[SCM] Samba Shared Repository - branch master updated

Andreas Schneider asn at samba.org
Fri Apr 9 11:48:01 UTC 2021 

The branch, master has been updated
       via  048e771665e s4:torture: Use cli_credentials_init_server()
       via  4b2e7da37a1 s4:rpc_server: Use cli_credentials_init_server()
       via  0ce0570d758 s4:ntvfs: Use cli_credentials_init_server()
       via  fb0dae0e064 s4:ntvfs: Use cli_credentials_init_server()
       via  eb7bfe2f3a3 s4:ldap_server: Use cli_credentials_init_server()
       via  d34445312d3 s3:auth: Use cli_credentials_init_server()
      from  c033fdf5996 pytests/dns_forwarder: remove unused import

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 048e771665e00bb54f135299e02fe7941886a172
Author: Andreas Schneider <asn at samba.org>
Date:   Tue Apr 6 15:22:20 2021 +0200

    s4:torture: Use cli_credentials_init_server()
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    
    Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
    Autobuild-Date(master): Fri Apr  9 11:48:00 UTC 2021 on sn-devel-184

commit 4b2e7da37a1892b0eac7d9c29954466d98e5d665
Author: Andreas Schneider <asn at samba.org>
Date:   Tue Apr 6 15:22:03 2021 +0200

    s4:rpc_server: Use cli_credentials_init_server()
    
    This also removes dcerpc_remote:domain option for the machine account case.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>

commit 0ce0570d7582ff8db980b76f5b8d6b8b5d50e4a4
Author: Andreas Schneider <asn at samba.org>
Date:   Tue Apr 6 15:21:38 2021 +0200

    s4:ntvfs: Use cli_credentials_init_server()
    
    This also removes cifs:domain option for the machine account case.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>

commit fb0dae0e064dcb63ed0afe6698f761cf3f7013ec
Author: Andreas Schneider <asn at samba.org>
Date:   Tue Apr 6 15:21:38 2021 +0200

    s4:ntvfs: Use cli_credentials_init_server()
    
    This also removes cifs:domain option for the machine account case.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>

commit eb7bfe2f3a3b663e23a517e3e66ac41c1cb36411
Author: Andreas Schneider <asn at samba.org>
Date:   Tue Apr 6 15:21:00 2021 +0200

    s4:ldap_server: Use cli_credentials_init_server()
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>

commit d34445312d3751a0649219140b03620f15068424
Author: Andreas Schneider <asn at samba.org>
Date:   Tue Apr 6 15:19:43 2021 +0200

    s3:auth: Use cli_credentials_init_server()
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/auth/auth_samba4.c                | 10 +---------
 source4/ldap_server/ldap_server.c         |  9 +--------
 source4/ntvfs/cifs/vfs_cifs.c             | 22 ++++++++--------------
 source4/rpc_server/remote/dcesrv_remote.c | 12 +++---------
 source4/torture/winbind/winbind.c         |  8 ++------
 5 files changed, 15 insertions(+), 46 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/auth_samba4.c b/source3/auth/auth_samba4.c
index 0a7c67be232..efe24cda19e 100644
--- a/source3/auth/auth_samba4.c
+++ b/source3/auth/auth_samba4.c
@@ -249,21 +249,13 @@ static NTSTATUS prepare_gensec(const struct auth_context *auth_context,
 	talloc_reparent(frame, msg_ctx, server_id);
 
 	server_credentials
-		= cli_credentials_init(frame);
+		= cli_credentials_init_server(frame, lp_ctx);
 	if (!server_credentials) {
 		DEBUG(1, ("Failed to init server credentials"));
 		TALLOC_FREE(frame);
 		return NT_STATUS_INVALID_SERVER_STATE;
 	}
 
-	cli_credentials_set_conf(server_credentials, lp_ctx);
-	status = cli_credentials_set_machine_account(server_credentials, lp_ctx);
-	if (!NT_STATUS_IS_OK(status)) {
-		DEBUG(10, ("Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status)));
-		TALLOC_FREE(frame);
-		return status;
-	}
-
 	status = samba_server_gensec_start(mem_ctx,
 					   event_ctx, msg_ctx,
 					   lp_ctx, server_credentials, "cifs",
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index 20442ecd9e5..ce4fd4f41d6 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -302,7 +302,6 @@ static void ldapsrv_accept(struct stream_connection *c,
 	struct ldapsrv_connection *conn;
 	struct cli_credentials *server_credentials;
 	struct socket_address *socket_address;
-	NTSTATUS status;
 	int port;
 	int ret;
 	struct tevent_req *subreq;
@@ -352,18 +351,12 @@ static void ldapsrv_accept(struct stream_connection *c,
 		conn->global_catalog = true;
 	}
 
-	server_credentials = cli_credentials_init(conn);
+	server_credentials = cli_credentials_init_server(conn, conn->lp_ctx);
 	if (!server_credentials) {
 		stream_terminate_connection(c, "Failed to init server credentials\n");
 		return;
 	}
 
