2 files changed, 9 insertions, 22 deletions

diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c
index 1f7a7cf435..8d84e8cdb5 100644
--- a/source4/auth/credentials/credentials_files.c
+++ b/source4/auth/credentials/credentials_files.c
@@ -301,13 +301,13 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
 	 * (chewing CPU time) from the password */
 	keytab = ldb_msg_find_string(msgs[0], "krb5Keytab", NULL);
 	if (keytab) {
-		cli_credentials_set_keytab(cred, keytab, CRED_SPECIFIED);
+		cli_credentials_set_keytab_name(cred, keytab, CRED_SPECIFIED);
 	} else {
 		keytab = ldb_msg_find_string(msgs[0], "privateKeytab", NULL);
 		if (keytab) {
 			keytab = talloc_asprintf(mem_ctx, "FILE:%s", private_path(mem_ctx, keytab));
 			if (keytab) {
-				cli_credentials_set_keytab(cred, keytab, CRED_SPECIFIED);
+				cli_credentials_set_keytab_name(cred, keytab, CRED_SPECIFIED);
 			}
 		}
 	}
diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c
index 173739e9b8..5f40ca1046 100644
--- a/source4/auth/credentials/credentials_krb5.c
+++ b/source4/auth/credentials/credentials_krb5.c
@@ -398,7 +398,7 @@ int cli_credentials_get_keytab(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = create_memory_keytab(mem_ctx, cred, smb_krb5_context, &ktc);
+	ret = smb_krb5_create_memory_keytab(mem_ctx, cred, smb_krb5_context, &ktc);
 	if (ret) {
 		talloc_free(mem_ctx);
 		return ret;
@@ -417,14 +417,13 @@ int cli_credentials_get_keytab(struct cli_credentials *cred,
 /* Given the name of a keytab (presumably in the format
  * FILE:/etc/krb5.keytab), open it and attach it */
 
-int cli_credentials_set_keytab(struct cli_credentials *cred, 
-			       const char *keytab_name, 
-			       enum credentials_obtained obtained) 
+int cli_credentials_set_keytab_name(struct cli_credentials *cred, 
+				    const char *keytab_name, 
+				    enum credentials_obtained obtained) 
 {
 	krb5_error_code ret;
 	struct keytab_container *ktc;
 	struct smb_krb5_context *smb_krb5_context;
-	krb5_keytab keytab;
 	TALLOC_CTX *mem_ctx;
 
 	if (cred->keytab_obtained >= obtained) {
@@ -441,24 +440,12 @@ int cli_credentials_set_keytab(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = krb5_kt_resolve(smb_krb5_context->krb5_context, keytab_name, &keytab);
+	ret = smb_krb5_open_keytab(mem_ctx, smb_krb5_context, 
+				   keytab_name, &ktc);
 	if (ret) {
-		DEBUG(1,("failed to open krb5 keytab: %s\n", 
-			 smb_get_krb5_error_message(smb_krb5_context->krb5_context, 
-						    ret, mem_ctx)));
-		talloc_free(mem_ctx);
 		return ret;
 	}
 
-	ktc = talloc(mem_ctx, struct keytab_container);
-	if (!ktc) {
-		talloc_free(mem_ctx);
-		return ENOMEM;
-	}
-
-	ktc->smb_krb5_context = talloc_reference(ktc, smb_krb5_context);
-	ktc->keytab = keytab;
-
 	cred->keytab_obtained = obtained;
 
 	talloc_steal(cred, ktc);
@@ -492,7 +479,7 @@ int cli_credentials_update_keytab(struct cli_credentials *cred)
 		return ret;
 	}
 
-	ret = update_keytab(mem_ctx, cred, smb_krb5_context, ktc);
+	ret = smb_krb5_update_keytab(mem_ctx, cred, smb_krb5_context, ktc);
 
 	talloc_free(mem_ctx);
 	return ret;