From: Stefan Metzmacher <metze@samba.org>
Date: Thu, 14 Apr 2022 11:34:37 +0000 (+0200)
Subject: lib/cmdline: skip the password prompt if we have a valid krb5 ccache
X-Git-Tag: tdb-1.4.11~856
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a85f1b6facd2b641f98dcea9b997a02d8f276882;p=thirdparty%2Fsamba.git

lib/cmdline: skip the password prompt if we have a valid krb5 ccache

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15018

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---

diff --git a/lib/cmdline/cmdline.c b/lib/cmdline/cmdline.c
index 6f081324e64..be729107f40 100644
--- a/lib/cmdline/cmdline.c
+++ b/lib/cmdline/cmdline.c
@@ -837,6 +837,25 @@ static void popt_common_credentials_callback(poptContext popt_ctx,
 						     CRED_SPECIFIED);
 		}
 
+		if (cli_credentials_get_kerberos_state(creds) ==
+		    CRED_USE_KERBEROS_REQUIRED)
+		{
+			enum credentials_obtained ccache_obtained =
+				CRED_UNINITIALISED;
+			enum credentials_obtained principal_obtained =
+				CRED_UNINITIALISED;
+			bool ccache_valid;
+
+			principal_obtained =
+				cli_credentials_get_principal_obtained(creds);
+			ccache_valid = cli_credentials_get_ccache_name_obtained(
+				creds, NULL, NULL, &ccache_obtained);
+			if (ccache_valid &&
+			    ccache_obtained == principal_obtained)
+			{
+				skip_password_callback = true;
+			}
+		}
 		if (!skip_password_callback) {
 			(void)cli_credentials_get_password_and_obtained(creds,
 									&password_obtained);