svn commit: samba r11522 - in branches/SAMBA_4_0/source: auth lib/ldb/ldb_ildap

Sat Nov 5 11:13:23 GMT 2005

Author: abartlet
Date: 2005-11-05 11:13:22 +0000 (Sat, 05 Nov 2005)
New Revision: 11522

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11522

Log:
Add support for delegated credentials and machine account credentials
to ldb, based on the sessionInfo we now pass around.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/auth/auth_util.c
   branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/auth_util.c
===================================================================

--- branches/SAMBA_4_0/source/auth/auth_util.c	2005-11-05 11:02:37 UTC (rev 11521)
+++ branches/SAMBA_4_0/source/auth/auth_util.c	2005-11-05 11:13:22 UTC (rev 11522)
@@ -553,6 +553,14 @@
 
 	NT_STATUS_NOT_OK_RETURN(nt_status);
 
+	session_info->credentials = cli_credentials_init(session_info);
+	if (!session_info->credentials) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	cli_credentials_set_conf(session_info->credentials);
+	cli_credentials_set_anonymous(session_info->credentials);
+	
 	*_session_info = session_info;
 
 	return NT_STATUS_OK;
@@ -590,6 +598,18 @@
 
 	NT_STATUS_NOT_OK_RETURN(nt_status);
 
+	session_info->credentials = cli_credentials_init(session_info);
+	if (!session_info->credentials) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	cli_credentials_set_conf(session_info->credentials);
+	if (!NT_STATUS_IS_OK(cli_credentials_set_machine_account(session_info->credentials))) {
+		/* perhaps no credentials, we might not be joined to a domain */
+		talloc_free(session_info->credentials);
+		session_info->credentials = NULL;
+	}
+	
 	*_session_info = session_info;
 
 	return NT_STATUS_OK;

Modified: branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c
===================================================================
--- branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c	2005-11-05 11:02:37 UTC (rev 11521)
+++ branches/SAMBA_4_0/source/lib/ldb/ldb_ildap/ldb_ildap.c	2005-11-05 11:13:22 UTC (rev 11522)
@@ -36,6 +36,7 @@
 #include "libcli/ldap/ldap.h"
 #include "libcli/ldap/ldap_client.h"
 #include "lib/cmdline/popt_common.h"
+#include "auth/auth.h"
 
 struct ildb_private {
 	struct ldap_connection *ldap;
@@ -459,9 +460,14 @@
 	ldb->modules->ops = &ildb_ops;
 
 	/* caller can optionally setup credentials using the opaque token 'credentials' */
-	creds = ldb_get_opaque(ldb, "credentials");
+	creds = talloc_get_type(ldb_get_opaque(ldb, "credentials"), struct cli_credentials);
 	if (creds == NULL) {
-		creds = cmdline_credentials;
+		struct auth_session_info *session_info = talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info);
+		if (session_info && session_info->credentials) {
+			creds = session_info->credentials;
+		} else {
+			creds = cmdline_credentials;
+		}
 	}
 
 	if (creds != NULL && cli_credentials_authentication_requested(creds)) {

