From 27306abb9a818ac4eb321d21393bfc8afe3f7baf Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Sat, 1 Oct 2016 11:37:39 +0200 Subject: [PATCH] auth: Add new cli_credentials_ccache_destroy() function Signed-off-by: Andreas Schneider --- auth/credentials/credentials.h | 1 + auth/credentials/credentials_krb5.c | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/auth/credentials/credentials.h b/auth/credentials/credentials.h index 1d5efc4759fa..5a5bbb2c3bd1 100644 --- a/auth/credentials/credentials.h +++ b/auth/credentials/credentials.h @@ -168,6 +168,7 @@ bool cli_credentials_ccache_init(struct cli_credentials *cred, const char *ccache_name); bool cli_credentials_ccache_reinit(struct cli_credentials *cred, struct loadparm_context *lp_ctx); +bool cli_credentials_ccache_destroy(struct cli_credentials *cred); NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred, struct loadparm_context *lp_ctx, const char *serviceprincipal); diff --git a/auth/credentials/credentials_krb5.c b/auth/credentials/credentials_krb5.c index 45528a77e776..46a7b05fe682 100644 --- a/auth/credentials/credentials_krb5.c +++ b/auth/credentials/credentials_krb5.c @@ -325,6 +325,33 @@ done: return ok; } +/** + * @brief Destroy a Kerberos credential cache. + * + * This function destroys any existing contents of a cache and closes it. + * + * @param[in] cred The cli_credentials structure. + * + * @return true on success, false otherwise. + */ +_PUBLIC_ bool cli_credentials_ccache_destroy(struct cli_credentials *cred) +{ + struct ccache_container *ccc = cred->krb5_ccache; + krb5_error_code code; + + code = krb5_cc_destroy(ccc->smb_krb5_context->krb5_context, + ccc->ccache); + if (code != 0) { + return false; + } + ccc->ccache = NULL; + + TALLOC_FREE(cred->krb5_ccache); + cred->krb5_ccache_obtained = CRED_UNINITIALISED; + + return true; +} + /** * @brief Reinitialize the Kerberos credential cache * -- 2.34.1