[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-3029-gfa1976e
Günther Deschner
gd at samba.org
Fri Jun 27 00:00:47 GMT 2008
The branch, v3-3-test has been updated
via fa1976e23a33bd3fab17c3f6ab5573ee1fdf9e31 (commit)
via 69d8442bf3248f97ad23def424901d7fa87bfe48 (commit)
from 5188f2861137ff06d5399561d55d7d00c3a08644 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit fa1976e23a33bd3fab17c3f6ab5573ee1fdf9e31
Author: Günther Deschner <gd at samba.org>
Date: Fri Jun 27 00:46:38 2008 +0200
net_vampire: use bool for last_query information in samsync.
Guenther
commit 69d8442bf3248f97ad23def424901d7fa87bfe48
Author: Günther Deschner <gd at samba.org>
Date: Thu Jun 26 21:48:41 2008 +0200
net_vampire: separate keytab code from samsync code.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/Makefile.in | 1 +
source/libnet/libnet.h | 1 +
source/libnet/libnet_keytab.c | 143 ++++++++++++++++++++
source/libnet/{libnet.h => libnet_keytab.h} | 28 +++-
source/libnet/libnet_proto.h | 9 ++
source/libnet/libnet_samsync.c | 3 +-
source/libnet/libnet_samsync.h | 10 +-
source/libnet/libnet_samsync_display.c | 7 +-
source/libnet/libnet_samsync_keytab.c | 191 ++++----------------------
source/libnet/libnet_samsync_ldif.c | 4 +-
source/libnet/libnet_samsync_passdb.c | 2 +-
11 files changed, 218 insertions(+), 181 deletions(-)
create mode 100644 source/libnet/libnet_keytab.c
copy source/libnet/{libnet.h => libnet_keytab.h} (62%)
Changeset truncated at 500 lines:
diff --git a/source/Makefile.in b/source/Makefile.in
index bb41aba..eafa7cc 100644
--- a/source/Makefile.in
+++ b/source/Makefile.in
@@ -893,6 +893,7 @@ SMBCONFTORT_OBJ = $(SMBCONFTORT_OBJ0) \
$(POPT_LIB_OBJ)
LIBNET_OBJ = libnet/libnet_join.o \
+ libnet/libnet_keytab.o \
libnet/libnet_samsync.o \
libnet/libnet_samsync_ldif.o \
libnet/libnet_samsync_passdb.o \
diff --git a/source/libnet/libnet.h b/source/libnet/libnet.h
index ca393c4..570009c 100644
--- a/source/libnet/libnet.h
+++ b/source/libnet/libnet.h
@@ -20,6 +20,7 @@
#ifndef __LIBNET_H__
#define __LIBNET_H__
+#include "libnet/libnet_keytab.h"
#include "libnet/libnet_samsync.h"
#include "libnet/libnet_dssync.h"
#include "librpc/gen_ndr/libnet_join.h"
diff --git a/source/libnet/libnet_keytab.c b/source/libnet/libnet_keytab.c
new file mode 100644
index 0000000..90595e7
--- /dev/null
+++ b/source/libnet/libnet_keytab.c
@@ -0,0 +1,143 @@
+/*
+ Unix SMB/CIFS implementation.
+ dump the remote SAM using rpc samsync operations
+
+ Copyright (C) Guenther Deschner 2008.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "libnet/libnet.h"
+
+#ifdef HAVE_KRB5
+
+/****************************************************************
+****************************************************************/
+
+static int keytab_close(struct libnet_keytab_context *ctx)
+{
+ if (!ctx) {
+ return 0;
+ }
+
+ if (ctx->keytab && ctx->context) {
+ krb5_kt_close(ctx->context, ctx->keytab);
+ }
+
+ if (ctx->context) {
+ krb5_free_context(ctx->context);
+ }
+
+ if (ctx->ads) {
+ ads_destroy(&ctx->ads);
+ }
+
+ TALLOC_FREE(ctx);
+
+ return 0;
+}
+
+/****************************************************************
+****************************************************************/
+
+krb5_error_code libnet_keytab_init(TALLOC_CTX *mem_ctx,
+ const char *keytab_name,
+ struct libnet_keytab_context **ctx)
+{
+ krb5_error_code ret = 0;
+ krb5_context context = NULL;
+ krb5_keytab keytab = NULL;
+ const char *keytab_string = NULL;
+
+ struct libnet_keytab_context *r;
+
+ r = TALLOC_ZERO_P(mem_ctx, struct libnet_keytab_context);
+ if (!r) {
+ return ENOMEM;
+ }
+
