summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h2
-rw-r--r--source3/include/secrets.h2
-rw-r--r--source3/passdb/secrets.c25
3 files changed, 29 insertions, 0 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 7cdcba19ab..41544da8c9 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -6421,6 +6421,8 @@ bool secrets_restore_schannel_session_info(TALLOC_CTX *mem_ctx,
struct dcinfo **ppdc);
bool secrets_store_generic(const char *owner, const char *key, const char *secret);
char *secrets_fetch_generic(const char *owner, const char *key);
+bool secrets_store_local_schannel_key(uint8_t schannel_key[16]);
+bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]);
/* The following definitions come from passdb/util_builtin.c */
diff --git a/source3/include/secrets.h b/source3/include/secrets.h
index d9f457558b..3c8e2ccf81 100644
--- a/source3/include/secrets.h
+++ b/source3/include/secrets.h
@@ -45,6 +45,8 @@
#define SECRETS_LDAP_BIND_PW "SECRETS/LDAP_BIND_PW"
+#define SECRETS_LOCAL_SCHANNEL_KEY "SECRETS/LOCAL_SCHANNEL_KEY"
+
/* Authenticated user info is stored in secrets.tdb under these keys */
#define SECRETS_AUTH_USER "SECRETS/AUTH_USER"
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index 4527ae7127..306d4d0a35 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -259,6 +259,31 @@ bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid)
return True;
}
+bool secrets_store_local_schannel_key(uint8_t schannel_key[16])
+{
+ return secrets_store(SECRETS_LOCAL_SCHANNEL_KEY, schannel_key, 16);
+}
+
+bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16])
+{
+ size_t size = 0;
+ uint8_t *key;
+
+ key = (uint8_t *)secrets_fetch(SECRETS_LOCAL_SCHANNEL_KEY, &size);
+ if (key == NULL) {
+ return false;
+ }
+
+ if (size != 16) {
+ SAFE_FREE(key);
+ return false;
+ }
+
+ memcpy(schannel_key, key, 16);
+ SAFE_FREE(key);
+ return true;
+}
+
/**
* Form a key for fetching the machine trust account sec channel type
*