[SCM] Samba Shared Repository - branch v4-0-test updated -
release-4-0-0alpha3-229-gece878c
Jelmer Vernooij
jelmer at samba.org
Thu Apr 17 11:07:21 GMT 2008
The branch, v4-0-test has been updated
via ece878c1f9251b83598508e23ce0015b4db72f0a (commit)
via 5632fe8c61cfd7d69ebdc263dcb5740e72f25b95 (commit)
via b4e1ae07a284c044704322446c94351c2decff91 (commit)
via 2d1ca8cb7a1c39894e5f232f7e84936e6e1830ee (commit)
via b659e83cd6b627dd0ae04064bccff7220a5bd1ce (commit)
via 04420b4689bc223202d5bba871e3eea16301e8e9 (commit)
via 40b7b0e503cff31ea4e3d4822f2263fbeb76c57a (commit)
via 1da0063bd5fd18ad3ac7a07c985ec6be380486e2 (commit)
via a95a71fe45ef6a578569931a7c38061783d07db3 (commit)
via fd0bb96acea3d7949cf0574bb6f3568a90f67f4e (commit)
via 906b9fe158841c41789952601b36016af6621565 (commit)
via 4d7fc946b2ec50e774689c9036423b6feef99b8e (commit)
via 4ca264679ecfd938c538a93f4efff1bfa23c3744 (commit)
via 2823fca23a4cacc996c808f22cba50b4482b5921 (commit)
from 0df2b3e0b56007850cf83cfdcdb45ca29e162d34 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
- Log -----------------------------------------------------------------
commit ece878c1f9251b83598508e23ce0015b4db72f0a
Merge: 5632fe8c61cfd7d69ebdc263dcb5740e72f25b95 0df2b3e0b56007850cf83cfdcdb45ca29e162d34
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 13:05:25 2008 +0200
Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test
commit 5632fe8c61cfd7d69ebdc263dcb5740e72f25b95
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 13:04:04 2008 +0200
Fix the build.
commit b4e1ae07a284c044704322446c94351c2decff91
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 12:23:44 2008 +0200
Specify event_context to ldb_wrap_connect explicitly.
commit 2d1ca8cb7a1c39894e5f232f7e84936e6e1830ee
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 02:06:07 2008 +0200
Avoid recursive make for code coverage.
commit b659e83cd6b627dd0ae04064bccff7220a5bd1ce
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 01:37:42 2008 +0200
Add convenience function for getting at event context from ejs code.
commit 04420b4689bc223202d5bba871e3eea16301e8e9
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 01:37:02 2008 +0200
Avoid using event_context_find where possible.
commit 40b7b0e503cff31ea4e3d4822f2263fbeb76c57a
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 01:30:21 2008 +0200
Fix the build.
commit 1da0063bd5fd18ad3ac7a07c985ec6be380486e2
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 01:22:39 2008 +0200
Require explicit event context rather than looking if it is not specified.
commit a95a71fe45ef6a578569931a7c38061783d07db3
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 01:19:53 2008 +0200
Explicitly require event context to be specified.
commit fd0bb96acea3d7949cf0574bb6f3568a90f67f4e
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 01:19:20 2008 +0200
Use provided event context rather than looking for it.
commit 906b9fe158841c41789952601b36016af6621565
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 01:09:33 2008 +0200
Require passing in an event context to endpoint mapper utility function.
commit 4d7fc946b2ec50e774689c9036423b6feef99b8e
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Thu Apr 17 01:03:18 2008 +0200
Remove event context tracking from the credentials struct.
commit 4ca264679ecfd938c538a93f4efff1bfa23c3744
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Apr 16 23:06:27 2008 +0200
Avoid event_find_context when a event context is already available.
commit 2823fca23a4cacc996c808f22cba50b4482b5921
Author: Jelmer Vernooij <jelmer at samba.org>
Date: Wed Apr 16 22:52:07 2008 +0200
Use readily available event context.
