From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 5 Mar 2024 14:32:59 +0000 (+0100)
Subject: auth/gensec: add gensec_get_unparsed_target_principal() helper
X-Git-Tag: tdb-1.4.11~849
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a3c87bf440457c59cdad8883fca142b5f06da587;p=thirdparty%2Fsamba.git

auth/gensec: add gensec_get_unparsed_target_principal() helper

This will be useful for debugging.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---

diff --git a/auth/gensec/gensec_internal.h b/auth/gensec/gensec_internal.h
index bf0a158a159..8454eef32a0 100644
--- a/auth/gensec/gensec_internal.h
+++ b/auth/gensec/gensec_internal.h
@@ -198,6 +198,8 @@ NTSTATUS gensec_child_session_info(struct gensec_security *gensec_security,
 NTTIME gensec_child_expire_time(struct gensec_security *gensec_security);
 const char *gensec_child_final_auth_type(struct gensec_security *gensec_security);
 
+char *gensec_get_unparsed_target_principal(struct gensec_security *gensec_security,
+					   TALLOC_CTX *mem_ctx);
 NTSTATUS gensec_kerberos_possible(struct gensec_security *gensec_security);
 
 #endif /* __GENSEC_H__ */
diff --git a/auth/gensec/gensec_util.c b/auth/gensec/gensec_util.c
index 611727d2fcd..0c7688d33d2 100644
--- a/auth/gensec/gensec_util.c
+++ b/auth/gensec/gensec_util.c
@@ -341,6 +341,24 @@ const char *gensec_child_final_auth_type(struct gensec_security *gensec_security
 	return gensec_final_auth_type(gensec_security->child_security);
 }
 
+char *gensec_get_unparsed_target_principal(struct gensec_security *gensec_security,
+					   TALLOC_CTX *mem_ctx)
+{
+	const char *target_principal = gensec_get_target_principal(gensec_security);
+	const char *service = gensec_get_target_service(gensec_security);
+	const char *hostname = gensec_get_target_hostname(gensec_security);
+
+	if (target_principal != NULL) {
+		return talloc_strdup(mem_ctx, target_principal);
+	} else if (service != NULL && hostname != NULL) {
+		return talloc_asprintf(mem_ctx, "%s/%s", service, hostname);
+	} else if (hostname != NULL) {
+		return talloc_strdup(mem_ctx, target_principal);
+	}
+
+	return NULL;
+}
+
 NTSTATUS gensec_kerberos_possible(struct gensec_security *gensec_security)
 {
 	struct cli_credentials *creds = gensec_get_credentials(gensec_security);