+ talloc_set_destructor(r, keytab_close);
+
+ initialize_krb5_error_table();
+ ret = krb5_init_context(&context);
+ if (ret) {
+ DEBUG(1,("keytab_init: could not krb5_init_context: %s\n",
+ error_message(ret)));
+ return ret;
+ }
+
+ ret = smb_krb5_open_keytab(context, keytab_name, true, &keytab);
+ if (ret) {
+ DEBUG(1,("keytab_init: smb_krb5_open_keytab failed (%s)\n",
+ error_message(ret)));
+ krb5_free_context(context);
+ return ret;
+ }
+
+ ret = smb_krb5_keytab_name(mem_ctx, context, keytab, &keytab_string);
+ if (ret) {
+ krb5_kt_close(context, keytab);
+ krb5_free_context(context);
+ return ret;
+ }
+
+ r->context = context;
+ r->keytab = keytab;
+ r->keytab_name = keytab_string;
+
+ *ctx = r;
+
+ return 0;
+}
+
+/****************************************************************
+****************************************************************/
+
+krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx)
+{
+#if defined(ENCTYPE_ARCFOUR_HMAC)
+ krb5_error_code ret = 0;
+ krb5_enctype enctypes[2] = { ENCTYPE_ARCFOUR_HMAC, 0 };
+ int i;
+
+ for (i=0; i<ctx->count; i++) {
+
+ struct libnet_keytab_entry *entry = &ctx->entries[i];
+ krb5_data password;
+
+ password.data = (char *)entry->password.data;
+ password.length = entry->password.length;
+
+ ret = smb_krb5_kt_add_entry(ctx->context,
+ ctx->keytab,
+ entry->kvno,
+ entry->principal,
+ enctypes,
+ password,
+ true);
+ if (ret) {
+ DEBUG(1,("libnet_keytab_add: "
+ "Failed to add entry to keytab file\n"));
+ return ret;
+ }
+ }
+
+ return ret;
+#else
+ return -1;
+#endif /* defined(ENCTYPE_ARCFOUR_HMAC) */
+}
+
+#endif /* HAVE_KRB5 */
diff --git a/source/libnet/libnet.h b/source/libnet/libnet_keytab.h
similarity index 62%
copy from source/libnet/libnet.h
copy to source/libnet/libnet_keytab.h
index ca393c4..30f2f8d 100644
--- a/source/libnet/libnet.h
+++ b/source/libnet/libnet_keytab.h
@@ -1,7 +1,7 @@
/*
* Unix SMB/CIFS implementation.
* libnet Support
- * Copyright (C) Guenther Deschner 2007
+ * Copyright (C) Guenther Deschner 2008
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -17,12 +17,24 @@
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef __LIBNET_H__
-#define __LIBNET_H__
+#ifdef HAVE_KRB5
-#include "libnet/libnet_samsync.h"
-#include "libnet/libnet_dssync.h"
-#include "librpc/gen_ndr/libnet_join.h"
-#include "libnet/libnet_proto.h"
+struct libnet_keytab_entry {
+ const char *name;
+ const char *principal;
+ DATA_BLOB password;
+ uint32_t kvno;
+};
-#endif
+struct libnet_keytab_context {
+ krb5_context context;
+ krb5_keytab keytab;
+ const char *keytab_name;
+ ADS_STRUCT *ads;
+ const char *dns_domain_name;
+ uint8_t zero_buf[16];
+ uint32_t count;
+ struct libnet_keytab_entry *entries;
+};
+
+#endif /* HAVE_KRB5 */
diff --git a/source/libnet/libnet_proto.h b/source/libnet/libnet_proto.h
index 720b52b..ddd730b 100644
--- a/source/libnet/libnet_proto.h
+++ b/source/libnet/libnet_proto.h
@@ -43,6 +43,15 @@ WERROR libnet_Unjoin(TALLOC_CTX *mem_ctx,
_PUBLIC_ void ndr_print_libnet_JoinCtx(struct ndr_print *ndr, const char *name, int flags, const struct libnet_JoinCtx *r);
_PUBLIC_ void ndr_print_libnet_UnjoinCtx(struct ndr_print *ndr, const char *name, int flags, const struct libnet_UnjoinCtx *r);
+/* The following definitions come from libnet/libnet_keytab.c */
+
+#ifdef HAVE_KRB5
+krb5_error_code libnet_keytab_init(TALLOC_CTX *mem_ctx,
+ const char *keytab_name,
+ struct libnet_keytab_context **ctx);
+krb5_error_code libnet_keytab_add(struct libnet_keytab_context *ctx);
+#endif
+
/* The following definitions come from libnet/libnet_samsync.c */
