diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2010-09-23 17:01:44 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-09-24 09:25:44 +1000 |
| commit | f03913e2ccfcd75a9d569a5b6e9152b091e0014f (patch) | |
| tree | 4d4fa8e8c7013c1507ed791f4a76d37e7262965b /source4/param | |
| parent | 062b0ebc04406a24c804ffe1d3a95eb0b4500199 (diff) | |
| download | samba-f03913e2ccfcd75a9d569a5b6e9152b091e0014f.tar.gz samba-f03913e2ccfcd75a9d569a5b6e9152b091e0014f.tar.bz2 samba-f03913e2ccfcd75a9d569a5b6e9152b091e0014f.zip | |
s4-kerberos Move 'set key into keytab' code out of credentials.
This code never really belonged in the credentials layer, and
is easier done with direct access to the ldb_message that is
in secrets.ldb.
Andrew Bartlett
Diffstat (limited to 'source4/param')
| -rw-r--r-- | source4/param/secrets.c | 25 | ||||
| -rw-r--r-- | source4/param/secrets.h | 4 |
2 files changed, 29 insertions, 0 deletions
diff --git a/source4/param/secrets.c b/source4/param/secrets.c index f6ab5e93fb..5e9b0a977f 100644 --- a/source4/param/secrets.c +++ b/source4/param/secrets.c @@ -167,3 +167,28 @@ struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, return result; } + +char *keytab_name_from_msg(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, struct ldb_message *msg) +{ + const char *krb5keytab = ldb_msg_find_attr_as_string(msg, "krb5Keytab", NULL); + if (krb5keytab) { + return talloc_strdup(mem_ctx, krb5keytab); + } else { + char *file_keytab; + char *relative_path; + const char *privateKeytab = ldb_msg_find_attr_as_string(msg, "privateKeytab", NULL); + if (!privateKeytab) { + return NULL; + } + + relative_path = samdb_relative_path(ldb, mem_ctx, privateKeytab); + if (!relative_path) { + return NULL; + } + file_keytab = talloc_asprintf(mem_ctx, "FILE:%s", relative_path); + talloc_free(relative_path); + return file_keytab; + } + return NULL; +} + diff --git a/source4/param/secrets.h b/source4/param/secrets.h index 018bd36337..49fe8c31c7 100644 --- a/source4/param/secrets.h +++ b/source4/param/secrets.h @@ -39,6 +39,9 @@ struct loadparm_context; struct tevent_context; enum netr_SchannelType; +struct ldb_message; +struct ldb_context; + struct tdb_wrap *secrets_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx); struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx, struct loadparm_context *lp_ctx); struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, @@ -47,6 +50,7 @@ struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, const char *domain, enum netr_SchannelType *sec_channel_type, char **errstring); +char *keytab_name_from_msg(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, struct ldb_message *msg); #endif /* _SECRETS_H */ |