summaryrefslogtreecommitdiff
path: root/source3/libads/kerberos.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libads/kerberos.c')
-rw-r--r--source3/libads/kerberos.c50
1 files changed, 43 insertions, 7 deletions
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 76ca0c0cf3..f260dcaaf0 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -428,7 +428,7 @@ char* kerberos_secrets_fetch_des_salt( void )
Caller must free if the return value is not NULL.
************************************************************************/
-char *kerberos_get_default_realm_from_ccache( void )
+char *kerberos_get_default_realm_from_ccache(TALLOC_CTX *mem_ctx)
{
char *realm = NULL;
krb5_context ctx = NULL;
@@ -455,11 +455,11 @@ char *kerberos_get_default_realm_from_ccache( void )
}
#if defined(HAVE_KRB5_PRINCIPAL_GET_REALM)
- realm = SMB_STRDUP(krb5_principal_get_realm(ctx, princ));
+ realm = talloc_strdup(mem_ctx, krb5_principal_get_realm(ctx, princ));
#elif defined(HAVE_KRB5_PRINC_REALM)
{
krb5_data *realm_data = krb5_princ_realm(ctx, princ);
- realm = SMB_STRNDUP(realm_data->data, realm_data->length);
+ realm = talloc_strndup(mem_ctx, realm_data->data, realm_data->length);
}
#endif
@@ -479,11 +479,10 @@ char *kerberos_get_default_realm_from_ccache( void )
}
/************************************************************************
- Routine to get the realm from a given DNS name. Returns malloc'ed memory.
- Caller must free() if the return value is not NULL.
+ Routine to get the realm from a given DNS name.
************************************************************************/
-char *kerberos_get_realm_from_hostname(const char *hostname)
+char *kerberos_get_realm_from_hostname(TALLOC_CTX *mem_ctx, const char *hostname)
{
#if defined(HAVE_KRB5_GET_HOST_REALM) && defined(HAVE_KRB5_FREE_HOST_REALM)
#if defined(HAVE_KRB5_REALM_TYPE)
@@ -512,7 +511,7 @@ char *kerberos_get_realm_from_hostname(const char *hostname)
}
if (realm_list && realm_list[0]) {
- realm = SMB_STRDUP(realm_list[0]);
+ realm = talloc_strdup(mem_ctx, realm_list[0]);
}
out:
@@ -531,6 +530,43 @@ char *kerberos_get_realm_from_hostname(const char *hostname)
#endif
}
+char *kerberos_get_principal_from_service_hostname(TALLOC_CTX *mem_ctx,
+ const char *service,
+ const char *remote_name)
+{
+ char *realm = NULL;
+ char *host = NULL;
+ char *principal;
+ host = strchr_m(remote_name, '.');
+ if (host) {
+ /* DNS name. */
+ realm = kerberos_get_realm_from_hostname(talloc_tos(), remote_name);
+ } else {
+ /* NetBIOS name - use our realm. */
+ realm = kerberos_get_default_realm_from_ccache(talloc_tos());
+ }
+
+ if (realm == NULL || *realm == '\0') {
+ realm = talloc_strdup(talloc_tos(), lp_realm());
+ if (!realm) {
+ return NULL;
+ }
+ DEBUG(3,("kerberos_get_principal_from_service_hostname: "
+ "cannot get realm from, "
+ "desthost %s or default ccache. Using default "
+ "smb.conf realm %s\n",
+ remote_name,
+ realm));
+ }
+
+ principal = talloc_asprintf(mem_ctx,
+ "%s/%s@%s",
+ service, remote_name,
+ realm);
+ TALLOC_FREE(realm);
+ return principal;
+}
+
/************************************************************************
Routine to get the salting principal for this service. This is
maintained for backwards compatibilty with releases prior to 3.0.24.