diff options
-rw-r--r-- | source4/lib/cmdline/popt_credentials.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/source4/lib/cmdline/popt_credentials.c b/source4/lib/cmdline/popt_credentials.c index 11f4036e3f..6dcef3f22b 100644 --- a/source4/lib/cmdline/popt_credentials.c +++ b/source4/lib/cmdline/popt_credentials.c @@ -34,12 +34,13 @@ * -P,--machine-pass * --simple-bind-dn * --password + * --krb5-ccache */ static bool dont_ask; static bool machine_account_pending; -enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT }; +enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT, OPT_KRB5_CCACHE }; /* disable asking for a password @@ -130,6 +131,16 @@ static void popt_common_credentials_callback(poptContext con, cli_credentials_set_bind_dn(cmdline_credentials, arg); break; } + case OPT_KRB5_CCACHE: + { + const char *error_string; + if (cli_credentials_set_ccache(cmdline_credentials, cmdline_lp_ctx, arg, CRED_SPECIFIED, + &error_string) != 0) { + fprintf(stderr, "Error reading krb5 credentials cache: '%s' %s", arg, error_string); + exit(1); + } + break; + } case OPT_SIGN: { uint32_t gensec_features; @@ -166,6 +177,7 @@ struct poptOption popt_common_credentials[] = { { "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password (implies -k)" }, { "simple-bind-dn", 0, POPT_ARG_STRING, NULL, OPT_SIMPLE_BIND_DN, "DN to use for a simple bind" }, { "kerberos", 'k', POPT_ARG_STRING, NULL, OPT_KERBEROS, "Use Kerberos, -k [yes|no]" }, + { "krb5-ccache", 0, POPT_ARG_STRING, NULL, OPT_KRB5_CCACHE, "Credentials cache location for Kerberos" }, { "sign", 'S', POPT_ARG_NONE, NULL, OPT_SIGN, "Sign connection to prevent modification in transit" }, { "encrypt", 'e', POPT_ARG_NONE, NULL, OPT_ENCRYPT, "Encrypt connection for privacy" }, { NULL } |