From f03913e2ccfcd75a9d569a5b6e9152b091e0014f Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Thu, 23 Sep 2010 17:01:44 +1000
Subject: s4-kerberos Move 'set key into keytab' code out of credentials.

This code never really belonged in the credentials layer, and
is easier done with direct access to the ldb_message that is
in secrets.ldb.

Andrew Bartlett
---
 source4/param/secrets.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'source4/param/secrets.c')

diff --git a/source4/param/secrets.c b/source4/param/secrets.c
index f6ab5e93fb..5e9b0a977f 100644
--- a/source4/param/secrets.c
+++ b/source4/param/secrets.c
@@ -167,3 +167,28 @@ struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx,
 
 	return result;
 }
+
+char *keytab_name_from_msg(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, struct ldb_message *msg) 
+{
+	const char *krb5keytab = ldb_msg_find_attr_as_string(msg, "krb5Keytab", NULL);
+	if (krb5keytab) {
+		return talloc_strdup(mem_ctx, krb5keytab);
+	} else {
+		char *file_keytab;
+		char *relative_path;
+		const char *privateKeytab = ldb_msg_find_attr_as_string(msg, "privateKeytab", NULL);
+		if (!privateKeytab) {
+			return NULL;
+		}
+
+		relative_path = samdb_relative_path(ldb, mem_ctx, privateKeytab);
+		if (!relative_path) {
+			return NULL;
+		}
+		file_keytab = talloc_asprintf(mem_ctx, "FILE:%s", relative_path);
+		talloc_free(relative_path);
+		return file_keytab;
+	}
+	return NULL;
+}
+
-- 
cgit