From 55134c9a9e4a47c6a8ed89ef10c95c0fa0d4daaf Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 4 Apr 2011 19:11:39 +1000
Subject: s4-credentials Add a command line hook to set the kerberos
 credentials cache

This allows this to be specified independent of the KRB5CCNAME
environment variable (in this case, it's harder than it should be to
set up in the make test for s3 that way).

Andrew Bartlett
---
 source4/lib/cmdline/popt_credentials.c | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'source4/lib/cmdline')

diff --git a/source4/lib/cmdline/popt_credentials.c b/source4/lib/cmdline/popt_credentials.c
index 11f4036e3f..6dcef3f22b 100644
--- a/source4/lib/cmdline/popt_credentials.c
+++ b/source4/lib/cmdline/popt_credentials.c
@@ -34,12 +34,13 @@
  *		-P,--machine-pass
  *		--simple-bind-dn
  *		--password
+ *		--krb5-ccache
  */
 
 static bool dont_ask;
 static bool machine_account_pending;
 
-enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT };
+enum opt { OPT_SIMPLE_BIND_DN, OPT_PASSWORD, OPT_KERBEROS, OPT_SIGN, OPT_ENCRYPT, OPT_KRB5_CCACHE };
 
 /*
   disable asking for a password
@@ -130,6 +131,16 @@ static void popt_common_credentials_callback(poptContext con,
 		cli_credentials_set_bind_dn(cmdline_credentials, arg);
 		break;
 	}
+	case OPT_KRB5_CCACHE:
+	{
+		const char *error_string;
+		if (cli_credentials_set_ccache(cmdline_credentials, cmdline_lp_ctx, arg, CRED_SPECIFIED,
+					       &error_string) != 0) {
+			fprintf(stderr, "Error reading krb5 credentials cache: '%s' %s", arg, error_string);
+			exit(1);
+		}
+		break;
+	}
 	case OPT_SIGN:
 	{
 		uint32_t gensec_features;
@@ -166,6 +177,7 @@ struct poptOption popt_common_credentials[] = {
 	{ "machine-pass", 'P', POPT_ARG_NONE, NULL, 'P', "Use stored machine account password (implies -k)" },
 	{ "simple-bind-dn", 0, POPT_ARG_STRING, NULL, OPT_SIMPLE_BIND_DN, "DN to use for a simple bind" },
 	{ "kerberos", 'k', POPT_ARG_STRING, NULL, OPT_KERBEROS, "Use Kerberos, -k [yes|no]" },
+	{ "krb5-ccache", 0, POPT_ARG_STRING, NULL, OPT_KRB5_CCACHE, "Credentials cache location for Kerberos" },
 	{ "sign", 'S', POPT_ARG_NONE, NULL, OPT_SIGN, "Sign connection to prevent modification in transit" },
 	{ "encrypt", 'e', POPT_ARG_NONE, NULL, OPT_ENCRYPT, "Encrypt connection for privacy" },
 	{ NULL }
-- 
cgit