diff options
Diffstat (limited to 'source4/libnet')
| -rw-r--r-- | source4/libnet/config.mk | 4 | ||||
| -rw-r--r-- | source4/libnet/libnet.h | 1 | ||||
| -rw-r--r-- | source4/libnet/libnet_export_keytab.c | 53 | ||||
| -rw-r--r-- | source4/libnet/libnet_export_keytab.h | 28 |
4 files changed, 84 insertions, 2 deletions
diff --git a/source4/libnet/config.mk b/source4/libnet/config.mk index 07d5434ebf..eede8c871d 100644 --- a/source4/libnet/config.mk +++ b/source4/libnet/config.mk @@ -1,5 +1,5 @@ [SUBSYSTEM::LIBSAMBA-NET] -PUBLIC_DEPENDENCIES = CREDENTIALS dcerpc dcerpc_samr RPC_NDR_LSA RPC_NDR_SRVSVC RPC_NDR_DRSUAPI LIBCLI_COMPOSITE LIBCLI_RESOLVE LIBCLI_FINDDCS LIBCLI_CLDAP LIBCLI_FINDDCS gensec_schannel LIBCLI_AUTH LIBNDR SMBPASSWD PROVISION LIBCLI_SAMSYNC +PUBLIC_DEPENDENCIES = CREDENTIALS dcerpc dcerpc_samr RPC_NDR_LSA RPC_NDR_SRVSVC RPC_NDR_DRSUAPI LIBCLI_COMPOSITE LIBCLI_RESOLVE LIBCLI_FINDDCS LIBCLI_CLDAP LIBCLI_FINDDCS gensec_schannel LIBCLI_AUTH LIBNDR SMBPASSWD PROVISION LIBCLI_SAMSYNC HDB_SAMBA4 LIBSAMBA-NET_OBJ_FILES = $(addprefix $(libnetsrcdir)/, \ libnet.o libnet_passwd.o libnet_time.o libnet_rpc.o \ @@ -7,7 +7,7 @@ LIBSAMBA-NET_OBJ_FILES = $(addprefix $(libnetsrcdir)/, \ libnet_vampire.o libnet_samdump.o libnet_samdump_keytab.o \ libnet_samsync_ldb.o libnet_user.o libnet_group.o libnet_share.o \ libnet_lookup.o libnet_domain.o userinfo.o groupinfo.o userman.o \ - groupman.o prereq_domain.o libnet_samsync.o) + groupman.o prereq_domain.o libnet_samsync.o libnet_export_keytab.o) $(eval $(call proto_header_template,$(libnetsrcdir)/libnet_proto.h,$(LIBSAMBA-NET_OBJ_FILES:.o=.c))) diff --git a/source4/libnet/libnet.h b/source4/libnet/libnet.h index 543a131806..9964a3f526 100644 --- a/source4/libnet/libnet.h +++ b/source4/libnet/libnet.h @@ -75,4 +75,5 @@ struct libnet_context { #include "libnet/libnet_share.h" #include "libnet/libnet_lookup.h" #include "libnet/libnet_domain.h" +#include "libnet/libnet_export_keytab.h" #include "libnet/libnet_proto.h" diff --git a/source4/libnet/libnet_export_keytab.c b/source4/libnet/libnet_export_keytab.c new file mode 100644 index 0000000000..a7006b4bf9 --- /dev/null +++ b/source4/libnet/libnet_export_keytab.c @@ -0,0 +1,53 @@ +#include "includes.h" +#include "system/kerberos.h" +#include "auth/kerberos/kerberos.h" +#include <hdb.h> +#include "kdc/hdb-samba4.h" +#include "libnet/libnet.h" + +NTSTATUS libnet_export_keytab(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_export_keytab *r) +{ + krb5_error_code ret; + struct smb_krb5_context *smb_krb5_context; + const char *from_keytab; + + /* Register hdb-samba4 hooks for use as a keytab */ + + struct hdb_samba4_context *hdb_samba4_context = talloc(mem_ctx, struct hdb_samba4_context); + if (!hdb_samba4_context) { + return NT_STATUS_NO_MEMORY; + } + + hdb_samba4_context->ev_ctx = ctx->event_ctx; + hdb_samba4_context->lp_ctx = ctx->lp_ctx; + + from_keytab = talloc_asprintf(hdb_samba4_context, "HDB:samba4&%p", hdb_samba4_context); + if (!from_keytab) { + return NT_STATUS_NO_MEMORY; + } + + ret = smb_krb5_init_context(ctx, ctx->event_ctx, ctx->lp_ctx, &smb_krb5_context); + if (ret) { + return NT_STATUS_NO_MEMORY; + } + + ret = krb5_plugin_register(smb_krb5_context->krb5_context, + PLUGIN_TYPE_DATA, "hdb", + &hdb_samba4); + if(ret) { + return NT_STATUS_NO_MEMORY; + } + + ret = krb5_kt_register(smb_krb5_context->krb5_context, &hdb_kt_ops); + if(ret) { + return NT_STATUS_NO_MEMORY; + } + + ret = kt_copy(smb_krb5_context->krb5_context, from_keytab, r->in.keytab_name); + if(ret) { + r->out.error_string = smb_get_krb5_error_message(smb_krb5_context->krb5_context, + ret, mem_ctx); + return NT_STATUS_UNSUCCESSFUL; + } + return NT_STATUS_OK; +} diff --git a/source4/libnet/libnet_export_keytab.h b/source4/libnet/libnet_export_keytab.h new file mode 100644 index 0000000000..194f8907a3 --- /dev/null +++ b/source4/libnet/libnet_export_keytab.h @@ -0,0 +1,28 @@ +/* + Unix SMB/CIFS implementation. + + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2009 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +struct libnet_export_keytab { + struct { + const char *keytab_name; + } in; + struct { + const char *error_string; + } out; +}; + |