svn commit: samba r26233 - in branches/SAMBA_4_0: . source/auth source/auth/credentials source/auth/gensec source/auth/kerberos source/dsdb/samdb source/dsdb/samdb/ldb_modules source/kdc source/torture/auth

jelmer at samba.org jelmer at samba.org
Sun Dec 2 20:56:28 GMT 2007


Author: jelmer
Date: 2007-12-02 20:56:26 +0000 (Sun, 02 Dec 2007)
New Revision: 26233

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=26233

Log:
Pass loadparm context when creating krb5 contexts.
Modified:
   branches/SAMBA_4_0/
   branches/SAMBA_4_0/source/auth/auth.c
   branches/SAMBA_4_0/source/auth/auth_util.c
   branches/SAMBA_4_0/source/auth/credentials/credentials_krb5.c
   branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c
   branches/SAMBA_4_0/source/auth/kerberos/kerberos.h
   branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.c
   branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.h
   branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c
   branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c
   branches/SAMBA_4_0/source/kdc/kdc.c
   branches/SAMBA_4_0/source/torture/auth/pac.c


Changeset:

Property changes on: branches/SAMBA_4_0
___________________________________________________________________
Name: bzr:revision-info
...skipped...
Name: bzr:file-ids
...skipped...
Name: bzr:revision-id:v3-trunk0
...skipped...

Modified: branches/SAMBA_4_0/source/auth/auth.c
===================================================================
--- branches/SAMBA_4_0/source/auth/auth.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/auth/auth.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -244,7 +244,7 @@
 	req->callback.private_data	= private_data;
 
 	if (!user_info->mapped_state) {
-		nt_status = map_user_info(req, user_info, &user_info_tmp);
+		nt_status = map_user_info(req, lp_workgroup(auth_ctx->lp_ctx), user_info, &user_info_tmp);
 		if (!NT_STATUS_IS_OK(nt_status)) goto failed;
 		user_info = user_info_tmp;
 		req->user_info	= user_info_tmp;

Modified: branches/SAMBA_4_0/source/auth/auth_util.c
===================================================================
--- branches/SAMBA_4_0/source/auth/auth_util.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/auth/auth_util.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -43,6 +43,7 @@
 ****************************************************************************/
 
 NTSTATUS map_user_info(TALLOC_CTX *mem_ctx,
+		       const char *default_domain,
 		       const struct auth_usersupplied_info *user_info,
 		       struct auth_usersupplied_info **user_info_mapped)
 {
@@ -73,7 +74,7 @@
 		d++;
 		domain = d;
 	} else {
-		domain = lp_workgroup(global_loadparm);
+		domain = default_domain;
 	}
 
 	*user_info_mapped = talloc(mem_ctx, struct auth_usersupplied_info);

Modified: branches/SAMBA_4_0/source/auth/credentials/credentials_krb5.c
===================================================================
--- branches/SAMBA_4_0/source/auth/credentials/credentials_krb5.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/auth/credentials/credentials_krb5.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -26,8 +26,10 @@
 #include "auth/kerberos/kerberos.h"
 #include "auth/credentials/credentials.h"
 #include "auth/credentials/credentials_krb5.h"
+#include "param/param.h"
 
 int cli_credentials_get_krb5_context(struct cli_credentials *cred, 
+				     struct loadparm_context *lp_ctx,
 				     struct smb_krb5_context **smb_krb5_context) 
 {
 	int ret;
@@ -37,7 +39,7 @@
 	}
 
 	ret = smb_krb5_init_context(cred, cli_credentials_get_event_context(cred), 
-				    &cred->smb_krb5_context);
+				    lp_ctx, &cred->smb_krb5_context);
 	if (ret) {
 		return ret;
 	}
@@ -139,7 +141,7 @@
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, &ccc->smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &ccc->smb_krb5_context);
 	if (ret) {
 		talloc_free(ccc);
 		return ret;
@@ -213,7 +215,7 @@
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, &ccc->smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &ccc->smb_krb5_context);
 	if (ret) {
 		talloc_free(ccc);
 		return ret;
@@ -461,7 +463,7 @@
 		return EINVAL;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &smb_krb5_context);
 	if (ret) {
 		return ret;
 	}
@@ -507,7 +509,7 @@
 		return 0;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &smb_krb5_context);
 	if (ret) {
 		return ret;
 	}
@@ -545,7 +547,7 @@
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &smb_krb5_context);
 	if (ret) {
 		talloc_free(mem_ctx);
 		return ret;
@@ -585,7 +587,7 @@
 		return 0;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &smb_krb5_context);
 	if (ret) {
 		return ret;
 	}

Modified: branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c
===================================================================
--- branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -239,6 +239,7 @@
 
 	ret = smb_krb5_init_context(gensec_gssapi_state, 
 				    gensec_security->event_ctx,
+				    global_loadparm,
 				    &gensec_gssapi_state->smb_krb5_context);
 	if (ret) {
 		DEBUG(1,("gensec_krb5_start: krb5_init_context failed (%s)\n",

Modified: branches/SAMBA_4_0/source/auth/kerberos/kerberos.h
===================================================================
--- branches/SAMBA_4_0/source/auth/kerberos/kerberos.h	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/auth/kerberos/kerberos.h	2007-12-02 20:56:26 UTC (rev 26233)
@@ -151,6 +151,7 @@
 				     krb5_principal client_principal,
 				     time_t tgs_authtime,
 				     DATA_BLOB *pac);
+struct loadparm_context;
 
