diff options
Diffstat (limited to 'source4/auth/credentials')
-rw-r--r-- | source4/auth/credentials/credentials.c | 1 | ||||
-rw-r--r-- | source4/auth/credentials/credentials.h | 1 | ||||
-rw-r--r-- | source4/auth/credentials/credentials_files.c | 13 | ||||
-rw-r--r-- | source4/auth/credentials/credentials_krb5.c | 9 |
4 files changed, 20 insertions, 4 deletions
diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c index 9be877dd2c..5fe6daddbe 100644 --- a/source4/auth/credentials/credentials.c +++ b/source4/auth/credentials/credentials.c @@ -51,6 +51,7 @@ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) cred->old_password = NULL; cred->smb_krb5_context = NULL; + cred->salt_principal = NULL; return cred; } diff --git a/source4/auth/credentials/credentials.h b/source4/auth/credentials/credentials.h index aa2a0d0ac2..b43ddbbe89 100644 --- a/source4/auth/credentials/credentials.h +++ b/source4/auth/credentials/credentials.h @@ -57,6 +57,7 @@ struct cli_credentials { const char *domain; const char *realm; const char *principal; + const char *salt_principal; struct samr_Password *nt_hash; diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c index 31f645bc6c..cdf38dcfa8 100644 --- a/source4/auth/credentials/credentials_files.c +++ b/source4/auth/credentials/credentials_files.c @@ -182,6 +182,7 @@ static NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, "secureChannelType", "ntPwdHash", "msDS-KeyVersionNumber", + "saltPrincipal", NULL }; @@ -191,6 +192,7 @@ static NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, const char *domain; const char *realm; enum netr_SchannelType sct; + const char *salt_principal; /* ok, we are going to get it now, don't recurse back here */ cred->machine_account_pending = False; @@ -209,13 +211,13 @@ static NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, &msgs, attrs, "%s", filter); if (ldb_ret == 0) { - DEBUG(1, ("Could not find join record to domain: %s\n", - cli_credentials_get_domain(cred))); + DEBUG(1, ("Could not find entry to match filter: %s\n", + filter)); talloc_free(mem_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } else if (ldb_ret != 1) { - DEBUG(1, ("Found more than one (%d) join records to domain: %s\n", - ldb_ret, cli_credentials_get_domain(cred))); + DEBUG(1, ("Found more than one (%d) entry to match filter: %s\n", + ldb_ret, filter)); talloc_free(mem_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -231,6 +233,9 @@ static NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, talloc_free(mem_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } + + salt_principal = ldb_msg_find_string(msgs[0], "saltPrincipal", NULL); + cli_credentials_set_salt_principal(cred, salt_principal); sct = ldb_msg_find_int(msgs[0], "secureChannelType", 0); if (sct) { diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c index b20d9ee750..abb8418748 100644 --- a/source4/auth/credentials/credentials_krb5.c +++ b/source4/auth/credentials/credentials_krb5.c @@ -299,3 +299,12 @@ int cli_credentials_get_kvno(struct cli_credentials *cred) return cred->kvno; } +const char *cli_credentials_get_salt_principal(struct cli_credentials *cred) +{ + return cred->salt_principal; +} + +void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal) +{ + cred->salt_principal = talloc_strdup(cred, principal); +} |