2025-03-27 22:50:26 +03:00 · 2021-03-24 10:06:18 +01:00 · 2021-03-24 10:06:18 +01:00 · 2cab43cfca
commit 2cab43cfca
parent 2bfe37e069
3 changed files with 48 additions and 0 deletions
--- a/source3/include/secrets.h
+++ b/source3/include/secrets.h
@ -56,6 +56,8 @@
 #define SECRETS_AUTH_DOMAIN      "SECRETS/AUTH_DOMAIN"
 #define SECRETS_AUTH_PASSWORD  "SECRETS/AUTH_PASSWORD"

+struct cli_credentials;
+
 /* structure for storing machine account password
   (ie. when samba server is member of a domain */
 struct machine_acct_pass {
@ -89,6 +91,7 @@ struct db_context *secrets_db_ctx(void);
 void secrets_shutdown(void);
 void *secrets_fetch(const char *key, size_t *size);
 bool secrets_store(const char *key, const void *data, size_t size);
+bool secrets_store_creds(struct cli_credentials *creds);
 bool secrets_delete_entry(const char *key);
 bool secrets_delete(const char *key);

--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@ -31,6 +31,7 @@
 #include "dbwrap/dbwrap_open.h"
 #include "../libcli/security/security.h"
 #include "util_tdb.h"
+#include "auth/credentials/credentials.h"

 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
@ -143,6 +144,49 @@ bool secrets_store(const char *key, const void *data, size_t size)
 	return NT_STATUS_IS_OK(status);
 }

+bool secrets_store_creds(struct cli_credentials *creds)
+{
+	const char *p = NULL;
+	bool ok;
+
+	p = cli_credentials_get_username(creds);
+	if (p == NULL) {
+		return false;
+	}
+
+	ok = secrets_store(SECRETS_AUTH_USER, p, strlen(p) + 1);
+	if (!ok) {
+		DBG_ERR("Failed storing auth user name\n");
+		return false;
+	}
+
+
+	p = cli_credentials_get_domain(creds);
+	if (p == NULL) {
+		return false;
+	}
+
+	ok = secrets_store(SECRETS_AUTH_DOMAIN, p, strlen(p) + 1);
+	if (!ok) {
+		DBG_ERR("Failed storing auth domain name\n");
+		return 1;
+	}
+
+
+	p = cli_credentials_get_password(creds);
+	if (p == NULL) {
+		return false;
+	}
+
+	ok = secrets_store(SECRETS_AUTH_PASSWORD, p, strlen(p) + 1);
+	if (!ok) {
+		DBG_ERR("Failed storing auth password\n");
+		return false;
+	}
+
+	return true;
+}
+

 /* delete a secets database entry
 */
--- a/source3/wscript_build
+++ b/source3/wscript_build
@ -490,6 +490,7 @@ bld.SAMBA3_LIBRARY('secrets3',
                        dbwrap
                        krb5samba
                        LIBCLI_AUTH
+                        samba-credentials
                        ''',
                   private_library=True)