-----------------------------------------------------------------------
Summary of changes:
source/auth/auth_sam.c | 2 +-
source/auth/auth_simple.c | 2 +-
source/auth/credentials/credentials.c | 22 +---
source/auth/credentials/credentials.h | 16 ++-
source/auth/credentials/credentials_files.c | 14 ++-
source/auth/credentials/credentials_krb5.c | 35 +++--
source/auth/credentials/credentials_krb5.h | 1 +
source/auth/gensec/gensec_gssapi.c | 14 ++-
source/auth/gensec/gensec_krb5.c | 16 ++-
source/auth/gensec/schannel.c | 5 +-
source/auth/gensec/schannel_state.c | 11 +-
source/auth/ntlmssp/ntlmssp_server.c | 2 +-
source/auth/sam.c | 3 +-
source/auth/session.c | 8 +-
source/auth/session.h | 3 +
source/cldap_server/cldap_server.c | 2 +-
source/client/client.c | 3 +-
source/dsdb/common/sidmap.c | 5 +-
source/dsdb/repl/drepl_service.c | 2 +-
source/dsdb/samdb/cracknames.c | 6 +-
source/dsdb/samdb/ldb_modules/samldb.c | 3 +-
source/dsdb/samdb/ldb_modules/update_keytab.c | 4 +-
source/dsdb/samdb/samdb.c | 13 ++-
source/dsdb/samdb/samdb.h | 1 +
source/dsdb/samdb/samdb_privilege.c | 5 +-
source/kdc/hdb-ldb.c | 6 +-
source/kdc/kdc.c | 2 +-
source/kdc/kpasswdd.c | 6 +-
source/ldap_server/ldap_backend.c | 2 +
source/ldap_server/ldap_bind.c | 2 +-
source/ldap_server/ldap_server.c | 5 +-
source/lib/appweb/mpr/miniMpr.c | 6 +
source/lib/appweb/mpr/miniMpr.h | 2 +
source/lib/ldb_wrap.c | 9 +-
source/lib/ldb_wrap.h | 2 +
source/lib/registry/hive.c | 3 +-
source/lib/registry/ldb.c | 3 +-
source/lib/registry/registry.h | 4 +
source/lib/registry/registry.i | 5 +
source/lib/registry/registry.py | 1 +
source/lib/registry/registry_wrap.c | 170 +++++++++++++++---------
source/lib/registry/samba.c | 14 +-
source/lib/registry/tests/hive.c | 2 +-
source/lib/registry/tests/registry.c | 2 +-
source/lib/registry/tools/common.c | 9 +-
source/lib/registry/tools/regdiff.c | 10 +-
source/lib/registry/tools/regpatch.c | 6 +-
source/lib/registry/tools/regshell.c | 7 +-
source/lib/registry/tools/regtree.c | 7 +-
source/libnet/libnet_become_dc.c | 2 +-
source/libnet/libnet_join.c | 2 +-
source/libnet/libnet_samdump_keytab.c | 7 +-
source/libnet/libnet_samsync_ldb.c | 2 +
source/libnet/libnet_unbecome_dc.c | 2 +-
source/libnet/libnet_vampire.c | 7 +-
source/librpc/rpc/dcerpc_util.c | 15 +--
source/nbt_server/dgram/netlogon.c | 4 +-
source/nbt_server/nbt_server.c | 2 +-
source/nbt_server/wins/winsdb.c | 13 +-
source/nbt_server/wins/winsserver.c | 3 +-
source/ntptr/ntptr.h | 1 +
source/ntptr/ntptr_base.c | 4 +-
source/ntptr/simple_ldb/ntptr_simple_ldb.c | 6 +-
source/ntvfs/cifs/vfs_cifs.c | 2 -
source/ntvfs/common/notify.c | 4 +
source/ntvfs/ipc/ipc_rap.c | 11 +-
source/ntvfs/ipc/rap_server.c | 3 +-
source/ntvfs/ipc/vfs_ipc.c | 2 +-
source/ntvfs/posix/vfs_posix.c | 2 +-
source/ntvfs/sysdep/sys_lease.c | 2 +-
source/ntvfs/sysdep/sys_notify.c | 2 +-
source/param/share.c | 3 +-
source/param/share.h | 5 +-
source/param/share_classic.c | 1 +
source/param/share_ldb.c | 6 +-
source/param/tests/share.c | 4 +-
source/rpc_server/common/server_info.c | 4 +-
source/rpc_server/drsuapi/dcesrv_drsuapi.c | 2 +-
source/rpc_server/lsa/lsa_init.c | 2 +-
source/rpc_server/lsa/lsa_lookup.c | 15 +-
source/rpc_server/netlogon/dcerpc_netlogon.c | 29 ++--
source/rpc_server/samr/dcesrv_samr.c | 4 +-
source/rpc_server/samr/samr_password.c | 6 +-
source/rpc_server/service_rpc.c | 2 +-
source/rpc_server/spoolss/dcesrv_spoolss.c | 2 +-
source/rpc_server/srvsvc/dcesrv_srvsvc.c | 20 ++--
source/rpc_server/srvsvc/srvsvc_ntvfs.c | 2 +-
source/rpc_server/winreg/rpc_winreg.c | 2 +-
source/scripting/ejs/ejsnet/net_ctx.c | 2 +-
source/scripting/ejs/smbcalls_auth.c | 4 +-
source/scripting/ejs/smbcalls_ldb.c | 2 +-
source/scripting/ejs/smbcalls_nbt.c | 2 +-
source/scripting/ejs/smbcalls_reg.c | 2 +-
source/scripting/ejs/smbcalls_rpc.c | 4 +-
source/smb_server/smb/sesssetup.c | 5 +-
source/smb_server/smb_server.c | 3 +-
source/torture/config.mk | 33 +++--
source/torture/ldap/cldapbench.c | 2 +-
