mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
r21175: Fix the kerberos keytab update code to handle deletes.
Fix the join code to know that the ldb layer handles the keytab update. Andrew Bartlett
This commit is contained in:
parent
21eb316473
commit
d3fbc089f4
@ -417,10 +417,9 @@ static int create_keytab(TALLOC_CTX *parent_ctx,
|
|||||||
const struct samr_Password *mach_pwd;
|
const struct samr_Password *mach_pwd;
|
||||||
mach_pwd = cli_credentials_get_nt_hash(machine_account, mem_ctx);
|
mach_pwd = cli_credentials_get_nt_hash(machine_account, mem_ctx);
|
||||||
if (!mach_pwd) {
|
if (!mach_pwd) {
|
||||||
DEBUG(1, ("create_keytab: Domain trust informaton for account %s not available\n",
|
/* OK, nothing to do here */
|
||||||
cli_credentials_get_principal(machine_account, mem_ctx)));
|
|
||||||
talloc_free(mem_ctx);
|
talloc_free(mem_ctx);
|
||||||
return EINVAL;
|
return 0;
|
||||||
}
|
}
|
||||||
ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
|
ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
|
||||||
ETYPE_ARCFOUR_HMAC_MD5,
|
ETYPE_ARCFOUR_HMAC_MD5,
|
||||||
|
@ -860,7 +860,6 @@ static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx,
|
|||||||
uint32_t acct_type = 0;
|
uint32_t acct_type = 0;
|
||||||
const char *account_name;
|
const char *account_name;
|
||||||
const char *netbios_name;
|
const char *netbios_name;
|
||||||
char *filter;
|
|
||||||
|
|
||||||
r->out.error_string = NULL;
|
r->out.error_string = NULL;
|
||||||
|
|
||||||
@ -1143,33 +1142,6 @@ static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx,
|
|||||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (r2->out.realm) {
|
|
||||||
struct cli_credentials *creds;
|
|
||||||
/* Make a credentials structure from it */
|
|
||||||
creds = cli_credentials_init(mem_ctx);
|
|
||||||
if (!creds) {
|
|
||||||
r->out.error_string = NULL;
|
|
||||||
talloc_free(tmp_mem);
|
|
||||||
return NT_STATUS_NO_MEMORY;
|
|
||||||
}
|
|
||||||
cli_credentials_set_conf(creds);
|
|
||||||
filter = talloc_asprintf(mem_ctx, "dn=%s", ldb_dn_get_linearized(msg->dn));
|
|
||||||
status = cli_credentials_set_secrets(creds, NULL, NULL, filter);
|
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
|
||||||
r->out.error_string = talloc_asprintf(mem_ctx, "Failed to read secrets for keytab update for %s",
|
|
||||||
filter);
|
|
||||||
talloc_free(tmp_mem);
|
|
||||||
return status;
|
|
||||||
}
|
|
||||||
ret = cli_credentials_update_keytab(creds);
|
|
||||||
if (ret != 0) {
|
|
||||||
r->out.error_string = talloc_asprintf(mem_ctx, "Failed to update keytab for %s",
|
|
||||||
filter);
|
|
||||||
talloc_free(tmp_mem);
|
|
||||||
return NT_STATUS_UNSUCCESSFUL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* move all out parameter to the callers TALLOC_CTX */
|
/* move all out parameter to the callers TALLOC_CTX */
|
||||||
r->out.error_string = NULL;
|
r->out.error_string = NULL;
|
||||||
r->out.join_password = r2->out.join_password;
|
r->out.join_password = r2->out.join_password;
|
||||||
|
Loading…
Reference in New Issue
Block a user