diff options
author | Stefan Metzmacher <metze@samba.org> | 2017-05-19 17:17:00 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2017-06-27 16:57:44 +0200 |
commit | 504b446d8dc7410ad63eba9d214e9cf271cf3b2f (patch) | |
tree | ab189c647780f341b3c5765943025fdcbc75d802 /source3/libads/kerberos.c | |
parent | 1a26805ad9f19f02a52d9eaa4f2f11ff20ee76ac (diff) | |
download | samba-504b446d8dc7410ad63eba9d214e9cf271cf3b2f.tar.gz |
s3:secrets: move kerberos_secrets_*salt related functions to machine_account_secrets.c
These don't use any krb5_context related functions and they just
work on secrets.tdb, so they really belong to machine_account_secrets.c.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Diffstat (limited to 'source3/libads/kerberos.c')
-rw-r--r-- | source3/libads/kerberos.c | 97 |
1 files changed, 0 insertions, 97 deletions
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 6cfbca69a07..cfb09a704cb 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -272,103 +272,6 @@ int ads_kdestroy(const char *cc_name) return code; } -/************************************************************************ - Return the standard DES salt key -************************************************************************/ - -char* kerberos_standard_des_salt( void ) -{ - fstring salt; - - fstr_sprintf( salt, "host/%s.%s@", lp_netbios_name(), lp_realm() ); - (void)strlower_m( salt ); - fstrcat( salt, lp_realm() ); - - return SMB_STRDUP( salt ); -} - -/************************************************************************ -************************************************************************/ - -static char* des_salt_key( void ) -{ - char *key; - - if (asprintf(&key, "%s/DES/%s", SECRETS_SALTING_PRINCIPAL, - lp_realm()) == -1) { - return NULL; - } - - return key; -} - -/************************************************************************ -************************************************************************/ - -bool kerberos_secrets_store_des_salt( const char* salt ) -{ - char* key; - bool ret; - - if ( (key = des_salt_key()) == NULL ) { - DEBUG(0,("kerberos_secrets_store_des_salt: failed to generate key!\n")); - return False; - } - - if ( !salt ) { - DEBUG(8,("kerberos_secrets_store_des_salt: deleting salt\n")); - secrets_delete( key ); - return True; - } - - DEBUG(3,("kerberos_secrets_store_des_salt: Storing salt \"%s\"\n", salt)); - - ret = secrets_store( key, salt, strlen(salt)+1 ); - - SAFE_FREE( key ); - - return ret; -} - -/************************************************************************ -************************************************************************/ - -static -char* kerberos_secrets_fetch_des_salt( void ) -{ - char *salt, *key; - - if ( (key = des_salt_key()) == NULL ) { - DEBUG(0,("kerberos_secrets_fetch_des_salt: failed to generate key!\n")); - return NULL; - } - - salt = (char*)secrets_fetch( key, NULL ); - - SAFE_FREE( key ); - - return salt; -} - -/************************************************************************ - Routine to get the salting principal for this service. - Caller must free if return is not null. - ************************************************************************/ - -char *kerberos_secrets_fetch_salt_princ(void) -{ - char *salt_princ_s; - /* lookup new key first */ - - salt_princ_s = kerberos_secrets_fetch_des_salt(); - if (salt_princ_s == NULL) { - /* fall back to host/machine.realm@REALM */ - salt_princ_s = kerberos_standard_des_salt(); - } - - return salt_princ_s; -} - int create_kerberos_key_from_string(krb5_context context, krb5_principal host_princ, krb5_principal salt_princ, |