s3-schannel: add simple wrappers to fetch and store schannel auth info.

Guenther

4 files changed, 79 insertions, 1 deletions

diff --git a/source3/Makefile.in b/source3/Makefile.in
index 765250595d1..3af97db9675 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -492,7 +492,8 @@ TLDAP_OBJ = lib/tldap.o lib/tldap_util.o lib/util_tsock.o
 SCHANNEL_OBJ = libsmb/credentials.o \
 	       ../libcli/auth/credentials.o \
 	       ../libcli/auth/schannel_state_tdb.o \
-	       ../librpc/gen_ndr/ndr_schannel.o
+	       ../librpc/gen_ndr/ndr_schannel.o \
+	       passdb/secrets_schannel.o
 
 LIBSMB_OBJ = libsmb/clientgen.o libsmb/cliconnect.o libsmb/clifile.o \
 	     libsmb/clikrb5.o libsmb/clispnego.o ../lib/util/asn1.o \
diff --git a/source3/include/proto.h b/source3/include/proto.h
index d6ee5ed65fb..bed592c6cba 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -4744,6 +4744,14 @@ char *secrets_fetch_generic(const char *owner, const char *key);
 bool secrets_store_local_schannel_key(uint8_t schannel_key[16]);
 bool secrets_fetch_local_schannel_key(uint8_t schannel_key[16]);
 
+/* The following definitions come from passdb/secrets_schannel.c  */
+
+NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
+				    const char *computer_name,
+				    struct netlogon_creds_CredentialState **pcreds);
+NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
+				    struct netlogon_creds_CredentialState *creds);
+
 /* The following definitions come from passdb/util_builtin.c  */
 
 bool lookup_builtin_rid(TALLOC_CTX *mem_ctx, uint32 rid, const char **name);
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index ee0dcaf42cc..0a3871e6201 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -24,6 +24,7 @@
 
 #include "includes.h"
 #include "../libcli/auth/libcli_auth.h"
+
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_PASSDB
 
diff --git a/source3/passdb/secrets_schannel.c b/source3/passdb/secrets_schannel.c
new file mode 100644
index 00000000000..84a860ee6aa
--- /dev/null
+++ b/source3/passdb/secrets_schannel.c
@@ -0,0 +1,68 @@
+/*
+   Unix SMB/CIFS implementation.
+   Copyright (C) Guenther Deschner    2009
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "../libcli/auth/libcli_auth.h"
+#include "../libcli/auth/schannel_state.h"
+
+/******************************************************************************
+ Wrapper around schannel_fetch_session_key_tdb()
+ Note we must be root here.
+*******************************************************************************/
+
+NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
+				    const char *computer_name,
+				    struct netlogon_creds_CredentialState **pcreds)
+{
+	struct tdb_context *tdb;
+	NTSTATUS status;
+
+	tdb = open_schannel_session_store(mem_ctx);
+	if (!tdb) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	status = schannel_fetch_session_key_tdb(tdb, mem_ctx, computer_name, pcreds);
+
+	tdb_close(tdb);
+
+	return status;
+}
+
+/******************************************************************************
+ Wrapper around schannel_store_session_key_tdb()
+ Note we must be root here.
+*******************************************************************************/
+
+NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
+				    struct netlogon_creds_CredentialState *creds)
+{
+	struct tdb_context *tdb;
+	NTSTATUS status;
+
+	tdb = open_schannel_session_store(mem_ctx);
+	if (!tdb) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	status = schannel_store_session_key_tdb(tdb, mem_ctx, creds);
+
+	tdb_close(tdb);
+
+	return status;
+}