summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libnet/libnet_dssync_keytab.c111
-rw-r--r--source3/libnet/libnet_keytab.c33
-rw-r--r--source3/libnet/libnet_proto.h7
-rw-r--r--source3/libnet/libnet_samsync_keytab.c29
4 files changed, 93 insertions, 87 deletions
diff --git a/source3/libnet/libnet_dssync_keytab.c b/source3/libnet/libnet_dssync_keytab.c
index 6a3139d6ad..a05bfdcbe2 100644
--- a/source3/libnet/libnet_dssync_keytab.c
+++ b/source3/libnet/libnet_dssync_keytab.c
@@ -24,39 +24,6 @@
#if defined(HAVE_ADS) && defined(ENCTYPE_ARCFOUR_HMAC)
-/**
- * Internal helper function to add data to the list
- * of keytab entries. It builds the prefix from the input.
- */
-static NTSTATUS add_to_keytab_entries(TALLOC_CTX *mem_ctx,
- struct libnet_keytab_context *ctx,
- uint32_t kvno,
- const char *name,
- const char *prefix,
- const krb5_enctype enctype,
- DATA_BLOB blob)
-{
- struct libnet_keytab_entry entry;
-
- entry.kvno = kvno;
- entry.name = talloc_strdup(mem_ctx, name);
- entry.principal = talloc_asprintf(mem_ctx, "%s%s%s@%s",
- prefix ? prefix : "",
- prefix ? "/" : "",
- name, ctx->dns_domain_name);
- entry.enctype = enctype;
- entry.password = blob;
- NT_STATUS_HAVE_NO_MEMORY(entry.name);
- NT_STATUS_HAVE_NO_MEMORY(entry.principal);
- NT_STATUS_HAVE_NO_MEMORY(entry.password.data);
-
- ADD_TO_ARRAY(mem_ctx, struct libnet_keytab_entry, entry,
- &ctx->entries, &ctx->count);
- NT_STATUS_HAVE_NO_MEMORY(ctx->entries);
-
- return NT_STATUS_OK;
-}
-
static NTSTATUS keytab_startup(struct dssync_context *ctx, TALLOC_CTX *mem_ctx,
struct replUpToDateVectorBlob **pold_utdv)
{
@@ -134,10 +101,10 @@ static NTSTATUS keytab_finish(struct dssync_context *ctx, TALLOC_CTX *mem_ctx,
goto done;
}
- status = add_to_keytab_entries(mem_ctx, keytab_ctx, 0,
- ctx->nc_dn, "UTDV",
- ENCTYPE_NULL,
- blob);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, keytab_ctx, 0,
+ ctx->nc_dn, "UTDV",
+ ENCTYPE_NULL,
+ blob);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
@@ -391,11 +358,11 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
}
if (name) {
- status = add_to_keytab_entries(mem_ctx, ctx, 0, object_dn,
- "SAMACCOUNTNAME",
- ENCTYPE_NULL,
- data_blob_talloc(mem_ctx, name,
- strlen(name) + 1));
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, 0, object_dn,
+ "SAMACCOUNTNAME",
+ ENCTYPE_NULL,
+ data_blob_talloc(mem_ctx, name,
+ strlen(name) + 1));
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -454,9 +421,9 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
}
DEBUGADD(1,("\n"));
- status = add_to_keytab_entries(mem_ctx, ctx, kvno, name, NULL,
- ENCTYPE_ARCFOUR_HMAC,
- data_blob_talloc(mem_ctx, nt_passwd, 16));
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno, name, NULL,
+ ENCTYPE_ARCFOUR_HMAC,
+ data_blob_talloc(mem_ctx, nt_passwd, 16));
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -469,11 +436,11 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
if (!pkb4->keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno,
- name,
- NULL,
- pkb4->keys[i].keytype,
- *pkb4->keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno,
+ name,
+ NULL,
+ pkb4->keys[i].keytype,
+ *pkb4->keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -482,11 +449,11 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
if (!pkb4->old_keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno - 1,
- name,
- NULL,
- pkb4->old_keys[i].keytype,
- *pkb4->old_keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno - 1,
+ name,
+ NULL,
+ pkb4->old_keys[i].keytype,
+ *pkb4->old_keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -495,11 +462,11 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
if (!pkb4->older_keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno - 2,
- name,
- NULL,
- pkb4->older_keys[i].keytype,
- *pkb4->older_keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno - 2,
+ name,
+ NULL,
+ pkb4->older_keys[i].keytype,
+ *pkb4->older_keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -511,10 +478,10 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
if (!pkb3->keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno, name,
- NULL,
- pkb3->keys[i].keytype,
- *pkb3->keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno, name,
+ NULL,
+ pkb3->keys[i].keytype,
+ *pkb3->keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -523,11 +490,11 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
if (!pkb3->old_keys[i].value) {
continue;
}
- status = add_to_keytab_entries(mem_ctx, ctx, kvno - 1,
- name,
- NULL,
- pkb3->old_keys[i].keytype,
- *pkb3->old_keys[i].value);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno - 1,
+ name,
+ NULL,
+ pkb3->old_keys[i].keytype,
+ *pkb3->old_keys[i].value);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -549,9 +516,9 @@ static NTSTATUS parse_object(TALLOC_CTX *mem_ctx,
}
for (; i<pwd_history_len; i++) {
- status = add_to_keytab_entries(mem_ctx, ctx, kvno--, name, NULL,
- ENCTYPE_ARCFOUR_HMAC,
- data_blob_talloc(mem_ctx, &pwd_history[i*16], 16));
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx, kvno--, name, NULL,
+ ENCTYPE_ARCFOUR_HMAC,
+ data_blob_talloc(mem_ctx, &pwd_history[i*16], 16));
if (!NT_STATUS_IS_OK(status)) {
break;
}
diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c
index 46c17b219c..990f6f6a63 100644
--- a/source3/libnet/libnet_keytab.c
+++ b/source3/libnet/libnet_keytab.c
@@ -401,4 +401,37 @@ cont:
return entry;
}
+/**
+ * Helper function to add data to the list
+ * of keytab entries. It builds the prefix from the input.
