[SCM] Samba Shared Repository - branch master updated - 7a0e5de08d487108c604b4bab8a2c8e689808d9f

Jelmer Vernooij jelmer at samba.org
Sun Nov 2 04:50:59 GMT 2008


The branch, master has been updated
       via  7a0e5de08d487108c604b4bab8a2c8e689808d9f (commit)
       via  c537f7a91449728bbffdda628877f72db2d4e96b (commit)
       via  29177203e5da4cb42e0c5bc2f2981d6cffbe042c (commit)
       via  1492513f7783c18e0a68d800dc0f6fae25a58e54 (commit)
       via  3ebc574be4049905c6f08d188fd3cdfdc4d3ba32 (commit)
       via  b034c519f53cffbac21c3db79ee24cdd8f1ce4a2 (commit)
       via  9265cb02d00843f43ba07d28093f959adf0738fe (commit)
       via  a76adc539788337a4a3aa77f7e6ef8f4defd3141 (commit)
       via  7a6190e9a7cc176ebd428c1e3edde1328ebca3e3 (commit)
       via  cb7d085ec34442db25e6c5a5d4b4547e0718fb92 (commit)
       via  dccf1b2c9f1b17f6ad12da11626110fcd86cd07e (commit)
       via  d9cbf2b0d9fdd1373ea0a0d021df3230637e21ac (commit)
       via  79423337125978f5b5eef341283ff2a9c891fc5c (commit)
       via  9293c59e25195b0d84b13a2a7adc1974adab98a6 (commit)
      from  334d590b5e769a7e893c59f06ebc5f44e76d13a6 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 7a0e5de08d487108c604b4bab8a2c8e689808d9f
Merge: c537f7a91449728bbffdda628877f72db2d4e96b 334d590b5e769a7e893c59f06ebc5f44e76d13a6
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 05:50:08 2008 +0100

    Merge branch 'master' of ssh://git.samba.org/data/git/samba

commit c537f7a91449728bbffdda628877f72db2d4e96b
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 05:49:36 2008 +0100

    Fix the build.

commit 29177203e5da4cb42e0c5bc2f2981d6cffbe042c
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 04:50:32 2008 +0100

    Rename class to "cls" since the first is a keyword name in C++. Thanks,
    Brad.

commit 1492513f7783c18e0a68d800dc0f6fae25a58e54
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 02:50:22 2008 +0100

    Fix build for make everything.

commit 3ebc574be4049905c6f08d188fd3cdfdc4d3ba32
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 02:30:21 2008 +0100

    Fix the build.

commit b034c519f53cffbac21c3db79ee24cdd8f1ce4a2
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 02:05:48 2008 +0100

    Add gensec_settings structure. This wraps loadparm_context for now, but
    should in the future only contain some settings required for gensec.

commit 9265cb02d00843f43ba07d28093f959adf0738fe
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 01:15:42 2008 +0100

    Use a separate global for nonblocking socket testing rather than global_loadparm.

commit a76adc539788337a4a3aa77f7e6ef8f4defd3141
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 01:03:46 2008 +0100

    Remove two debug parameters, not used anywhere.
    
    Andrew, I was pretty sure these could be removed but if not, please let
    me know.

commit 7a6190e9a7cc176ebd428c1e3edde1328ebca3e3
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 01:03:26 2008 +0100

    Remove another use of global_loadparm.

commit cb7d085ec34442db25e6c5a5d4b4547e0718fb92
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 00:35:04 2008 +0100

    Use global iconv convenience rather than global loadparm.

commit dccf1b2c9f1b17f6ad12da11626110fcd86cd07e
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sun Nov 2 00:26:04 2008 +0100

    Remove another use of global_loadparm.

commit d9cbf2b0d9fdd1373ea0a0d021df3230637e21ac
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sat Nov 1 23:26:36 2008 +0100

    Remove another use of global_loadparm.

commit 79423337125978f5b5eef341283ff2a9c891fc5c
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sat Nov 1 23:09:18 2008 +0100

    Remove another use of global_loadparm.

commit 9293c59e25195b0d84b13a2a7adc1974adab98a6
Author: Jelmer Vernooij <jelmer at samba.org>
Date:   Sat Nov 1 22:42:09 2008 +0100

    Move calls to lp_* higher up in the call stack.

