kerberos: allow to keep entries with old kvno's while creating keytab.

author Günther Deschner <gd@samba.org>

Mon, 30 Jun 2008 08:32:15 +0000 (10:32 +0200)

committer Günther Deschner <gd@samba.org>

Mon, 30 Jun 2008 10:38:40 +0000 (12:38 +0200)
author Günther Deschner <gd@samba.org>
Mon, 30 Jun 2008 08:32:15 +0000 (10:32 +0200)
committer Günther Deschner <gd@samba.org>
Mon, 30 Jun 2008 10:38:40 +0000 (12:38 +0200)
diff --git a/source/include/includes.h b/source/include/includes.h

index e9addf6ee00dc2dde0ce5616afeffc21a78ff556..aa99dc0b63b4e115a173a7e51e04091261650ec7 100644 (file)
--- a/source/include/includes.h
+++ b/source/include/includes.h
@@ -1231,7 +1231,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
                               const char *princ_s,
                               krb5_enctype *enctypes,
                               krb5_data password,
-                             bool no_salt);
+                             bool no_salt,
+                             bool keep_old_entries);
  
  #endif /* HAVE_KRB5 */
  
diff --git a/source/libads/kerberos_keytab.c b/source/libads/kerberos_keytab.c

index 04804fc27ce0ca7a9b4b3f9ff58dd5a67121c9c5..b905cb4a0f522cf5fee575dbc0f7a080fd2a6bf1 100644 (file)
--- a/source/libads/kerberos_keytab.c
+++ b/source/libads/kerberos_keytab.c
@@ -38,7 +38,8 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
                               const char *princ_s,
                               krb5_enctype *enctypes,
                               krb5_data password,
-                             bool no_salt)
+                             bool no_salt,
+                             bool keep_old_entries)
  {
         krb5_error_code ret = 0;
         krb5_kt_cursor cursor;
@@ -96,7 +97,7 @@ int smb_krb5_kt_add_entry_ext(krb5_context context,
                                 if (kt_entry.vno == kvno - 1) {
                                         DEBUG(5,("smb_krb5_kt_add_entry_ext: Saving previous (kvno %d) entry for principal: %s.\n",
                                                 kvno - 1, princ_s));
-                               } else {
+                               } else if (!keep_old_entries) {
                                         DEBUG(5,("smb_krb5_kt_add_entry_ext: Found old entry for principal: %s (kvno %d) - trying to remove it.\n",
                                                 princ_s, kt_entry.vno));
                                         ret = krb5_kt_end_seq_get(context, keytab, &cursor);
@@ -224,6 +225,7 @@ int smb_krb5_kt_add_entry(krb5_context context,
                                          princ_s,
                                          enctypes,
                                          password,
+                                        false,
                                          false);
  }
  
diff --git a/source/libnet/libnet_keytab.c b/source/libnet/libnet_keytab.c

index faa491471e372eaf0681b506f783bfda2b1b1d72..02c2b6f76153d6fe7b2df2ecacc7c65c25c631e0 100644 (file)
--- a/source/libnet/libnet_keytab.c
+++ b/source/libnet/libnet_keytab.c
@@ -126,6 +126,7 @@ krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx)
                                                 entry->principal,
                                                 enctypes,
                                                 password,
+                                               true,
                                                 true);
                 if (ret) {
                         DEBUG(1,("libnet_keytab_add: "
author	Günther Deschner <gd@samba.org>
	Mon, 30 Jun 2008 08:32:15 +0000 (10:32 +0200)
committer	Günther Deschner <gd@samba.org>
	Mon, 30 Jun 2008 10:38:40 +0000 (12:38 +0200)
source/include/includes.h		patch \| blob \| blame \| history
source/libads/kerberos_keytab.c		patch \| blob \| blame \| history
source/libnet/libnet_keytab.c		patch \| blob \| blame \| history