From f03913e2ccfcd75a9d569a5b6e9152b091e0014f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 23 Sep 2010 17:01:44 +1000 Subject: s4-kerberos Move 'set key into keytab' code out of credentials. This code never really belonged in the credentials layer, and is easier done with direct access to the ldb_message that is in secrets.ldb. Andrew Bartlett --- source4/auth/credentials/credentials_files.c | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) (limited to 'source4/auth/credentials/credentials_files.c') diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c index 8ad395ddc8..e1990a8713 100644 --- a/source4/auth/credentials/credentials_files.c +++ b/source4/auth/credentials/credentials_files.c @@ -35,7 +35,6 @@ #include "lib/events/events.h" #include "dsdb/samdb/samdb.h" - /** * Read a file descriptor, and parse it for a password (eg from a file or stdin) * @@ -193,7 +192,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, const char *realm; enum netr_SchannelType sct; const char *salt_principal; - const char *keytab; + char *keytab; const struct ldb_val *whenChanged; /* ok, we are going to get it now, don't recurse back here */ @@ -310,17 +309,10 @@ _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, /* If there was an external keytab specified by reference in * the LDB, then use this. Otherwise we will make one up * (chewing CPU time) from the password */ - keytab = ldb_msg_find_attr_as_string(msg, "krb5Keytab", NULL); + keytab = keytab_name_from_msg(cred, ldb, msg); if (keytab) { cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED); - } else { - keytab = ldb_msg_find_attr_as_string(msg, "privateKeytab", NULL); - if (keytab) { - keytab = talloc_asprintf(mem_ctx, "FILE:%s", samdb_relative_path(ldb, mem_ctx, keytab)); - if (keytab) { - cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED); - } - } + talloc_free(keytab); } talloc_free(mem_ctx); -- cgit