[SCM] Samba Shared Repository - branch master updated

Matthias Dieter Wallnöfer mdw at samba.org
Thu Jun 24 07:14:01 MDT 2010 

The branch, master has been updated
       via  8ad0161... Revert "s4:provision.ldif - fix the number of available RIDs"
       via  0f45536... s4:auth/gensec/gensec_gssapi.c - reorder constructor
      from  0be1820... s4-ldb: use CHECK_XSLTPROC_MANPAGES()

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 8ad01613f673a123304da889e6fed4909c619309
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Thu Jun 24 15:11:25 2010 +0200

    Revert "s4:provision.ldif - fix the number of available RIDs"
    
    This reverts commit 41cdcd54b7b7e3fb70fdb220e74a1daf30e1891a.
    
    As per request of metze revert this (cause written on the mailing list).

commit 0f455362797308ccef7976d81317d6175bc59ea5
Author: Matthias Dieter Wallnöfer <mdw at samba.org>
Date:   Thu Jun 24 11:05:41 2010 +0200

    s4:auth/gensec/gensec_gssapi.c - reorder constructor
    
    To have the same order as in the structure definition.

-----------------------------------------------------------------------

Summary of changes:
 source4/auth/gensec/gensec_gssapi.c |   68 +++++++++++++++++++---------------
 source4/setup/provision.ldif        |    2 +-
 2 files changed, 39 insertions(+), 31 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 4aaae6c..88fbcce 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -154,25 +154,19 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 	if (!gensec_gssapi_state) {
 		return NT_STATUS_NO_MEMORY;
 	}
-	
-	gensec_gssapi_state->gss_exchange_count = 0;
-	gensec_gssapi_state->max_wrap_buf_size
-		= gensec_setting_int(gensec_security->settings, "gensec_gssapi", "max wrap buf size", 65536);
-		
-	gensec_gssapi_state->sasl = false;
-	gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
 
 	gensec_security->private_data = gensec_gssapi_state;
 
 	gensec_gssapi_state->gssapi_context = GSS_C_NO_CONTEXT;
-	gensec_gssapi_state->server_name = GSS_C_NO_NAME;
-	gensec_gssapi_state->client_name = GSS_C_NO_NAME;
-	gensec_gssapi_state->lucid = NULL;
 
 	/* TODO: Fill in channel bindings */
 	gensec_gssapi_state->input_chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
+
+	gensec_gssapi_state->server_name = GSS_C_NO_NAME;
+	gensec_gssapi_state->client_name = GSS_C_NO_NAME;
 	
 	gensec_gssapi_state->want_flags = 0;
+
 	if (gensec_setting_bool(gensec_security->settings, "gensec_gssapi", "delegation_by_kdc_policy", true)) {
 		gensec_gssapi_state->want_flags |= GSS_C_DELEG_POLICY_FLAG;
 	}
@@ -189,16 +183,6 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 		gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG;
 	}
 
-	gensec_gssapi_state->got_flags = 0;
-
-	gensec_gssapi_state->session_key = data_blob(NULL, 0);
-	gensec_gssapi_state->pac = data_blob(NULL, 0);
-
-	gensec_gssapi_state->delegated_cred_handle = GSS_C_NO_CREDENTIAL;
-	gensec_gssapi_state->sig_size = 0;
-
-	talloc_set_destructor(gensec_gssapi_state, gensec_gssapi_destructor);
-
 	if (gensec_security->want_features & GENSEC_FEATURE_SIGN) {
 		gensec_gssapi_state->want_flags |= GSS_C_INTEG_FLAG;
 	}
@@ -209,6 +193,8 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 		gensec_gssapi_state->want_flags |= GSS_C_DCE_STYLE;
 	}
 
+	gensec_gssapi_state->got_flags = 0;
+
 	switch (gensec_security->ops->auth_type) {
 	case DCERPC_AUTH_TYPE_SPNEGO:
 		gensec_gssapi_state->gss_oid = gss_mech_spnego;
@@ -219,6 +205,38 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 		break;
 	}
 
+	gensec_gssapi_state->session_key = data_blob(NULL, 0);
+	gensec_gssapi_state->pac = data_blob(NULL, 0);
+
+	ret = smb_krb5_init_context(gensec_gssapi_state,
+				    gensec_security->event_ctx,
+				    gensec_security->settings->lp_ctx,
+				    &gensec_gssapi_state->smb_krb5_context);
+	if (ret) {
+		DEBUG(1,("gensec_krb5_start: krb5_init_context failed (%s)\n",
+			 error_message(ret)));
+		talloc_free(gensec_gssapi_state);
+		return NT_STATUS_INTERNAL_ERROR;
+	}
+
+	gensec_gssapi_state->client_cred = NULL;
+	gensec_gssapi_state->server_cred = NULL;
+
+	gensec_gssapi_state->lucid = NULL;
+
+	gensec_gssapi_state->delegated_cred_handle = GSS_C_NO_CREDENTIAL;
+
+	gensec_gssapi_state->sasl = false;
+	gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
+	gensec_gssapi_state->sasl_protection = 0;
+
+	gensec_gssapi_state->max_wrap_buf_size
+		= gensec_setting_int(gensec_security->settings, "gensec_gssapi", "max wrap buf size", 65536);
+	gensec_gssapi_state->gss_exchange_count = 0;
+	gensec_gssapi_state->sig_size = 0;
+
+	talloc_set_destructor(gensec_gssapi_state, gensec_gssapi_destructor);
+
 	send_to_kdc.func = smb_krb5_send_and_recv_func;
 	send_to_kdc.ptr = gensec_security->event_ctx;
 
@@ -247,16 +265,6 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
 		return NT_STATUS_INTERNAL_ERROR;
 	}
 
-	ret = smb_krb5_init_context(gensec_gssapi_state, 
-				    gensec_security->event_ctx,
-				    gensec_security->settings->lp_ctx,
-				    &gensec_gssapi_state->smb_krb5_context);
-	if (ret) {
-		DEBUG(1,("gensec_krb5_start: krb5_init_context failed (%s)\n",
-			 error_message(ret)));
-		talloc_free(gensec_gssapi_state);
-		return NT_STATUS_INTERNAL_ERROR;
-	}
 	return NT_STATUS_OK;
 }
 
diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif
index bfd3788..7ba3183 100644
--- a/source4/setup/provision.ldif
+++ b/source4/setup/provision.ldif
@@ -809,7 +809,7 @@ dn: CN=RID Manager$,CN=System,${DOMAINDN}
 objectClass: top
 objectClass: rIDManager
 systemFlags: -1946157056
-rIDAvailablePool: 1601-1073741823
+rIDAvailablePool: 1001-1073741823
 isCriticalSystemObject: TRUE
 
 dn: CN=RpcServices,CN=System,${DOMAINDN}


-- 
Samba Shared Repository

More information about the samba-cvs mailing list