[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha6-317-g1dc745e

Simo Sorce idra at samba.org
Sun Feb 1 18:08:02 GMT 2009


The branch, master has been updated
       via  1dc745ec895181af84998c1451ebffc7d3ba2081 (commit)
       via  10c907bcdb5856feb15bd6b096254ea5d112a8c9 (commit)
      from  c14b7e648bcfc4865da4b290e46977fff81d4500 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 1dc745ec895181af84998c1451ebffc7d3ba2081
Author: Simo Sorce <idra at samba.org>
Date:   Sun Feb 1 13:06:38 2009 -0500

    Make schannel not depend on samdb anymore.

commit 10c907bcdb5856feb15bd6b096254ea5d112a8c9
Author: Simo Sorce <idra at samba.org>
Date:   Sun Feb 1 13:06:13 2009 -0500

    Fix headers, only ldb.h is required

-----------------------------------------------------------------------

Summary of changes:
 lib/util/util_ldb.c                  |    2 -
 source4/auth/gensec/config.mk        |    2 +-
 source4/auth/gensec/schannel_state.c |   65 +++++++++++++++++++++++++++++++---
 3 files changed, 61 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/lib/util/util_ldb.c b/lib/util/util_ldb.c
index 70b1847..c11b687 100644
--- a/lib/util/util_ldb.c
+++ b/lib/util/util_ldb.c
@@ -21,9 +21,7 @@
 */
 
 #include "includes.h"
-#include "lib/events/events.h"
 #include "lib/ldb/include/ldb.h"
-#include "lib/ldb/include/ldb_errors.h"
 #include "../lib/util/util_ldb.h"
 /*
   search the sam for the specified attributes - va_list variant
diff --git a/source4/auth/gensec/config.mk b/source4/auth/gensec/config.mk
index 3c2fa51..3d13ce7 100644
--- a/source4/auth/gensec/config.mk
+++ b/source4/auth/gensec/config.mk
@@ -78,7 +78,7 @@ $(eval $(call proto_header_template,$(gensecsrcdir)/schannel_proto.h,$(gensec_sc
 ################################################
 # Start SUBSYSTEM SCHANNELDB
 [SUBSYSTEM::SCHANNELDB]
-PRIVATE_DEPENDENCIES = LDB_WRAP SAMDB
+PRIVATE_DEPENDENCIES = LDB_WRAP
 # End SUBSYSTEM SCHANNELDB
 ################################################
 
diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c
index d86b1f2..ca8537c 100644
--- a/source4/auth/gensec/schannel_state.c
+++ b/source4/auth/gensec/schannel_state.c
@@ -20,10 +20,8 @@
 */
 
 #include "includes.h"
-#include "lib/events/events.h"
 #include "lib/ldb/include/ldb.h"
-#include "lib/ldb/include/ldb_errors.h"
-#include "dsdb/samdb/samdb.h"
+#include "librpc/gen_ndr/ndr_security.h"
 #include "ldb_wrap.h"
 #include "../lib/util/util_ldb.h"
 #include "libcli/auth/libcli_auth.h"
@@ -31,6 +29,45 @@
 #include "param/param.h"
 #include "auth/gensec/schannel_state.h"
 
+static struct ldb_val *schannel_dom_sid_ldb_val(TALLOC_CTX *mem_ctx,
+						struct smb_iconv_convenience *smbiconv,
+						struct dom_sid *sid)
+{
+	enum ndr_err_code ndr_err;
+	struct ldb_val *v;
+
+	v = talloc(mem_ctx, struct ldb_val);
+	if (!v) return NULL;
+
+	ndr_err = ndr_push_struct_blob(v, mem_ctx, smbiconv, sid,
+				       (ndr_push_flags_fn_t)ndr_push_dom_sid);
+	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+		talloc_free(v);
+		return NULL;
+	}
+
+	return v;
+}
+
+static struct dom_sid *schannel_ldb_val_dom_sid(TALLOC_CTX *mem_ctx,
+						 const struct ldb_val *v)
+{
+	enum ndr_err_code ndr_err;
+	struct dom_sid *sid;
+
+	sid = talloc(mem_ctx, struct dom_sid);
+	if (!sid) return NULL;
+
+	ndr_err = ndr_pull_struct_blob(v, sid, NULL, sid,
+					(ndr_pull_flags_fn_t)ndr_pull_dom_sid);
+	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+		talloc_free(sid);
+		return NULL;
+	}
+	return sid;
+}
+
+
 /**
   connect to the schannel ldb
 */
@@ -77,6 +114,8 @@ NTSTATUS schannel_store_session_key_ldb(TALLOC_CTX *mem_ctx,
 {
 	struct ldb_message *msg;
 	struct ldb_val val, seed, client_state, server_state;
+	struct smb_iconv_convenience *smbiconv;
+	struct ldb_val *sid_val;
 	char *f;
 	char *sct;
 	int ret;
@@ -103,6 +142,12 @@ NTSTATUS schannel_store_session_key_ldb(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	smbiconv = lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm"));
+	sid_val = schannel_dom_sid_ldb_val(msg, smbiconv, creds->sid);
+	if (sid_val == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	val.data = creds->session_key;
 	val.length = sizeof(creds->session_key);
 
@@ -124,7 +169,7 @@ NTSTATUS schannel_store_session_key_ldb(TALLOC_CTX *mem_ctx,
 	ldb_msg_add_string(msg, "accountName", creds->account_name);
 	ldb_msg_add_string(msg, "computerName", creds->computer_name);
 	ldb_msg_add_string(msg, "flatname", creds->domain);
-	samdb_msg_add_dom_sid(ldb, mem_ctx, msg, "objectSid", creds->sid);
+	ldb_msg_add_value(msg, "objectSid", sid_val, NULL);
 
 	ldb_delete(ldb, msg->dn);
 
@@ -265,7 +310,17 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	(*creds)->sid = samdb_result_dom_sid(*creds, res->msgs[0], "objectSid");
+	val = ldb_msg_find_ldb_val(res->msgs[0], "objectSid");
+	if (val == NULL) {
+		DEBUG(1,("schannel: missing ObjectSid for client: %s\n", computer_name));
+		talloc_free(res);
+		return NT_STATUS_INTERNAL_ERROR;
+	}
+	(*creds)->sid = schannel_ldb_val_dom_sid(*creds, val);
+	if ((*creds)->sid == NULL) {
+		talloc_free(res);
+		return NT_STATUS_INTERNAL_ERROR;
+	}
 
 	talloc_free(res);
 	return NT_STATUS_OK;


-- 
Samba Shared Repository


More information about the samba-cvs mailing list