NTSTATUS libnet_samsync_init_context(TALLOC_CTX *mem_ctx,
diff --git a/source/libnet/libnet_samsync.c b/source/libnet/libnet_samsync.c
index dcf5f9c..4f2a8f9 100644
--- a/source/libnet/libnet_samsync.c
+++ b/source/libnet/libnet_samsync.c
@@ -336,7 +336,8 @@ NTSTATUS libnet_samsync(enum netr_SamDatabaseID database_id,
/* Process results */
callback_status = ctx->delta_fn(mem_ctx, database_id,
- delta_enum_array, result, ctx);
+ delta_enum_array,
+ NT_STATUS_IS_OK(result), ctx);
if (!NT_STATUS_IS_OK(callback_status)) {
result = callback_status;
goto out;
diff --git a/source/libnet/libnet_samsync.h b/source/libnet/libnet_samsync.h
index 8559043..1f10d2c 100644
--- a/source/libnet/libnet_samsync.h
+++ b/source/libnet/libnet_samsync.h
@@ -30,7 +30,7 @@ struct samsync_context;
typedef NTSTATUS (*samsync_delta_fn_t)(TALLOC_CTX *,
enum netr_SamDatabaseID,
struct netr_DELTA_ENUM_ARRAY *,
- NTSTATUS,
+ bool,
struct samsync_context *);
struct samsync_context {
@@ -54,20 +54,20 @@ struct samsync_context {
NTSTATUS fetch_sam_entries_ldif(TALLOC_CTX *mem_ctx,
enum netr_SamDatabaseID database_id,
struct netr_DELTA_ENUM_ARRAY *r,
- NTSTATUS result,
+ bool last_query,
struct samsync_context *ctx);
NTSTATUS fetch_sam_entries(TALLOC_CTX *mem_ctx,
enum netr_SamDatabaseID database_id,
struct netr_DELTA_ENUM_ARRAY *r,
- NTSTATUS status,
+ bool last_query,
struct samsync_context *ctx);
NTSTATUS display_sam_entries(TALLOC_CTX *mem_ctx,
enum netr_SamDatabaseID database_id,
struct netr_DELTA_ENUM_ARRAY *r,
- NTSTATUS status,
+ bool last_query,
struct samsync_context *ctx);
NTSTATUS fetch_sam_entries_keytab(TALLOC_CTX *mem_ctx,
enum netr_SamDatabaseID database_id,
struct netr_DELTA_ENUM_ARRAY *r,
- NTSTATUS status,
+ bool last_query,
struct samsync_context *ctx);
diff --git a/source/libnet/libnet_samsync_display.c b/source/libnet/libnet_samsync_display.c
index 6e9a692..6f7ae4e 100644
--- a/source/libnet/libnet_samsync_display.c
+++ b/source/libnet/libnet_samsync_display.c
@@ -164,7 +164,7 @@ static void display_rename_alias(uint32_t rid, struct netr_DELTA_RENAME *r)
static NTSTATUS display_sam_entry(TALLOC_CTX *mem_ctx,
enum netr_SamDatabaseID database_id,
struct netr_DELTA_ENUM *r,
- NTSTATUS status,
+ bool last_query,
struct samsync_context *ctx)
{
union netr_DELTA_UNION u = r->delta_union;
@@ -289,13 +289,14 @@ static NTSTATUS display_sam_entry(TALLOC_CTX *mem_ctx,
NTSTATUS display_sam_entries(TALLOC_CTX *mem_ctx,
enum netr_SamDatabaseID database_id,
struct netr_DELTA_ENUM_ARRAY *r,
- NTSTATUS status,
+ bool last_query,
struct samsync_context *ctx)
{
int i;
for (i = 0; i < r->num_deltas; i++) {
- display_sam_entry(mem_ctx, database_id, &r->delta_enum[i], status, ctx);
+ display_sam_entry(mem_ctx, database_id, &r->delta_enum[i],
+ last_query, ctx);
}
return NT_STATUS_OK;
diff --git a/source/libnet/libnet_samsync_keytab.c b/source/libnet/libnet_samsync_keytab.c
index 2208a71..d10bfd5 100644
--- a/source/libnet/libnet_samsync_keytab.c
+++ b/source/libnet/libnet_samsync_keytab.c
@@ -19,118 +19,18 @@
*/
#include "includes.h"
-#include "utils/net.h"
+#include "libnet/libnet.h"
#if defined(HAVE_ADS) && defined(ENCTYPE_ARCFOUR_HMAC)
/****************************************************************
****************************************************************/
-struct samsync_keytab_entry {
- const char *name;
- const char *principal;
- DATA_BLOB password;
- uint32_t kvno;
-};
-
-struct samsync_keytab_context {
- krb5_context context;
- krb5_keytab keytab;
- const char *keytab_name;
- ADS_STRUCT *ads;
- const char *dns_domain_name;
- uint8_t zero_buf[16];
- uint32_t count;