-----------------------------------------------------------------------

Summary of changes:
 lib/util/debug.h                             |    2 +-
 pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm     |    9 ++++--
 source4/auth/gensec/gensec.c                 |   29 +++++++++++------
 source4/auth/gensec/gensec.h                 |   15 +++++++--
 source4/auth/gensec/gensec_gssapi.c          |   42 +++++++++++++-------------
 source4/auth/gensec/gensec_krb5.c            |   16 +++++-----
 source4/auth/gensec/schannel.c               |   10 +++---
 source4/auth/kerberos/krb5_init_context.c    |    8 +----
 source4/auth/ntlm/auth_server.c              |    2 +
 source4/auth/ntlmssp/ntlmssp_client.c        |   30 +++++++++---------
 source4/auth/ntlmssp/ntlmssp_server.c        |   26 ++++++++--------
 source4/auth/sam.c                           |    6 ++-
 source4/auth/system_session.c                |    1 +
 source4/client/cifsdd.c                      |    5 +++
 source4/client/cifsdd.h                      |    1 +
 source4/client/cifsddio.c                    |    8 ++++-
 source4/client/client.c                      |    6 +++-
 source4/kdc/kpasswdd.c                       |    4 ++-
 source4/ldap_server/ldap_bind.c              |    2 +-
 source4/lib/socket/socket.c                  |    2 +-
 source4/lib/socket/socket.h                  |    2 +
 source4/libcli/cliconnect.c                  |    6 +++-
 source4/libcli/ldap/ldap_bind.c              |    3 +-
 source4/libcli/libcli.h                      |    1 +
 source4/libcli/raw/clitree.c                 |    2 +
 source4/libcli/resolve/nbtlist.c             |    2 +-
 source4/libcli/smb2/connect.c                |   37 +++++++++++++++--------
 source4/libcli/smb2/session.c                |    5 +--
 source4/libcli/smb2/smb2_calls.h             |    1 +
 source4/libcli/smb_composite/connect.c       |    3 +-
 source4/libcli/smb_composite/fetchfile.c     |    1 +
 source4/libcli/smb_composite/fsinfo.c        |    1 +
 source4/libcli/smb_composite/sesssetup.c     |    2 +-
 source4/libcli/smb_composite/smb_composite.h |    4 ++
 source4/librpc/rpc/dcerpc.c                  |    8 +++--
 source4/librpc/rpc/dcerpc.h                  |   17 +++++++----
 source4/librpc/rpc/dcerpc_auth.c             |    8 ++--
 source4/librpc/rpc/dcerpc_connect.c          |   12 ++++++-
 source4/librpc/rpc/dcerpc_schannel.c         |    3 +-
 source4/librpc/rpc/dcerpc_secondary.c        |    3 ++
 source4/librpc/rpc/dcerpc_util.c             |   22 +++++++++----
 source4/ntvfs/cifs/vfs_cifs.c                |    1 +
 source4/ntvfs/smb2/vfs_smb2.c                |    8 ++++-
 source4/param/loadparm.c                     |   13 ++++++++
 source4/param/param.h                        |    3 +-
 source4/rpc_server/dcerpc_server.c           |    1 +
 source4/rpc_server/dcerpc_server.h           |    2 +
 source4/rpc_server/dcesrv_auth.c             |    4 ++-
 source4/rpc_server/remote/dcesrv_remote.c    |    3 +-
 source4/smb_server/smb/negprot.c             |    2 +-
 source4/smb_server/smb/sesssetup.c           |    2 +-
 source4/smb_server/smb2/negprot.c            |    2 +-
 source4/smb_server/smb2/sesssetup.c          |    2 +-
 source4/torture/auth/ntlmssp.c               |    5 ++-
 source4/torture/basic/misc.c                 |    1 +
 source4/torture/basic/secleak.c              |    3 +-
 source4/torture/gentest.c                    |    6 +++-
 source4/torture/locktest.c                   |    1 +
 source4/torture/masktest.c                   |    5 ++-
 source4/torture/raw/composite.c              |    1 +
 source4/torture/raw/context.c                |    9 ++++-
 source4/torture/raw/lock.c                   |    1 +
 source4/torture/raw/lockbench.c              |    1 +
 source4/torture/raw/openbench.c              |    1 +
 source4/torture/raw/oplock.c                 |    2 +-
 source4/torture/raw/tconrate.c               |    2 +-
 source4/torture/rpc/join.c                   |    2 +
 source4/torture/rpc/remote_pac.c             |    7 +++-
 source4/torture/rpc/samba3rpc.c              |   30 +++++++++++-------
 source4/torture/rpc/schannel.c               |    6 ++--
 source4/torture/rpc/spoolss_notify.c         |    6 ++-
 source4/torture/smb2/scan.c                  |   20 +++++++-----
 source4/torture/smb2/util.c                  |    8 ++++-
 source4/torture/unix/unix_info2.c            |    2 +-
 source4/torture/unix/whoami.c                |    2 +-
 source4/torture/util_smb.c                   |    1 +
 source4/utils/ntlm_auth.c                    |    6 ++-
 77 files changed, 352 insertions(+), 186 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/util/debug.h b/lib/util/debug.h
index 632c24f..a5962b0 100644
--- a/lib/util/debug.h
+++ b/lib/util/debug.h
@@ -83,7 +83,7 @@ enum debug_logtype {DEBUG_STDOUT = 0, DEBUG_FILE = 1, DEBUG_STDERR = 2};
 */
 _PUBLIC_ void dbghdr(int level, const char *location, const char *func);
 
