From: Pavel Filipenský <pfilipensky@samba.org>
Date: Thu, 6 Mar 2025 22:20:53 +0000 (+0100)
Subject: lib:krb5_wrap: Add smb_krb5_parse_name_flags()
X-Git-Tag: tevent-0.17.0~572
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cf34645050df64d6b8c4fa45394c3feebe691e79;p=thirdparty%2Fsamba.git

lib:krb5_wrap: Add smb_krb5_parse_name_flags()

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15727

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
---

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 451616c79e5..0a4a7ea986f 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -836,6 +836,29 @@ krb5_error_code smb_krb5_get_allowed_etypes(krb5_context context,
 krb5_error_code smb_krb5_parse_name(krb5_context context,
 				    const char *name,
 				    krb5_principal *principal)
+{
+	return smb_krb5_parse_name_flags(context, name, 0, principal);
+}
+
+/**
+ * @brief Convert a string principal name to a Kerberos principal.
+ *
+ * @param[in]  context  The library context
+ *
+ * @param[in]  name     The principal as a unix charset string.
+ *
+ * @param[in]  flags    Flags for krb5_parse_name_flags()
+ *
+ * @param[out] principal The newly allocated principal.
+ *
+ * Use krb5_free_principal() to free a principal when it is no longer needed.
+ *
+ * @return 0 on success, a Kerberos error code otherwise.
+ */
+krb5_error_code smb_krb5_parse_name_flags(krb5_context context,
+					  const char *name,
+					  int flags,
+					  krb5_principal *principal)
 {
 	krb5_error_code ret;
 	char *utf8_name;
@@ -843,17 +866,19 @@ krb5_error_code smb_krb5_parse_name(krb5_context context,
 	TALLOC_CTX *frame = talloc_stackframe();
 
 	if (!push_utf8_talloc(frame, &utf8_name, name, &converted_size)) {
-		talloc_free(frame);
+		TALLOC_FREE(frame);
 		return ENOMEM;
 	}
+	TALLOC_FREE(frame);
 
-	ret = krb5_parse_name(context, utf8_name, principal);
-	if (ret == KRB5_PARSE_MALFORMED) {
-		ret = krb5_parse_name_flags(context, utf8_name,
-					    KRB5_PRINCIPAL_PARSE_ENTERPRISE,
-					    principal);
+	ret = krb5_parse_name_flags(context, utf8_name, flags, principal);
+	if (ret != KRB5_PARSE_MALFORMED) {
+		return ret;
 	}
-	TALLOC_FREE(frame);
+
+	flags |= KRB5_PRINCIPAL_PARSE_ENTERPRISE;
+	ret = krb5_parse_name_flags(context, utf8_name, flags, principal);
+
 	return ret;
 }
 
diff --git a/lib/krb5_wrap/krb5_samba.h b/lib/krb5_wrap/krb5_samba.h
index 173307f7c88..a562359e121 100644
--- a/lib/krb5_wrap/krb5_samba.h
+++ b/lib/krb5_wrap/krb5_samba.h
@@ -186,6 +186,11 @@ krb5_error_code smb_krb5_parse_name(krb5_context context,
 				const char *name, /* in unix charset */
                                 krb5_principal *principal);
 
+krb5_error_code smb_krb5_parse_name_flags(krb5_context context,
+					  const char *name, /* unix charset */
+					  int flags,
+					  krb5_principal *principal);
+
 krb5_error_code smb_krb5_unparse_name(TALLOC_CTX *mem_ctx,
 				      krb5_context context,
 				      krb5_const_principal principal,