- struct samsync_keytab_entry *entries;
-};
-
-/****************************************************************
-****************************************************************/
-
-static int keytab_close(struct samsync_keytab_context *ctx)
-{
- if (!ctx) {
- return 0;
- }
-
- if (ctx->keytab && ctx->context) {
- krb5_kt_close(ctx->context, ctx->keytab);
- }
-
- if (ctx->context) {
- krb5_free_context(ctx->context);
- }
-
- if (ctx->ads) {
- ads_destroy(&ctx->ads);
- }
-
- TALLOC_FREE(ctx);
-
- return 0;
-}
-
-/****************************************************************
-****************************************************************/
-
-static krb5_error_code keytab_init(TALLOC_CTX *mem_ctx,
- const char *keytab_name,
- struct samsync_keytab_context **ctx)
-{
- krb5_error_code ret = 0;
- krb5_context context = NULL;
- krb5_keytab keytab = NULL;
- const char *keytab_string = NULL;
-
- struct samsync_keytab_context *r;
-
- r = TALLOC_ZERO_P(mem_ctx, struct samsync_keytab_context);
- if (!r) {
- return ENOMEM;
- }
-
- talloc_set_destructor(r, keytab_close);
-
- initialize_krb5_error_table();
- ret = krb5_init_context(&context);
- if (ret) {
- DEBUG(1,("keytab_init: could not krb5_init_context: %s\n",
- error_message(ret)));
- return ret;
- }
-
- ret = smb_krb5_open_keytab(context, keytab_name, true, &keytab);
- if (ret) {
- DEBUG(1,("keytab_init: smb_krb5_open_keytab failed (%s)\n",
- error_message(ret)));
- krb5_free_context(context);
- return ret;
- }
-
- ret = smb_krb5_keytab_name(mem_ctx, context, keytab, &keytab_string);
- if (ret) {
- krb5_kt_close(context, keytab);
- krb5_free_context(context);
- return ret;
- }
-
- r->context = context;
- r->keytab = keytab;
- r->keytab_name = keytab_string;
-
- *ctx = r;
-
- return 0;
-}
-
-/****************************************************************
-****************************************************************/
-
static NTSTATUS keytab_ad_connect(TALLOC_CTX *mem_ctx,
const char *domain_name,
const char *username,
const char *password,
- struct samsync_keytab_context *ctx)
+ struct libnet_keytab_context *ctx)
{
NTSTATUS status;
ADS_STATUS ad_status;
@@ -171,71 +71,35 @@ static NTSTATUS keytab_ad_connect(TALLOC_CTX *mem_ctx,
/****************************************************************
****************************************************************/
-static krb5_error_code keytab_add(struct samsync_keytab_context *ctx)
-{
- krb5_error_code ret = 0;
- krb5_enctype enctypes[2] = { ENCTYPE_ARCFOUR_HMAC, 0 };
- int i;
-
- for (i=0; i<ctx->count; i++) {
-
- struct samsync_keytab_entry *entry = &ctx->entries[i];
- krb5_data password;
- krb5_kvno kvno;
-
- kvno = ads_get_kvno(ctx->ads, entry->name);
-
- password.data = (char *)entry->password.data;
- password.length = entry->password.length;
-
- ret = smb_krb5_kt_add_entry(ctx->context,
- ctx->keytab,
- kvno,
- entry->principal,
- enctypes,
- password,
- true);
- if (ret) {
- DEBUG(1,("keytab_add: Failed to add entry to keytab file\n"));
- return ret;
- }
- }
-
- return ret;
-}
-
-/****************************************************************
-****************************************************************/
-
static NTSTATUS fetch_sam_entry_keytab(TALLOC_CTX *mem_ctx,
enum netr_SamDatabaseID database_id,
uint32_t rid,
struct netr_DELTA_USER *r,
- NTSTATUS status,
- struct samsync_keytab_context *ctx)
+ bool last_query,
+ struct libnet_keytab_context *ctx)
{
uchar nt_passwd[16];
- struct samsync_keytab_entry *entry;
+ struct libnet_keytab_entry entry;
--
Samba Shared Repository
More information about the samba-cvs
mailing list