source/torture/ldap/schema.c | 2 +-
source/torture/ldap/uptodatevector.c | 2 +-
source/torture/libnet/domain.c | 4 +-
source/torture/libnet/libnet_BecomeDC.c | 4 +-
source/torture/local/dbspeed.c | 2 +-
source/torture/nbt/dgram.c | 6 +-
source/torture/raw/lockbench.c | 9 +-
source/torture/raw/offline.c | 13 +-
source/torture/raw/open.c | 10 +-
source/torture/raw/openbench.c | 9 +-
source/torture/raw/oplock.c | 3 +-
source/torture/rpc/async_bind.c | 7 +-
source/torture/rpc/schannel.c | 6 +-
source/torture/smb2/scan.c | 4 +-
source/torture/smb2/util.c | 2 +-
source/torture/smbtorture.c | 2 +-
source/torture/ui.c | 3 -
source/utils/net/net.c | 1 -
source/winbind/idmap.c | 3 +-
source/winbind/idmap.h | 2 +
source/winbind/wb_init_domain.c | 2 -
source/winbind/wb_samba3_cmd.c | 2 -
source/winbind/wb_server.c | 2 +-
source/wrepl_server/wrepl_server.c | 7 +-
122 files changed, 491 insertions(+), 365 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/auth/auth_sam.c b/source/auth/auth_sam.c
index 4b467ce..731e489 100644
--- a/source/auth/auth_sam.c
+++ b/source/auth/auth_sam.c
@@ -289,7 +289,7 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx
return NT_STATUS_NO_MEMORY;
}
- sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
+ sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->event_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
if (sam_ctx == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SYSTEM_SERVICE;
diff --git a/source/auth/auth_simple.c b/source/auth/auth_simple.c
index 50be02a..e7039c3 100644
--- a/source/auth/auth_simple.c
+++ b/source/auth/auth_simple.c
@@ -90,7 +90,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
}
if (session_info) {
- nt_status = auth_generate_session_info(tmp_ctx, lp_ctx, server_info, session_info);
+ nt_status = auth_generate_session_info(tmp_ctx, ev, lp_ctx, server_info, session_info);
if (NT_STATUS_IS_OK(nt_status)) {
talloc_steal(mem_ctx, *session_info);
diff --git a/source/auth/credentials/credentials.c b/source/auth/credentials/credentials.c
index 89dddc9..bfed451 100644
--- a/source/auth/credentials/credentials.c
+++ b/source/auth/credentials/credentials.c
@@ -65,7 +65,6 @@ _PUBLIC_ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
cred->tries = 3;
cred->callback_running = false;
- cred->ev = NULL;
cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS);
cli_credentials_set_gensec_features(cred, 0);
@@ -675,7 +674,7 @@ _PUBLIC_ void cli_credentials_guess(struct cli_credentials *cred,
}
if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
- cli_credentials_set_ccache(cred, lp_ctx, NULL, CRED_GUESS_FILE);
+ cli_credentials_set_ccache(cred, event_context_find(cred), lp_ctx, NULL, CRED_GUESS_FILE);
}
}
@@ -775,22 +774,3 @@ _PUBLIC_ bool cli_credentials_wrong_password(struct cli_credentials *cred)
return (cred->tries > 0);
}
-
-/*
- set the common event context for this set of credentials
- */
-_PUBLIC_ void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev)
-{
- cred->ev = ev;
-}
-
-/*
- set the common event context for this set of credentials
- */
-_PUBLIC_ struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred)
-{
- if (cred->ev == NULL) {
- cred->ev = event_context_find(cred);
- }
- return cred->ev;
-}
diff --git a/source/auth/credentials/credentials.h b/source/auth/credentials/credentials.h
index afcb300..2514b5b 100644
--- a/source/auth/credentials/credentials.h
+++ b/source/auth/credentials/credentials.h
@@ -26,6 +26,7 @@
#include "librpc/gen_ndr/misc.h"
struct ccache_container;
+struct event_context;
/* In order of priority */
enum credentials_obtained {
@@ -121,9 +122,6 @@ struct cli_credentials {
/* Whether any callback is currently running */
bool callback_running;
-
- /* an event context for anyone wanting to use the credentials */
- struct event_context *ev;
};
struct ldb_context;
@@ -152,12 +150,15 @@ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_
const char *cli_credentials_get_realm(struct cli_credentials *cred);
const char *cli_credentials_get_username(struct cli_credentials *cred);