-_PUBLIC_ void dbghdrclass(int level, int class, const char *location, const char *func);
+_PUBLIC_ void dbghdrclass(int level, int cls, const char *location, const char *func);
 
 /**
   reopen the log file (usually called because the log file name might have changed)
diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm
index e30102b..bb0c18e 100644
--- a/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Server.pm
@@ -120,7 +120,8 @@ static NTSTATUS $name\__op_ndr_pull(struct dcesrv_call_state *dce_call, TALLOC_C
         /* unravel the NDR for the packet */
 	ndr_err = ndr_table_$name.calls[opnum].ndr_pull(pull, NDR_IN, *r);
 	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
-		dcerpc_log_packet(&ndr_table_$name, opnum, NDR_IN,
+		dcerpc_log_packet(dce_call->conn->packet_log_dir, 
+				  &ndr_table_$name, opnum, NDR_IN,
 				  &dce_call->pkt.u.request.stub_and_verifier);
 		dce_call->fault_code = DCERPC_FAULT_NDR;
 		return NT_STATUS_NET_WRITE_FAULT;
@@ -144,7 +145,8 @@ pidl "
 	}
 
 	if (dce_call->fault_code != 0) {
-		dcerpc_log_packet(&ndr_table_$name, opnum, NDR_IN,
+		dcerpc_log_packet(dce_call->conn->packet_log_dir, 
+		          &ndr_table_$name, opnum, NDR_IN,
 				  &dce_call->pkt.u.request.stub_and_verifier);
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
@@ -167,7 +169,8 @@ pidl "
 	}
 
 	if (dce_call->fault_code != 0) {
-		dcerpc_log_packet(&ndr_table_$name, opnum, NDR_IN,
+		dcerpc_log_packet(dce_call->conn->packet_log_dir,
+		          &ndr_table_$name, opnum, NDR_IN,
 				  &dce_call->pkt.u.request.stub_and_verifier);
 		return NT_STATUS_NET_WRITE_FAULT;
 	}
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index 5d57383..20c88f8 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -477,7 +477,7 @@ const char **gensec_security_oids(struct gensec_security *gensec_security,
 */
 static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx, 
 			     struct event_context *ev,
-			     struct loadparm_context *lp_ctx,
+			     struct gensec_settings *settings,
 			     struct messaging_context *msg,
 			     struct gensec_security **gensec_security)
 {
@@ -501,7 +501,7 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
 
 	(*gensec_security)->event_ctx = ev;
 	(*gensec_security)->msg_ctx = msg;
-	(*gensec_security)->lp_ctx = lp_ctx;
+	(*gensec_security)->settings = talloc_reference(*gensec_security, settings);
 
 	return NT_STATUS_OK;
 }
@@ -529,7 +529,7 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
 	(*gensec_security)->want_features = parent->want_features;
 	(*gensec_security)->event_ctx = parent->event_ctx;
 	(*gensec_security)->msg_ctx = parent->msg_ctx;
-	(*gensec_security)->lp_ctx = parent->lp_ctx;
+	(*gensec_security)->settings = talloc_reference(*gensec_security, parent->settings);
 
 	return NT_STATUS_OK;
 }
@@ -543,11 +543,11 @@ _PUBLIC_ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
 _PUBLIC_ NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, 
 			     struct gensec_security **gensec_security,
 			     struct event_context *ev,
-			     struct loadparm_context *lp_ctx)
+			     struct gensec_settings *settings)
 {
 	NTSTATUS status;
 
