From 1f1e4275b5fafbad1b5719f5efba7ee66f6d3037 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 2 Apr 2012 23:41:32 -0400 Subject: clikrb5: Move pure krb wrapper functions from libads to clikrb5. Signed-off-by: Andreas Schneider --- source3/libads/kerberos.c | 140 ---------------------------------------- source3/libads/kerberos_proto.h | 3 - 2 files changed, 143 deletions(-) (limited to 'source3/libads') diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index a43c7b167c..f1df31ca4f 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -423,146 +423,6 @@ char* kerberos_secrets_fetch_des_salt( void ) return salt; } -/************************************************************************ - Routine to get the default realm from the kerberos credentials cache. - Caller must free if the return value is not NULL. -************************************************************************/ - -char *kerberos_get_default_realm_from_ccache(TALLOC_CTX *mem_ctx) -{ - char *realm = NULL; - krb5_context ctx = NULL; - krb5_ccache cc = NULL; - krb5_principal princ = NULL; - - initialize_krb5_error_table(); - if (krb5_init_context(&ctx)) { - return NULL; - } - - DEBUG(5,("kerberos_get_default_realm_from_ccache: " - "Trying to read krb5 cache: %s\n", - krb5_cc_default_name(ctx))); - if (krb5_cc_default(ctx, &cc)) { - DEBUG(0,("kerberos_get_default_realm_from_ccache: " - "failed to read default cache\n")); - goto out; - } - if (krb5_cc_get_principal(ctx, cc, &princ)) { - DEBUG(0,("kerberos_get_default_realm_from_ccache: " - "failed to get default principal\n")); - goto out; - } - -#if defined(HAVE_KRB5_PRINCIPAL_GET_REALM) - realm = talloc_strdup(mem_ctx, krb5_principal_get_realm(ctx, princ)); -#elif defined(HAVE_KRB5_PRINC_REALM) - { - krb5_data *realm_data = krb5_princ_realm(ctx, princ); - realm = talloc_strndup(mem_ctx, realm_data->data, realm_data->length); - } -#endif - - out: - - if (ctx) { - if (princ) { - krb5_free_principal(ctx, princ); - } - if (cc) { - krb5_cc_close(ctx, cc); - } - krb5_free_context(ctx); - } - - return realm; -} - -/************************************************************************ - Routine to get the realm from a given DNS name. -************************************************************************/ - -char *kerberos_get_realm_from_hostname(TALLOC_CTX *mem_ctx, const char *hostname) -{ -#if defined(HAVE_KRB5_REALM_TYPE) - /* Heimdal. */ - krb5_realm *realm_list = NULL; -#else - /* MIT */ - char **realm_list = NULL; -#endif - char *realm = NULL; - krb5_error_code kerr; - krb5_context ctx = NULL; - - initialize_krb5_error_table(); - if (krb5_init_context(&ctx)) { - return NULL; - } - - kerr = krb5_get_host_realm(ctx, hostname, &realm_list); - if (kerr != 0) { - DEBUG(3,("kerberos_get_realm_from_hostname %s: " - "failed %s\n", - hostname ? hostname : "(NULL)", - error_message(kerr) )); - goto out; - } - - if (realm_list && realm_list[0]) { - realm = talloc_strdup(mem_ctx, realm_list[0]); - } - - out: - - if (ctx) { - if (realm_list) { - krb5_free_host_realm(ctx, realm_list); - realm_list = NULL; - } - krb5_free_context(ctx); - ctx = NULL; - } - return realm; -} - -char *kerberos_get_principal_from_service_hostname(TALLOC_CTX *mem_ctx, - const char *service, - const char *remote_name) -{ - char *realm = NULL; - char *host = NULL; - char *principal; - host = strchr_m(remote_name, '.'); - if (host) { - /* DNS name. */ - realm = kerberos_get_realm_from_hostname(talloc_tos(), remote_name); - } else { - /* NetBIOS name - use our realm. */ - realm = kerberos_get_default_realm_from_ccache(talloc_tos()); - } - - if (realm == NULL || *realm == '\0') { - realm = talloc_strdup(talloc_tos(), lp_realm()); - if (!realm) { - return NULL; - } - DEBUG(3,("kerberos_get_principal_from_service_hostname: " - "cannot get realm from, " - "desthost %s or default ccache. Using default " - "smb.conf realm %s\n", - remote_name, - realm)); - } - - principal = talloc_asprintf(mem_ctx, - "%s/%s@%s", - service, remote_name, - realm); - TALLOC_FREE(realm); - return principal; -} - /************************************************************************ Routine to get the salting principal for this service. This is maintained for backwards compatibilty with releases prior to 3.0.24. diff --git a/source3/libads/kerberos_proto.h b/source3/libads/kerberos_proto.h index 6a7811d652..50c56dc081 100644 --- a/source3/libads/kerberos_proto.h +++ b/source3/libads/kerberos_proto.h @@ -52,9 +52,6 @@ bool kerberos_secrets_store_des_salt( const char* salt ); char* kerberos_secrets_fetch_des_salt( void ); char *kerberos_get_default_realm_from_ccache(TALLOC_CTX *mem_ctx); char *kerberos_get_realm_from_hostname(TALLOC_CTX *mem_ctx, const char *hostname); -char *kerberos_get_principal_from_service_hostname(TALLOC_CTX *mem_ctx, - const char *service, - const char *remote_name); bool kerberos_secrets_store_salting_principal(const char *service, int enctype, -- cgit