int cli_credentials_get_krb5_context(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct smb_krb5_context **smb_krb5_context);
int cli_credentials_get_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ccache_container **ccc);
int cli_credentials_get_keytab(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct keytab_container **_ktc);
const char *cli_credentials_get_domain(struct cli_credentials *cred);
@@ -168,15 +169,15 @@ void cli_credentials_set_conf(struct cli_credentials *cred,
struct loadparm_context *lp_ctx);
const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx);
int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc);
int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc);
-void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev);
void cli_credentials_set_kerberos_state(struct cli_credentials *creds,
enum credentials_use_kerberos use_kerberos);
-struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred);
bool cli_credentials_set_domain(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained);
@@ -199,6 +200,7 @@ void cli_credentials_set_netlogon_creds(struct cli_credentials *cred,
NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred,
struct smb_krb5_context *smb_krb5_context);
NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *serviceprincipal);
NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
@@ -220,14 +222,17 @@ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
const struct samr_Password *nt_hash,
enum credentials_obtained obtained);
int cli_credentials_set_keytab_name(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *keytab_name,
enum credentials_obtained obtained);
int cli_credentials_update_keytab(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx);
void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features);
uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds);
int cli_credentials_set_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *name,
enum credentials_obtained obtained);
@@ -239,6 +244,7 @@ void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal);
enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds);
NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ldb_context *ldb,
const char *base,
diff --git a/source/auth/credentials/credentials_files.c b/source/auth/credentials/credentials_files.c
index 1bbdf8a..ab76ea2 100644
--- a/source/auth/credentials/credentials_files.c
+++ b/source/auth/credentials/credentials_files.c
@@ -30,6 +30,7 @@
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "param/param.h"
+#include "lib/events/events.h"
/**
* Read a file descriptor, and parse it for a password (eg from a file or stdin)
@@ -169,6 +170,7 @@ _PUBLIC_ bool cli_credentials_parse_file(struct cli_credentials *cred, const cha
* @retval NTSTATUS error detailing any failure
*/
_PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ldb_context *ldb,
const char *base,
@@ -305,13 +307,13 @@ _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
* (chewing CPU time) from the password */
keytab = ldb_msg_find_attr_as_string(msgs[0], "krb5Keytab", NULL);
if (keytab) {
- cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
+ cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED);
} else {
keytab = ldb_msg_find_attr_as_string(msgs[0], "privateKeytab", NULL);
if (keytab) {
keytab = talloc_asprintf(mem_ctx, "FILE:%s", private_path(mem_ctx, lp_ctx, keytab));
if (keytab) {
- cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
+ cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED);
}
}
}
@@ -336,7 +338,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
cred->machine_account_pending = false;
filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER,
cli_credentials_get_domain(cred));
- return cli_credentials_set_secrets(cred, lp_ctx, NULL,
+ return cli_credentials_set_secrets(cred, event_context_find(cred), lp_ctx, NULL,
SECRETS_PRIMARY_DOMAIN_DN,
filter);
}
@@ -348,6 +350,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