-	status = gensec_start(mem_ctx, ev, lp_ctx, NULL, gensec_security);
+	status = gensec_start(mem_ctx, ev, settings, NULL, gensec_security);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
 	}
@@ -564,7 +564,7 @@ _PUBLIC_ NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx,
 */
 _PUBLIC_ NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx, 
 			     struct event_context *ev,
-			     struct loadparm_context *lp_ctx,
+			     struct gensec_settings *settings,
 			     struct messaging_context *msg,
 			     struct gensec_security **gensec_security)
 {
@@ -580,7 +580,7 @@ _PUBLIC_ NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_INTERNAL_ERROR;
 	}
 
-	status = gensec_start(mem_ctx, ev, lp_ctx, msg, gensec_security);
+	status = gensec_start(mem_ctx, ev, settings, msg, gensec_security);
 	if (!NT_STATUS_IS_OK(status)) {
 		return status;
 	}
@@ -1107,9 +1107,8 @@ _PUBLIC_ NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_secu
 _PUBLIC_ const char *gensec_get_target_hostname(struct gensec_security *gensec_security) 
 {
 	/* We allow the target hostname to be overriden for testing purposes */
-	const char *target_hostname = lp_parm_string(gensec_security->lp_ctx, NULL, "gensec", "target_hostname");
-	if (target_hostname) {
-		return target_hostname;
+	if (gensec_security->settings->target_hostname) {
+		return gensec_security->settings->target_hostname;
 	}
 
 	if (gensec_security->target.hostname) {
@@ -1255,6 +1254,16 @@ static int sort_gensec(struct gensec_security_ops **gs1, struct gensec_security_
 	return (*gs2)->priority - (*gs1)->priority;
 }
 
+int gensec_setting_int(struct gensec_settings *settings, const char *mechanism, const char *name, int default_value)
+{
+	return lp_parm_int(settings->lp_ctx, NULL, mechanism, name, default_value);
+}
+
+bool gensec_setting_bool(struct gensec_settings *settings, const char *mechanism, const char *name, bool default_value)
+{
+	return lp_parm_bool(settings->lp_ctx, NULL, mechanism, name, default_value);
+}
+
 /*
   initialise the GENSEC subsystem
 */
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index 0b31882..2a48317 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -64,6 +64,7 @@ enum gensec_role
 
 struct auth_session_info;
 struct cli_credentials;
+struct gensec_settings;
 
 struct gensec_update_request {
 	struct gensec_security *gensec_security;
@@ -77,6 +78,12 @@ struct gensec_update_request {
 	} callback;
 };
 
+struct gensec_settings {
+	struct loadparm_context *lp_ctx;
+	struct smb_iconv_convenience *iconv_convenience;
+	const char *target_hostname;
+};
+
 struct gensec_security_ops {
 	const char *name;
 	const char *sasl_name;
@@ -151,7 +158,6 @@ struct gensec_security_ops_wrapper {
 
 struct gensec_security {
 	const struct gensec_security_ops *ops;
-	struct loadparm_context *lp_ctx;
 	void *private_data;
 	struct cli_credentials *credentials;
 	struct gensec_target target;
@@ -161,6 +167,7 @@ struct gensec_security {
 	struct event_context *event_ctx;
 	struct messaging_context *msg_ctx; /* only valid as server */
 	struct socket_address *my_addr, *peer_addr;
+	struct gensec_settings *settings;
 };
 
 /* this structure is used by backends to determine the size of some critical types */
@@ -210,7 +217,7 @@ NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
 NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx, 
 			     struct gensec_security **gensec_security,
 			     struct event_context *ev,
-			     struct loadparm_context *lp_ctx);
+			     struct gensec_settings *settings);
 NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_security, 
 						 const char **sasl_names);
 NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx, 
@@ -262,7 +269,7 @@ NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
 const char *gensec_get_name_by_authtype(uint8_t authtype);
 NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx, 
 			     struct event_context *ev,
-			     struct loadparm_context *lp_ctx,
+			     struct gensec_settings *settings,
 			     struct messaging_context *msg,
 			     struct gensec_security **gensec_security);
 NTSTATUS gensec_session_info(struct gensec_security *gensec_security, 
@@ -295,5 +302,7 @@ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
 NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security, 
 					const char *sasl_name);
 
