080748463 100644 --- a/source4/heimdal/kdc/misc.c +++ b/source4/heimdal/kdc/misc.c @@ -40,12 +40,19 @@ _kdc_db_fetch(krb5_context context, krb5_kdc_configuration *config, krb5_const_principal principal, unsigned flags, + krb5int32 *kvno_ptr, HDB **db, hdb_entry_ex **h) { hdb_entry_ex *ent; krb5_error_code ret; int i; + unsigned kvno; + + if (kvno_ptr) { + kvno = *kvno_ptr; + flags |= HDB_F_KVNO_SPECIFIED; + } ent = calloc (1, sizeof (*ent)); if (ent == NULL) { @@ -88,6 +95,7 @@ _kdc_db_fetch(krb5_context context, config->db[i], principal, flags | HDB_F_DECRYPT, + kvno, ent); krb5_free_principal(context, enterprise_principal); |