関数 | |
ADS_STATUS | ads_change_trust_account_password (ADS_STRUCT *ads, char *host_principal) |
ADS_STATUS | ads_guess_service_principal (ADS_STRUCT *ads, char **returned_principal) |
ADS_STATUS ads_change_trust_account_password | ( | ADS_STRUCT * | ads, | |
char * | host_principal | |||
) |
参照先 ADS_STRUCT::auth・failed・generate_random_str()・ADS_STRUCT::kdc_server・kerberos_set_password()・lp_workgroup()・password・secrets_fetch_machine_password()・secrets_store_machine_password()・ADS_STRUCT::time_offset.
00026 { 00027 char *password; 00028 char *new_password; 00029 ADS_STATUS ret; 00030 uint32 sec_channel_type; 00031 00032 if ((password = secrets_fetch_machine_password(lp_workgroup(), NULL, &sec_channel_type)) == NULL) { 00033 DEBUG(1,("Failed to retrieve password for principal %s\n", host_principal)); 00034 return ADS_ERROR_SYSTEM(ENOENT); 00035 } 00036 00037 new_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); 00038 00039 ret = kerberos_set_password(ads->auth.kdc_server, host_principal, password, host_principal, new_password, ads->auth.time_offset); 00040 00041 if (!ADS_ERR_OK(ret)) { 00042 goto failed; 00043 } 00044 00045 if (!secrets_store_machine_password(new_password, lp_workgroup(), sec_channel_type)) { 00046 DEBUG(1,("Failed to save machine password\n")); 00047 ret = ADS_ERROR_SYSTEM(EACCES); 00048 goto failed; 00049 } 00050 00051 failed: 00052 SAFE_FREE(password); 00053 return ret; 00054 }
ADS_STATUS ads_guess_service_principal | ( | ADS_STRUCT * | ads, | |
char ** | returned_principal | |||
) |
参照先 asprintf()・ADS_STRUCT::config・ADS_STRUCT::ldap_server・ADS_STRUCT::ldap_server_name・ADS_STRUCT::realm・server・ADS_STRUCT::server・strlower_m()・strupper_m().
参照元 ads_generate_service_principal().
00058 { 00059 char *princ = NULL; 00060 00061 if (ads->server.realm && ads->server.ldap_server) { 00062 char *server, *server_realm; 00063 00064 server = SMB_STRDUP(ads->server.ldap_server); 00065 server_realm = SMB_STRDUP(ads->server.realm); 00066 00067 if (!server || !server_realm) { 00068 return ADS_ERROR(LDAP_NO_MEMORY); 00069 } 00070 00071 strlower_m(server); 00072 strupper_m(server_realm); 00073 asprintf(&princ, "ldap/%s@%s", server, server_realm); 00074 00075 SAFE_FREE(server); 00076 SAFE_FREE(server_realm); 00077 00078 if (!princ) { 00079 return ADS_ERROR(LDAP_NO_MEMORY); 00080 } 00081 } else if (ads->config.realm && ads->config.ldap_server_name) { 00082 char *server, *server_realm; 00083 00084 server = SMB_STRDUP(ads->config.ldap_server_name); 00085 server_realm = SMB_STRDUP(ads->config.realm); 00086 00087 if (!server || !server_realm) { 00088 return ADS_ERROR(LDAP_NO_MEMORY); 00089 } 00090 00091 strlower_m(server); 00092 strupper_m(server_realm); 00093 asprintf(&princ, "ldap/%s@%s", server, server_realm); 00094 00095 SAFE_FREE(server); 00096 SAFE_FREE(server_realm); 00097 00098 if (!princ) { 00099 return ADS_ERROR(LDAP_NO_MEMORY); 00100 } 00101 } 00102 00103 if (!princ) { 00104 return ADS_ERROR(LDAP_PARAM_ERROR); 00105 } 00106 00107 *returned_principal = princ; 00108 00109 return ADS_SUCCESS; 00110 }