From 16e44ee1126a5126346689785d240ac37a32fad7 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Mon, 30 Jun 2008 10:32:15 +0200
Subject: kerberos: allow to keep entries with old kvno's while creating
 keytab.

Guenther
(This used to be commit 6194244bd9fcc1fb736f3d91433f107270cac1c9)
---
 source3/include/includes.h       | 3 ++-
 source3/libads/kerberos_keytab.c | 6 ++++--
 source3/libnet/libnet_keytab.c   | 1 +
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/source3/include/includes.h b/source3/include/includes.h
index e9addf6ee0..aa99dc0b63 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -1231,7 +1231,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
 			      const char *princ_s,
 			      krb5_enctype *enctypes,
 			      krb5_data password,
-			      bool no_salt);
+			      bool no_salt,
+			      bool keep_old_entries);
 
 #endif /* HAVE_KRB5 */
 
diff --git a/source3/libads/kerberos_keytab.c b/source3/libads/kerberos_keytab.c
index 04804fc27c..b905cb4a0f 100644
--- a/source3/libads/kerberos_keytab.c
+++ b/source3/libads/kerberos_keytab.c
@@ -38,7 +38,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
 			      const char *princ_s,
 			      krb5_enctype *enctypes,
 			      krb5_data password,
-			      bool no_salt)
+			      bool no_salt,
+			      bool keep_old_entries)
 {
 	krb5_error_code ret = 0;
 	krb5_kt_cursor cursor;
@@ -96,7 +97,7 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
 				if (kt_entry.vno == kvno - 1) {
 					DEBUG(5,("smb_krb5_kt_add_entry_ext: Saving previous (kvno %d) entry for principal: %s.\n",
 						kvno - 1, princ_s));
-				} else {
+				} else if (!keep_old_entries) {
 					DEBUG(5,("smb_krb5_kt_add_entry_ext: Found old entry for principal: %s (kvno %d) - trying to remove it.\n",
 						princ_s, kt_entry.vno));
 					ret = krb5_kt_end_seq_get(context, keytab, &cursor);
@@ -224,6 +225,7 @@ int smb_krb5_kt_add_entry(krb5_context context,
 					 princ_s,
 					 enctypes,
 					 password,
+					 false,
 					 false);
 }
 
diff --git a/source3/libnet/libnet_keytab.c b/source3/libnet/libnet_keytab.c
index faa491471e..02c2b6f761 100644
--- a/source3/libnet/libnet_keytab.c
+++ b/source3/libnet/libnet_keytab.c
@@ -126,6 +126,7 @@ krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx)
 						entry->principal,
 						enctypes,
 						password,
+						true,
 						true);
 		if (ret) {
 			DEBUG(1,("libnet_keytab_add: "
-- 
cgit