+int gensec_setting_int(struct gensec_settings *settings, const char *mechanism, const char *name, int default_value);
+bool gensec_setting_bool(struct gensec_settings *settings, const char *mechanism, const char *name, bool default_value);
 
 #endif /* __GENSEC_H__ */
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index e307dbb..dcfffef 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -154,7 +154,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 	
 	gensec_gssapi_state->gss_exchange_count = 0;
 	gensec_gssapi_state->max_wrap_buf_size
-		= lp_parm_int(gensec_security->lp_ctx, NULL, "gensec_gssapi", "max wrap buf size", 65536);
+		= gensec_setting_int(gensec_security->settings, "gensec_gssapi", "max wrap buf size", 65536);
 		
 	gensec_gssapi_state->sasl = false;
 	gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
@@ -170,16 +170,16 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 	gensec_gssapi_state->input_chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
 	
 	gensec_gssapi_state->want_flags = 0;
-	if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "mutual", true)) {
+	if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "mutual", true)) {
 		gensec_gssapi_state->want_flags |= GSS_C_MUTUAL_FLAG;
 	}
-	if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "delegation", true)) {
+	if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "delegation", true)) {
 		gensec_gssapi_state->want_flags |= GSS_C_DELEG_FLAG;
 	}
-	if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "replay", true)) {
+	if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "replay", true)) {
 		gensec_gssapi_state->want_flags |= GSS_C_REPLAY_FLAG;
 	}
-	if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "sequence", true)) {
+	if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "sequence", true)) {
 		gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG;
 	}
 
@@ -214,10 +214,10 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 		talloc_free(gensec_gssapi_state);
 		return NT_STATUS_INTERNAL_ERROR;
 	}
-	if (lp_realm(gensec_security->lp_ctx) && *lp_realm(gensec_security->lp_ctx)) {
-		char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(gensec_security->lp_ctx));
+	if (lp_realm(gensec_security->settings->lp_ctx) && *lp_realm(gensec_security->settings->lp_ctx)) {
+		char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(gensec_security->settings->lp_ctx));
 		if (!upper_realm) {
-			DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(gensec_security->lp_ctx)));
+			DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(gensec_security->settings->lp_ctx)));
 			talloc_free(gensec_gssapi_state);
 			return NT_STATUS_NO_MEMORY;
 		}
@@ -231,7 +231,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 	}
 
 	/* don't do DNS lookups of any kind, it might/will fail for a netbios name */
-	ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(gensec_security->lp_ctx, NULL, "krb5", "set_dns_canonicalize", false));
+	ret = gsskrb5_set_dns_canonicalize(gensec_setting_bool(gensec_security->settings, "krb5", "set_dns_canonicalize", false));
 	if (ret) {
 		DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n"));
 		talloc_free(gensec_gssapi_state);
@@ -240,7 +240,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 
 	ret = smb_krb5_init_context(gensec_gssapi_state, 
 				    gensec_security->event_ctx,
-				    gensec_security->lp_ctx,
+				    gensec_security->settings->lp_ctx,
 				    &gensec_gssapi_state->smb_krb5_context);
 	if (ret) {
 		DEBUG(1,("gensec_krb5_start: krb5_init_context failed (%s)\n",
@@ -274,7 +274,7 @@ static NTSTATUS gensec_gssapi_server_start(struct gensec_security *gensec_securi
 	} else {
 		ret = cli_credentials_get_server_gss_creds(machine_account, 
 							   gensec_security->event_ctx, 
-							   gensec_security->lp_ctx, &gcc);
+							   gensec_security->settings->lp_ctx, &gcc);
 		if (ret) {
 			DEBUG(1, ("Aquiring acceptor credentials failed: %s\n", 
 				  error_message(ret)));
@@ -336,7 +336,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 	gensec_gssapi_state->gss_oid = gss_mech_krb5;
 
 	principal = gensec_get_target_principal(gensec_security);
-	if (principal && lp_client_use_spnego_principal(gensec_security->lp_ctx)) {
+	if (principal && lp_client_use_spnego_principal(gensec_security->settings->lp_ctx)) {
 		name_type = GSS_C_NULL_OID;
 	} else {
 		principal = talloc_asprintf(gensec_gssapi_state, "%s@%s", 
@@ -362,7 +362,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 
 	ret = cli_credentials_get_client_gss_creds(creds, 
 						   gensec_security->event_ctx, 
-						   gensec_security->lp_ctx, &gcc);
+						   gensec_security->settings->lp_ctx, &gcc);
 	switch (ret) {
 	case 0:
 		break;
@@ -1142,10 +1142,10 @@ static bool gensec_gssapi_have_feature(struct gensec_security *gensec_security,
 			return false;
 		}
 