-	cli_credentials_set_conf(server_credentials, conn->lp_ctx);
-	status = cli_credentials_set_machine_account(server_credentials, conn->lp_ctx);
-	if (!NT_STATUS_IS_OK(status)) {
-		stream_terminate_connection(c, talloc_asprintf(conn, "Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status)));
-		return;
-	}
 	conn->server_credentials = server_credentials;
 
 	conn->session_info = session_info;
diff --git a/source4/ntvfs/cifs/vfs_cifs.c b/source4/ntvfs/cifs/vfs_cifs.c
index 4e11568ea46..121ff57f22b 100644
--- a/source4/ntvfs/cifs/vfs_cifs.c
+++ b/source4/ntvfs/cifs/vfs_cifs.c
@@ -228,13 +228,10 @@ static NTSTATUS cvfs_connect(struct ntvfs_module_context *ntvfs,
 		cli_credentials_set_password(credentials, pass, CRED_SPECIFIED);
 	} else if (machine_account) {
 		DEBUG(5, ("CIFS backend: Using machine account\n"));
-		credentials = cli_credentials_init(p);
-		cli_credentials_set_conf(credentials, ntvfs->ctx->lp_ctx);
-		if (domain) {
-			cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
-		}
-		status = cli_credentials_set_machine_account(credentials, ntvfs->ctx->lp_ctx);
-		if (!NT_STATUS_IS_OK(status)) {
+		credentials = cli_credentials_init_server(p,
+							  ntvfs->ctx->lp_ctx);
+		if (credentials == NULL) {
+			status = NT_STATUS_NO_MEMORY;
 			goto out;
 		}
 	} else if (req->session_info->credentials) {
@@ -259,13 +256,10 @@ static NTSTATUS cvfs_connect(struct ntvfs_module_context *ntvfs,
 
 		DEBUG(5, ("CIFS backend: Using S4U2Proxy credentials\n"));
 
-		credentials = cli_credentials_init(p);
-		cli_credentials_set_conf(credentials, ntvfs->ctx->lp_ctx);
-		if (domain) {
-			cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
-		}
-		status = cli_credentials_set_machine_account(credentials, ntvfs->ctx->lp_ctx);
-		if (!NT_STATUS_IS_OK(status)) {
+		credentials = cli_credentials_init_server(p,
+							  ntvfs->ctx->lp_ctx);
+		if (credentials == NULL) {
+			status = NT_STATUS_NO_MEMORY;
 			goto out;
 		}
 		cli_credentials_invalidate_ccache(credentials, CRED_SPECIFIED);
diff --git a/source4/rpc_server/remote/dcesrv_remote.c b/source4/rpc_server/remote/dcesrv_remote.c
index 825c4cd9bd2..7a362d6b3af 100644
--- a/source4/rpc_server/remote/dcesrv_remote.c
+++ b/source4/rpc_server/remote/dcesrv_remote.c
@@ -134,19 +134,13 @@ static NTSTATUS remote_get_private(struct dcesrv_call_state *dce_call,
 		cli_credentials_set_password(credentials, pass, CRED_SPECIFIED);
 	} else if (machine_account) {
 		DEBUG(5, ("dcerpc_remote: RPC Proxy: Using machine account\n"));
-		credentials = cli_credentials_init(priv);
+		credentials = cli_credentials_init_server(
+				priv,
+				dce_call->conn->dce_ctx->lp_ctx);
 		if (!credentials) {
 			return NT_STATUS_NO_MEMORY;
 		}
 		must_free_credentials = true;
-		cli_credentials_set_conf(credentials, dce_call->conn->dce_ctx->lp_ctx);
-		if (domain) {
-			cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
-		}
-		status = cli_credentials_set_machine_account(credentials, dce_call->conn->dce_ctx->lp_ctx);
-		if (!NT_STATUS_IS_OK(status)) {
-			return status;
-		}
 	} else if (credentials != NULL) {
 		DEBUG(5, ("dcerpc_remote: RPC Proxy: Using delegated credentials\n"));
 	} else if (allow_anonymous) {
diff --git a/source4/torture/winbind/winbind.c b/source4/torture/winbind/winbind.c
index 9404f197161..b21dc5b0ef9 100644
--- a/source4/torture/winbind/winbind.c
+++ b/source4/torture/winbind/winbind.c
@@ -194,14 +194,10 @@ static bool torture_winbind_pac(struct torture_context *tctx,
 	TALLOC_CTX *tmp_ctx = talloc_new(tctx);
 	torture_assert(tctx, tmp_ctx != NULL, "talloc_new() failed");
 
-	machine_credentials = cli_credentials_init(tmp_ctx);
+	machine_credentials = cli_credentials_init_server(tmp_ctx,
+							  tctx->lp_ctx);
 	torture_assert(tctx, machine_credentials != NULL, "cli_credentials_init() failed");
 
-	cli_credentials_set_conf(machine_credentials, tctx->lp_ctx);
-
-	status = cli_credentials_set_machine_account(machine_credentials, tctx->lp_ctx);
-	torture_assert_ntstatus_ok(tctx, status, " cli_credentials_set_machine_account() (for server) failed");
-	
 	auth_context = talloc_zero(tmp_ctx, struct auth4_context);
 	torture_assert(tctx, auth_context != NULL, "talloc_new() failed");
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list