diff options
Diffstat (limited to 'source4/auth/credentials')
-rw-r--r-- | source4/auth/credentials/credentials_files.c | 4 | ||||
-rw-r--r-- | source4/auth/credentials/credentials_krb5.c | 27 |
2 files changed, 9 insertions, 22 deletions
diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c index 1f7a7cf435..8d84e8cdb5 100644 --- a/source4/auth/credentials/credentials_files.c +++ b/source4/auth/credentials/credentials_files.c @@ -301,13 +301,13 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, * (chewing CPU time) from the password */ keytab = ldb_msg_find_string(msgs[0], "krb5Keytab", NULL); if (keytab) { - cli_credentials_set_keytab(cred, keytab, CRED_SPECIFIED); + cli_credentials_set_keytab_name(cred, keytab, CRED_SPECIFIED); } else { keytab = ldb_msg_find_string(msgs[0], "privateKeytab", NULL); if (keytab) { keytab = talloc_asprintf(mem_ctx, "FILE:%s", private_path(mem_ctx, keytab)); if (keytab) { - cli_credentials_set_keytab(cred, keytab, CRED_SPECIFIED); + cli_credentials_set_keytab_name(cred, keytab, CRED_SPECIFIED); } } } diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c index 173739e9b8..5f40ca1046 100644 --- a/source4/auth/credentials/credentials_krb5.c +++ b/source4/auth/credentials/credentials_krb5.c @@ -398,7 +398,7 @@ int cli_credentials_get_keytab(struct cli_credentials *cred, return ENOMEM; } - ret = create_memory_keytab(mem_ctx, cred, smb_krb5_context, &ktc); + ret = smb_krb5_create_memory_keytab(mem_ctx, cred, smb_krb5_context, &ktc); if (ret) { talloc_free(mem_ctx); return ret; @@ -417,14 +417,13 @@ int cli_credentials_get_keytab(struct cli_credentials *cred, /* Given the name of a keytab (presumably in the format * FILE:/etc/krb5.keytab), open it and attach it */ -int cli_credentials_set_keytab(struct cli_credentials *cred, - const char *keytab_name, - enum credentials_obtained obtained) +int cli_credentials_set_keytab_name(struct cli_credentials *cred, + const char *keytab_name, + enum credentials_obtained obtained) { krb5_error_code ret; struct keytab_container *ktc; struct smb_krb5_context *smb_krb5_context; - krb5_keytab keytab; TALLOC_CTX *mem_ctx; if (cred->keytab_obtained >= obtained) { @@ -441,24 +440,12 @@ int cli_credentials_set_keytab(struct cli_credentials *cred, return ENOMEM; } - ret = krb5_kt_resolve(smb_krb5_context->krb5_context, keytab_name, &keytab); + ret = smb_krb5_open_keytab(mem_ctx, smb_krb5_context, + keytab_name, &ktc); if (ret) { - DEBUG(1,("failed to open krb5 keytab: %s\n", - smb_get_krb5_error_message(smb_krb5_context->krb5_context, - ret, mem_ctx))); - talloc_free(mem_ctx); return ret; } - ktc = talloc(mem_ctx, struct keytab_container); - if (!ktc) { - talloc_free(mem_ctx); - return ENOMEM; - } - - ktc->smb_krb5_context = talloc_reference(ktc, smb_krb5_context); - ktc->keytab = keytab; - cred->keytab_obtained = obtained; talloc_steal(cred, ktc); @@ -492,7 +479,7 @@ int cli_credentials_update_keytab(struct cli_credentials *cred) return ret; } - ret = update_keytab(mem_ctx, cred, smb_krb5_context, ktc); + ret = smb_krb5_update_keytab(mem_ctx, cred, smb_krb5_context, ktc); talloc_free(mem_ctx); return ret; |