-		if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "force_new_spnego", false)) {
+		if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "force_new_spnego", false)) {
 			return true;
 		}
-		if (lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec_gssapi", "disable_new_spnego", false)) {
+		if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "disable_new_spnego", false)) {
 			return false;
 		}
 
@@ -1256,7 +1256,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 	 */
 	if (pac_blob.length) {
 		nt_status = kerberos_pac_blob_to_server_info(mem_ctx, 
-							     lp_iconv_convenience(gensec_security->lp_ctx),
+							     gensec_security->settings->iconv_convenience,
 							     pac_blob, 
 							     gensec_gssapi_state->smb_krb5_context->krb5_context,
 							     &server_info);
@@ -1290,11 +1290,11 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 			return NT_STATUS_NO_MEMORY;
 		}
 
-		if (!lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec", "require_pac", false)) {
+		if (!gensec_setting_bool(gensec_security->settings, "gensec", "require_pac", false)) {
 			DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
 				  gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
 			nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, 
-								  gensec_security->lp_ctx, principal_string,
+								  gensec_security->settings->lp_ctx, principal_string,
 								  &server_info);
 			
 			if (!NT_STATUS_IS_OK(nt_status)) {
@@ -1311,7 +1311,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 
 	/* references the server_info into the session_info */
 	nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, 
-					       gensec_security->lp_ctx, server_info, &session_info);
+					       gensec_security->settings->lp_ctx, server_info, &session_info);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		talloc_free(mem_ctx);
 		return nt_status;
@@ -1334,13 +1334,13 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 			return NT_STATUS_NO_MEMORY;
 		}
 
-		cli_credentials_set_conf(session_info->credentials, gensec_security->lp_ctx);
+		cli_credentials_set_conf(session_info->credentials, gensec_security->settings->lp_ctx);
 		/* Just so we don't segfault trying to get at a username */
 		cli_credentials_set_anonymous(session_info->credentials);
 		
 		ret = cli_credentials_set_client_gss_creds(session_info->credentials, 
 							   gensec_security->event_ctx,
-							   gensec_security->lp_ctx, 
+							   gensec_security->settings->lp_ctx, 
 							   gensec_gssapi_state->delegated_cred_handle,
 							   CRED_SPECIFIED);
 		if (ret) {
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 1f54043..1686736 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -120,7 +120,7 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
 
 	if (cli_credentials_get_krb5_context(creds, 
 					     gensec_security->event_ctx, 
-					     gensec_security->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
+					     gensec_security->settings->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
 		talloc_free(gensec_krb5_state);
 		return NT_STATUS_INTERNAL_ERROR;
 	}
@@ -252,7 +252,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
 
 	ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), 
 				         gensec_security->event_ctx, 
-					 gensec_security->lp_ctx, &ccache_container);
+					 gensec_security->settings->lp_ctx, &ccache_container);
 	switch (ret) {
 	case 0:
 		break;
@@ -267,7 +267,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
 	}
 	in_data.length = 0;
 	
-	if (principal && lp_client_use_spnego_principal(gensec_security->lp_ctx)) {
+	if (principal && lp_client_use_spnego_principal(gensec_security->settings->lp_ctx)) {
 		krb5_principal target_principal;
 		ret = krb5_parse_name(gensec_krb5_state->smb_krb5_context->krb5_context, principal,
 				      &target_principal);
@@ -452,7 +452,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
 		/* Grab the keytab, however generated */
 		ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), 
 					         gensec_security->event_ctx, 
-						 gensec_security->lp_ctx, &keytab);
+						 gensec_security->settings->lp_ctx, &keytab);
 		if (ret) {
 			return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
 		}
@@ -594,7 +594,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 						      KRB5_AUTHDATA_WIN2K_PAC, 
 						      &pac_data);
 	