* @retval NTSTATUS error detailing any failure
*/
NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx)
{
char *filter;
@@ -358,7 +361,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
filter = talloc_asprintf(cred, SECRETS_KRBTGT_SEARCH,
cli_credentials_get_realm(cred),
cli_credentials_get_domain(cred));
- return cli_credentials_set_secrets(cred, lp_ctx, NULL,
+ return cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL,
SECRETS_PRINCIPALS_DN,
filter);
}
@@ -370,6 +373,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
* @retval NTSTATUS error detailing any failure
*/
_PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *serviceprincipal)
{
@@ -382,7 +386,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *c
cli_credentials_get_realm(cred),
cli_credentials_get_domain(cred),
serviceprincipal);
- return cli_credentials_set_secrets(cred, lp_ctx, NULL,
+ return cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL,
SECRETS_PRINCIPALS_DN, filter);
}
diff --git a/source/auth/credentials/credentials_krb5.c b/source/auth/credentials/credentials_krb5.c
index cd9285b..3bc1764 100644
--- a/source/auth/credentials/credentials_krb5.c
+++ b/source/auth/credentials/credentials_krb5.c
@@ -30,6 +30,7 @@
#include "param/param.h"
_PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct smb_krb5_context **smb_krb5_context)
{
@@ -39,8 +40,7 @@ _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
return 0;
}
- ret = smb_krb5_init_context(cred, cli_credentials_get_event_context(cred),
- lp_ctx, &cred->smb_krb5_context);
+ ret = smb_krb5_init_context(cred, event_ctx, lp_ctx, &cred->smb_krb5_context);
if (ret) {
cred->smb_krb5_context = NULL;
return ret;
@@ -128,6 +128,7 @@ static int free_dccache(struct ccache_container *ccc) {
}
_PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *name,
enum credentials_obtained obtained)
@@ -144,7 +145,7 @@ _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
return ENOMEM;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx,
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx,
&ccc->smb_krb5_context);
if (ret) {
talloc_free(ccc);
@@ -203,6 +204,7 @@ _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
static int cli_credentials_new_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ccache_container **_ccc)
{
@@ -221,7 +223,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
return ENOMEM;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx,
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx,
&ccc->smb_krb5_context);
if (ret) {
talloc_free(ccc);
@@ -253,6 +255,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
}
_PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ccache_container **ccc)
{
@@ -271,7 +274,7 @@ _PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred,
return EINVAL;
}
- ret = cli_credentials_new_ccache(cred, lp_ctx, ccc);
+ ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, ccc);
if (ret) {
return ret;
}
@@ -348,6 +351,7 @@ static int free_gssapi_creds(struct gssapi_creds_container *gcc)
}
_PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc)
{
@@ -360,7 +364,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
*_gcc = cred->client_gss_creds;
return 0;
}
- ret = cli_credentials_get_ccache(cred, lp_ctx,
+ ret = cli_credentials_get_ccache(cred, event_ctx, lp_ctx,
&ccache);
if (ret) {
DEBUG(1, ("Failed to get CCACHE for GSSAPI client: %s\n", error_message(ret)));
@@ -402,6 +406,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
*/
int cli_credentials_set_client_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
gss_cred_id_t gssapi_cred,
enum credentials_obtained obtained)
@@ -419,7 +424,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
return ENOMEM;
}
- ret = cli_credentials_new_ccache(cred, lp_ctx, &ccc);
+ ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, &ccc);
if (ret != 0) {
return ret;
}
@@ -456,6 +461,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
* it will be generated from the password.
