From 6ef719bf92f6a6b9cdbd35d6b9c6e9d4d4f0dde5 Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Tue, 18 Nov 2008 09:52:35 +0100
Subject: s3-libnet-samsync: store samsync sequence number state in keytab.

Guenther
---
 source3/libnet/libnet_samsync_keytab.c | 53 +++++++++++++++++++++++++++++++++-
 1 file changed, 52 insertions(+), 1 deletion(-)

(limited to 'source3/libnet/libnet_samsync_keytab.c')

diff --git a/source3/libnet/libnet_samsync_keytab.c b/source3/libnet/libnet_samsync_keytab.c
index 7bafad9b0b..cdb344604d 100644
--- a/source3/libnet/libnet_samsync_keytab.c
+++ b/source3/libnet/libnet_samsync_keytab.c
@@ -112,6 +112,9 @@ static NTSTATUS init_keytab(TALLOC_CTX *mem_ctx,
 	krb5_error_code ret = 0;
 	NTSTATUS status;
 	struct libnet_keytab_context *keytab_ctx;
+	struct libnet_keytab_entry *entry;
+	uint64_t old_sequence_num = 0;
+	const char *principal = NULL;
 
 	ret = libnet_keytab_init(mem_ctx, ctx->output_filename, &keytab_ctx);
 	if (ret) {
@@ -131,6 +134,20 @@ static NTSTATUS init_keytab(TALLOC_CTX *mem_ctx,
 		return status;
 	}
 
+	principal = talloc_asprintf(mem_ctx, "SEQUENCE_NUM@%s",
+				    keytab_ctx->dns_domain_name);
+	NT_STATUS_HAVE_NO_MEMORY(principal);
+
+	entry = libnet_keytab_search(keytab_ctx, principal, 0, ENCTYPE_NULL,
+				     mem_ctx);
+	if (entry && (entry->password.length == 8)) {
+		old_sequence_num = BVAL(entry->password.data, 0);
+	}
+
+	if (sequence_num) {
+		*sequence_num = old_sequence_num;
+	}
+
 	return status;
 }
 
@@ -194,6 +211,37 @@ static NTSTATUS close_keytab(TALLOC_CTX *mem_ctx,
 		(struct libnet_keytab_context *)ctx->private_data;
 	krb5_error_code ret;
 	NTSTATUS status;
+	struct libnet_keytab_entry *entry;
+	uint64_t old_sequence_num = 0;
+	const char *principal = NULL;
+
+	principal = talloc_asprintf(mem_ctx, "SEQUENCE_NUM@%s",
+				    keytab_ctx->dns_domain_name);
+	NT_STATUS_HAVE_NO_MEMORY(principal);
+
+
+	entry = libnet_keytab_search(keytab_ctx, principal, 0, ENCTYPE_NULL,
+				     mem_ctx);
+	if (entry && (entry->password.length == 8)) {
+		old_sequence_num = BVAL(entry->password.data, 0);
+	}
+
+
+	if (sequence_num > old_sequence_num) {
+		DATA_BLOB blob;
+		blob = data_blob_talloc_zero(mem_ctx, 8);
+		SBVAL(blob.data, 0, sequence_num);
+
+		status = libnet_keytab_add_to_keytab_entries(mem_ctx, keytab_ctx,
+							     0,
+							     "SEQUENCE_NUM",
+							     NULL,
+							     ENCTYPE_NULL,
+							     blob);
+		if (!NT_STATUS_IS_OK(status)) {
+			goto done;
+		}
+	}
 
 	ret = libnet_keytab_add(keytab_ctx);
 	if (ret) {
@@ -210,9 +258,12 @@ static NTSTATUS close_keytab(TALLOC_CTX *mem_ctx,
 		keytab_ctx->count,
 		keytab_ctx->keytab_name);
 
+	status = NT_STATUS_OK;
+
+ done:
 	TALLOC_FREE(keytab_ctx);
 
-	return NT_STATUS_OK;
+	return status;
 }
 
 #else
-- 
cgit