+ */
+NTSTATUS libnet_keytab_add_to_keytab_entries(TALLOC_CTX *mem_ctx,
+ struct libnet_keytab_context *ctx,
+ uint32_t kvno,
+ const char *name,
+ const char *prefix,
+ const krb5_enctype enctype,
+ DATA_BLOB blob)
+{
+ struct libnet_keytab_entry entry;
+
+ entry.kvno = kvno;
+ entry.name = talloc_strdup(mem_ctx, name);
+ entry.principal = talloc_asprintf(mem_ctx, "%s%s%s@%s",
+ prefix ? prefix : "",
+ prefix ? "/" : "",
+ name, ctx->dns_domain_name);
+ entry.enctype = enctype;
+ entry.password = blob;
+ NT_STATUS_HAVE_NO_MEMORY(entry.name);
+ NT_STATUS_HAVE_NO_MEMORY(entry.principal);
+ NT_STATUS_HAVE_NO_MEMORY(entry.password.data);
+
+ ADD_TO_ARRAY(mem_ctx, struct libnet_keytab_entry, entry,
+ &ctx->entries, &ctx->count);
+ NT_STATUS_HAVE_NO_MEMORY(ctx->entries);
+
+ return NT_STATUS_OK;
+}
+
#endif /* HAVE_KRB5 */
diff --git a/source3/libnet/libnet_proto.h b/source3/libnet/libnet_proto.h
index 69a16c1c7d..9a193b724d 100644
--- a/source3/libnet/libnet_proto.h
+++ b/source3/libnet/libnet_proto.h
@@ -55,6 +55,13 @@ struct libnet_keytab_entry *libnet_keytab_search(struct libnet_keytab_context *c
const char *principal, int kvno,
const krb5_enctype enctype,
TALLOC_CTX *mem_ctx);
+NTSTATUS libnet_keytab_add_to_keytab_entries(TALLOC_CTX *mem_ctx,
+ struct libnet_keytab_context *ctx,
+ uint32_t kvno,
+ const char *name,
+ const char *prefix,
+ const krb5_enctype enctype,
+ DATA_BLOB blob);
#endif
/* The following definitions come from libnet/libnet_samsync.c */
diff --git a/source3/libnet/libnet_samsync_keytab.c b/source3/libnet/libnet_samsync_keytab.c
index 0341641a4c..5c17d010aa 100644
--- a/source3/libnet/libnet_samsync_keytab.c
+++ b/source3/libnet/libnet_samsync_keytab.c
@@ -78,27 +78,26 @@ static NTSTATUS fetch_sam_entry_keytab(TALLOC_CTX *mem_ctx,
bool last_query,
struct libnet_keytab_context *ctx)
{
- struct libnet_keytab_entry entry;
+ NTSTATUS status;
+ uint32_t kvno = 0;
+ DATA_BLOB blob;
if (memcmp(r->ntpassword.hash, ctx->zero_buf, 16) == 0) {
return NT_STATUS_OK;
}
- entry.name = talloc_strdup(mem_ctx, r->account_name.string);
- entry.principal = talloc_asprintf(mem_ctx, "%s@%s",
- r->account_name.string,
- ctx->dns_domain_name);
- entry.password = data_blob_talloc(mem_ctx, r->ntpassword.hash, 16);
- entry.kvno = ads_get_kvno(ctx->ads, entry.name);
- entry.enctype = ENCTYPE_ARCFOUR_HMAC;
-
- NT_STATUS_HAVE_NO_MEMORY(entry.name);
- NT_STATUS_HAVE_NO_MEMORY(entry.principal);
- NT_STATUS_HAVE_NO_MEMORY(entry.password.data);
-
+ kvno = ads_get_kvno(ctx->ads, r->account_name.string);
+ blob = data_blob_const(r->ntpassword.hash, 16);
- ADD_TO_ARRAY(mem_ctx, struct libnet_keytab_entry, entry,
- &ctx->entries, &ctx->count);
+ status = libnet_keytab_add_to_keytab_entries(mem_ctx, ctx,
+ kvno,
+ r->account_name.string,
+ NULL,
+ ENCTYPE_ARCFOUR_HMAC,
+ blob);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
return NT_STATUS_OK;
}