*/
_PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct keytab_container **_ktc)
{
@@ -475,7 +481,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
return EINVAL;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx,
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx,
&smb_krb5_context);
if (ret) {
return ret;
@@ -510,6 +516,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
* FILE:/etc/krb5.keytab), open it and attach it */
_PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *keytab_name,
enum credentials_obtained obtained)
@@ -523,7 +530,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
return 0;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
if (ret) {
return ret;
}
@@ -549,6 +556,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
}
_PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx)
{
krb5_error_code ret;
@@ -562,7 +570,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
return ENOMEM;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
if (ret) {
talloc_free(mem_ctx);
return ret;
@@ -570,7 +578,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
enctype_strings = cli_credentials_get_enctype_strings(cred);
- ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
+ ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc);
if (ret != 0) {
talloc_free(mem_ctx);
return ret;
@@ -585,6 +593,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
/* Get server gss credentials (in gsskrb5, this means the keytab) */
_PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc)
{
@@ -603,12 +612,12 @@ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
return 0;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
if (ret) {
return ret;
}
- ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
+ ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc);
if (ret) {
DEBUG(1, ("Failed to get keytab for GSSAPI server: %s\n", error_message(ret)));
return ret;
diff --git a/source/auth/credentials/credentials_krb5.h b/source/auth/credentials/credentials_krb5.h
index aaa7d7f..f672b0a 100644
--- a/source/auth/credentials/credentials_krb5.h
+++ b/source/auth/credentials/credentials_krb5.h
@@ -32,6 +32,7 @@ struct gssapi_creds_container {
/* Manually prototyped here to avoid needing gss headers in most callers */
int cli_credentials_set_client_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
gss_cred_id_t gssapi_cred,
enum credentials_obtained obtained);
diff --git a/source/auth/gensec/gensec_gssapi.c b/source/auth/gensec/gensec_gssapi.c
index e7dcb4e..cc0d404 100644
--- a/source/auth/gensec/gensec_gssapi.c
+++ b/source/auth/gensec/gensec_gssapi.c
@@ -273,7 +273,9 @@ static NTSTATUS gensec_gssapi_server_start(struct gensec_security *gensec_securi
DEBUG(3, ("No machine account credentials specified\n"));
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
} else {
- ret = cli_credentials_get_server_gss_creds(machine_account, gensec_security->lp_ctx, &gcc);
+ ret = cli_credentials_get_server_gss_creds(machine_account,
+ gensec_security->event_ctx,
+ gensec_security->lp_ctx, &gcc);
if (ret) {
DEBUG(1, ("Aquiring acceptor credentials failed: %s\n",
error_message(ret)));
@@ -359,7 +361,9 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
return NT_STATUS_INVALID_PARAMETER;
}
- ret = cli_credentials_get_client_gss_creds(creds, gensec_security->lp_ctx, &gcc);
+ ret = cli_credentials_get_client_gss_creds(creds,
+ gensec_security->event_ctx,
+ gensec_security->lp_ctx, &gcc);
switch (ret) {
case 0:
break;
@@ -1323,7 +1327,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
} else if (!lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
- nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->lp_ctx, principal_string,
+ nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
&server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
@@ -1338,7 +1342,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
}
/* references the server_info into the session_info */
- nt_status = auth_generate_session_info(mem_ctx, gensec_security->lp_ctx, server_info, &session_info);
+ nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(mem_ctx);
return nt_status;
@@ -1361,12 +1365,12 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
return NT_STATUS_NO_MEMORY;
}
- cli_credentials_set_event_context(session_info->credentials, gensec_security->event_ctx);
cli_credentials_set_conf(session_info->credentials, gensec_security->lp_ctx);
/* Just so we don't segfault trying to get at a username */
cli_credentials_set_anonymous(session_info->credentials);
ret = cli_credentials_set_client_gss_creds(session_info->credentials,
+ gensec_security->event_ctx,
gensec_security->lp_ctx,
gensec_gssapi_state->delegated_cred_handle,
CRED_SPECIFIED);
diff --git a/source/auth/gensec/gensec_krb5.c b/source/auth/gensec/gensec_krb5.c
--
Samba Shared Repository
More information about the samba-cvs
mailing list