s4-auth-krb: Remove dependency on credentials too.
[kai/samba-autobuild/.git] / auth / credentials / credentials_krb5.c
index 2892c4f1dfbdafdfefa35cd2cc3b3214378935d2..74dbb0a5d8c8f44c6b59e5c1248562e9fd585217 100644 (file)
 #include "auth/credentials/credentials_proto.h"
 #include "auth/credentials/credentials_krb5.h"
 #include "auth/kerberos/kerberos_credentials.h"
+#include "auth/kerberos/kerberos_srv_keytab.h"
 #include "auth/kerberos/kerberos_util.h"
 #include "param/param.h"
 
+static void cli_credentials_invalidate_client_gss_creds(
+                                       struct cli_credentials *cred,
+                                       enum credentials_obtained obtained);
+
 _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred, 
                                     struct loadparm_context *lp_ctx,
                                     struct smb_krb5_context **smb_krb5_context) 
@@ -660,6 +665,8 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
        krb5_error_code ret;
        struct keytab_container *ktc;
        struct smb_krb5_context *smb_krb5_context;
+       const char *keytab_name;
+       krb5_keytab keytab;
        TALLOC_CTX *mem_ctx;
 
        if (cred->keytab_obtained >= (MAX(cred->principal_obtained, 
@@ -683,8 +690,19 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
                return ENOMEM;
        }
 
-       ret = smb_krb5_create_memory_keytab(mem_ctx, cred, 
-                                           smb_krb5_context, &ktc);
+       ret = smb_krb5_create_memory_keytab(mem_ctx, smb_krb5_context,
+                                       cli_credentials_get_password(cred),
+                                       cli_credentials_get_username(cred),
+                                       cli_credentials_get_realm(cred),
+                                       cli_credentials_get_kvno(cred),
+                                       &keytab, &keytab_name);
+       if (ret) {
+               talloc_free(mem_ctx);
+               return ret;
+       }
+
+       ret = smb_krb5_get_keytab_container(mem_ctx, smb_krb5_context,
+                                           keytab, keytab_name, &ktc);
        if (ret) {
                talloc_free(mem_ctx);
                return ret;
@@ -728,7 +746,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
        }
 
        ret = smb_krb5_get_keytab_container(mem_ctx, smb_krb5_context,
-                                           keytab_name, &ktc);
+                                           NULL, keytab_name, &ktc);
        if (ret) {
                return ret;
        }