 #include "auth/kerberos/proto.h"
 

Modified: branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.c
===================================================================
--- branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -366,6 +366,7 @@
 
 krb5_error_code smb_krb5_init_context(void *parent_ctx, 
 				      struct event_context *ev,
+				      struct loadparm_context *lp_ctx,
 				       struct smb_krb5_context **smb_krb5_context) 
 {
 	krb5_error_code ret;
@@ -393,7 +394,7 @@
 
 	talloc_set_destructor(*smb_krb5_context, smb_krb5_context_destroy_1);
 
-	config_file = config_path(tmp_ctx, global_loadparm, "krb5.conf");
+	config_file = config_path(tmp_ctx, lp_ctx, "krb5.conf");
 	if (!config_file) {
 		talloc_free(tmp_ctx);
 		return ENOMEM;
@@ -418,10 +419,10 @@
 		return ret;
 	}
 						
-	if (lp_realm(global_loadparm) && *lp_realm(global_loadparm)) {
-		char *upper_realm = strupper_talloc(tmp_ctx, lp_realm(global_loadparm));
+	if (lp_realm(lp_ctx) && *lp_realm(lp_ctx)) {
+		char *upper_realm = strupper_talloc(tmp_ctx, lp_realm(lp_ctx));
 		if (!upper_realm) {
-			DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(global_loadparm)));
+			DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(lp_ctx)));
 			talloc_free(tmp_ctx);
 			return ENOMEM;
 		}
@@ -473,7 +474,7 @@
 	/* Set options in kerberos */
 
 	krb5_set_dns_canonicalize_hostname((*smb_krb5_context)->krb5_context,
-					   lp_parm_bool(global_loadparm, NULL, "krb5", "set_dns_canonicalize", false));
+					   lp_parm_bool(lp_ctx, NULL, "krb5", "set_dns_canonicalize", false));
 
 	return 0;
 }

Modified: branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.h
===================================================================
--- branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.h	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/auth/kerberos/krb5_init_context.h	2007-12-02 20:56:26 UTC (rev 26233)
@@ -23,7 +23,9 @@
 };
 	
 struct event_context;
+struct loadparm_context;
 krb5_error_code smb_krb5_init_context(void *parent_ctx, struct event_context *ev,
+				      struct loadparm_context *lp_ctx,
 				      struct smb_krb5_context **smb_krb5_context); 
 void smb_krb5_free_context(struct smb_krb5_context *smb_krb5_context);
 

Modified: branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -358,6 +358,7 @@
 	struct smb_krb5_context *smb_krb5_context;
 	ret = smb_krb5_init_context(mem_ctx, 
 				    (struct event_context *)ldb_get_opaque(sam_ctx, "EventContext"), 
+				    (struct loadparm_context *)ldb_get_opaque(sam_ctx, "loadparm"), 
 				    &smb_krb5_context);
 				
 	if (ret) {

Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/password_hash.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -1432,6 +1432,7 @@
 	/* Some operations below require kerberos contexts */
 	if (smb_krb5_init_context(ac->down_req, 
 				  ldb_get_opaque(h->module->ldb, "EventContext"), 
+				  (struct loadparm_context *)ldb_get_opaque(h->module->ldb, "loadparm"), 
 				  &smb_krb5_context) != 0) {
 		return LDB_ERR_OPERATIONS_ERROR;
 	}
@@ -1759,6 +1760,7 @@
 	/* Some operations below require kerberos contexts */
 	if (smb_krb5_init_context(ac->mod_req, 
 				  ldb_get_opaque(h->module->ldb, "EventContext"), 
+				  (struct loadparm_context *)ldb_get_opaque(h->module->ldb, "loadparm"), 
 				  &smb_krb5_context) != 0) {
 		return LDB_ERR_OPERATIONS_ERROR;
 	}

Modified: branches/SAMBA_4_0/source/kdc/kdc.c
===================================================================
--- branches/SAMBA_4_0/source/kdc/kdc.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/kdc/kdc.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -584,7 +584,7 @@
 
 	initialize_krb5_error_table();
 
-	ret = smb_krb5_init_context(kdc, task->event_ctx, &kdc->smb_krb5_context);
+	ret = smb_krb5_init_context(kdc, task->event_ctx, task->lp_ctx, &kdc->smb_krb5_context);
 	if (ret) {
 		DEBUG(1,("kdc_task_init: krb5_init_context failed (%s)\n", 
 			 error_message(ret)));

Modified: branches/SAMBA_4_0/source/torture/auth/pac.c
===================================================================
--- branches/SAMBA_4_0/source/torture/auth/pac.c	2007-12-02 20:24:24 UTC (rev 26232)
+++ branches/SAMBA_4_0/source/torture/auth/pac.c	2007-12-02 20:56:26 UTC (rev 26233)
@@ -57,6 +57,7 @@
 
 	torture_assert(tctx, 0 == smb_krb5_init_context(mem_ctx, 
 							NULL,
+							global_loadparm,
 							&smb_krb5_context), 
 		       "smb_krb5_init_context");
 
@@ -285,6 +286,7 @@
 	TALLOC_CTX *mem_ctx = tctx;
 
 	torture_assert(tctx, 0 == smb_krb5_init_context(mem_ctx, NULL,
+							global_loadparm,
 							&smb_krb5_context),
 		       "smb_krb5_init_context");
 



More information about the samba-cvs mailing list