-	if (ret && lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec", "require_pac", false)) {
+	if (ret && gensec_setting_bool(gensec_security->settings, "gensec", "require_pac", false)) {
 		DEBUG(1, ("Unable to find PAC in ticket from %s, failing to allow access: %s \n",
 			  principal_string,
 			  smb_get_krb5_error_message(context, 
@@ -607,7 +607,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 		DEBUG(5, ("krb5_ticket_get_authorization_data_type failed to find PAC: %s\n", 
 			  smb_get_krb5_error_message(context, 
 						     ret, mem_ctx)));
-		nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
+		nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->settings->lp_ctx, principal_string,
 							  &server_info);
 		krb5_free_principal(context, client_principal);
 		free(principal_string);
@@ -630,7 +630,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 
 		/* decode and verify the pac */
 		nt_status = kerberos_pac_logon_info(gensec_krb5_state, 
-						    lp_iconv_convenience(gensec_security->lp_ctx),
+						    gensec_security->settings->iconv_convenience,
 						    &logon_info, pac,
 						    gensec_krb5_state->smb_krb5_context->krb5_context,
 						    NULL, gensec_krb5_state->keyblock,
@@ -655,7 +655,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 	}
 
 	/* references the server_info into the session_info */
-	nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
+	nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->settings->lp_ctx, server_info, &session_info);
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		talloc_free(mem_ctx);
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index f21202b..e6d38c1 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -85,7 +85,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
 #endif
 		
 		ndr_err = ndr_push_struct_blob(out, out_mem_ctx, 
-					       lp_iconv_convenience(gensec_security->lp_ctx), &bind_schannel,
+					       gensec_security->settings->iconv_convenience, &bind_schannel,
 					       (ndr_push_flags_fn_t)ndr_push_schannel_bind);
 		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 			status = ndr_map_error2ntstatus(ndr_err);
@@ -106,7 +106,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
 		
 		/* parse the schannel startup blob */
 		ndr_err = ndr_pull_struct_blob(&in, out_mem_ctx,
-			lp_iconv_convenience(gensec_security->lp_ctx),
+			gensec_security->settings->iconv_convenience,
 			&bind_schannel, 
 			(ndr_pull_flags_fn_t)ndr_pull_schannel_bind);
 		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
@@ -126,7 +126,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
 		
 		/* pull the session key for this client */
 		status = schannel_fetch_session_key(out_mem_ctx, gensec_security->event_ctx, 
-						    gensec_security->lp_ctx, workstation, 
+						    gensec_security->settings->lp_ctx, workstation, 
 						    domain, &creds);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(3, ("Could not find session key for attempted schannel connection from %s: %s\n",
@@ -144,7 +144,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
 		bind_schannel_ack.unknown3 = 0x6c0000;
 		
 		ndr_err = ndr_push_struct_blob(out, out_mem_ctx, 
-					       lp_iconv_convenience(gensec_security->lp_ctx), &bind_schannel_ack,
+					       gensec_security->settings->iconv_convenience, &bind_schannel_ack,
 					       (ndr_push_flags_fn_t)ndr_push_schannel_bind_ack);
 		if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
 			status = ndr_map_error2ntstatus(ndr_err);
@@ -190,7 +190,7 @@ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security,
 					 struct auth_session_info **_session_info) 
 {
 	struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
-	return auth_anonymous_session_info(state, gensec_security->event_ctx, gensec_security->lp_ctx, _session_info);
+	return auth_anonymous_session_info(state, gensec_security->event_ctx, gensec_security->settings->lp_ctx, _session_info);
 }
 
 static NTSTATUS schannel_start(struct gensec_security *gensec_security)
diff --git a/source4/auth/kerberos/krb5_init_context.c b/source4/auth/kerberos/krb5_init_context.c
index 90b542c..06db904 100644
--- a/source4/auth/kerberos/krb5_init_context.c
+++ b/source4/auth/kerberos/krb5_init_context.c
@@ -250,14 +250,10 @@ krb5_error_code smb_krb5_send_and_recv_func(krb5_context context,
 		status = NT_STATUS_INVALID_PARAMETER;
 		switch (hi->proto) {
 		case KRB5_KRBHST_UDP:
-			if (lp_parm_bool(global_loadparm, NULL, "krb5", "udp", true)) {
-				status = socket_create(name, SOCKET_TYPE_DGRAM, &smb_krb5->sock, 0);
-			}
+			status = socket_create(name, SOCKET_TYPE_DGRAM, &smb_krb5->sock, 0);
 			break;
 		case KRB5_KRBHST_TCP:
-			if (lp_parm_bool(global_loadparm, NULL, "krb5", "tcp", true)) {


-- 
Samba Shared Repository


More information about the samba-cvs mailing list