[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Dec 16 21:36:02 UTC 2022
The branch, master has been updated
via 07617a344e1 s4-auth: fix sam test binary ntstatus include path
via f7cc00f7308 s3-librpc: use nbt_server_type in ads.idl
via 39e8489dfc5 s3-librpc: add ads.idl and convert ads_struct to talloc.
from 89828c64c9a libsmb: Simplify clistr_is_previous_version_path()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 07617a344e1a6864401ace0b42083985131c480f
Author: Günther Deschner <gd at samba.org>
Date: Wed Nov 9 16:21:16 2022 +0100
s4-auth: fix sam test binary ntstatus include path
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Dec 16 21:35:45 UTC 2022 on sn-devel-184
commit f7cc00f7308a1476579151778ad4254c9debbab2
Author: Günther Deschner <gd at samba.org>
Date: Thu Aug 18 16:35:29 2016 +0200
s3-librpc: use nbt_server_type in ads.idl
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 39e8489dfc51b2293afa13d58b167819b46918dc
Author: Günther Deschner <gd at samba.org>
Date: Wed Aug 17 11:58:02 2016 +0200
s3-librpc: add ads.idl and convert ads_struct to talloc.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/param/loadparm.h | 11 --
lib/param/param_table.c | 1 +
libgpo/pygpo.c | 6 +-
source3/include/ads.h | 90 +-------------
source3/lib/netapi/joindomain.c | 4 +-
source3/libads/ads_proto.h | 5 -
source3/libads/ldap.c | 17 +--
source3/libads/ndr.c | 97 ---------------
source3/libads/sasl_wrapping.c | 4 +-
source3/libnet/libnet_join.c | 10 +-
source3/librpc/idl/ads.idl | 130 +++++++++++++++++++++
source3/librpc/idl/libnet_join.idl | 5 +-
source3/librpc/idl/wscript_build | 9 ++
.../ndr/ndr_rap.c => source3/librpc/ndr/ndr_ads.c | 14 ++-
source3/librpc/wscript_build | 7 +-
source3/param/loadparm.c | 1 +
source3/printing/nt_printing_ads.c | 6 +-
source3/utils/net_ads.c | 6 +-
source3/winbindd/idmap_ad.c | 1 +
source3/winbindd/winbindd_ads.c | 4 +-
source3/wscript_build | 2 +-
source4/auth/tests/sam.c | 2 +-
source4/libcli/ldap/ldap_bind.c | 1 +
source4/librpc/wscript_build | 1 +
24 files changed, 197 insertions(+), 237 deletions(-)
delete mode 100644 source3/libads/ndr.c
create mode 100644 source3/librpc/idl/ads.idl
copy librpc/ndr/ndr_rap.c => source3/librpc/ndr/ndr_ads.c (64%)
Changeset truncated at 500 lines:
diff --git a/lib/param/loadparm.h b/lib/param/loadparm.h
index b1641ba88d2..98263f0e62b 100644
--- a/lib/param/loadparm.h
+++ b/lib/param/loadparm.h
@@ -203,17 +203,6 @@ enum printing_types {PRINT_BSD,PRINT_SYSV,PRINT_AIX,PRINT_HPUX,
-/* ads auth control flags */
-#define ADS_AUTH_DISABLE_KERBEROS 0x0001
-#define ADS_AUTH_NO_BIND 0x0002
-#define ADS_AUTH_ANON_BIND 0x0004
-#define ADS_AUTH_SIMPLE_BIND 0x0008
-#define ADS_AUTH_ALLOW_NTLMSSP 0x0010
-#define ADS_AUTH_SASL_SIGN 0x0020
-#define ADS_AUTH_SASL_SEAL 0x0040
-#define ADS_AUTH_SASL_FORCE 0x0080
-#define ADS_AUTH_USER_CREDS 0x0100
-
enum ldap_server_require_strong_auth {
LDAP_SERVER_REQUIRE_STRONG_AUTH_NO,
LDAP_SERVER_REQUIRE_STRONG_AUTH_ALLOW_SASL_OVER_TLS,
diff --git a/lib/param/param_table.c b/lib/param/param_table.c
index 3ffa4bcc411..cd6e3403a4c 100644
--- a/lib/param/param_table.c
+++ b/lib/param/param_table.c
@@ -36,6 +36,7 @@
#include "libds/common/roles.h"
#include "source4/lib/tls/tls.h"
#include "auth/credentials/credentials.h"
+#include "source3/librpc/gen_ndr/ads.h"
#ifndef N_
#define N_(x) x
diff --git a/libgpo/pygpo.c b/libgpo/pygpo.c
index 485c96f4f2d..3070e0a6394 100644
--- a/libgpo/pygpo.c
+++ b/libgpo/pygpo.c
@@ -229,9 +229,9 @@ static PyObject* py_ads_connect(ADS *self,
PyErr_SetString(PyExc_RuntimeError, "Uninitialized");
return NULL;
}
- TALLOC_FREE(self->ads_ptr->auth.user_name);
- TALLOC_FREE(self->ads_ptr->auth.password);
- TALLOC_FREE(self->ads_ptr->auth.realm);
+ ADS_TALLOC_CONST_FREE(self->ads_ptr->auth.user_name);
+ ADS_TALLOC_CONST_FREE(self->ads_ptr->auth.password);
+ ADS_TALLOC_CONST_FREE(self->ads_ptr->auth.realm);
if (self->cli_creds) {
self->ads_ptr->auth.user_name = talloc_strdup(self->ads_ptr,
cli_credentials_get_username(self->cli_creds));
diff --git a/source3/include/ads.h b/source3/include/ads.h
index 808554310a4..6c9e57b9ed0 100644
--- a/source3/include/ads.h
+++ b/source3/include/ads.h
@@ -8,6 +8,7 @@
#include "libads/ads_status.h"
#include "smb_ldap.h"
+#include "librpc/gen_ndr/ads.h"
struct ads_saslwrap;
@@ -18,92 +19,7 @@ struct ads_saslwrap_ops {
void (*disconnect)(struct ads_saslwrap *);
};
-enum ads_saslwrap_type {
- ADS_SASLWRAP_TYPE_PLAIN = 1,
- ADS_SASLWRAP_TYPE_SIGN = 2,
- ADS_SASLWRAP_TYPE_SEAL = 4
-};
-
-struct ads_saslwrap {
- /* expected SASL wrapping type */
- enum ads_saslwrap_type wrap_type;
- /* SASL wrapping operations */
- const struct ads_saslwrap_ops *wrap_ops;
-#ifdef HAVE_LDAP_SASL_WRAPPING
- Sockbuf_IO_Desc *sbiod; /* lowlevel state for LDAP wrapping */
-#endif /* HAVE_LDAP_SASL_WRAPPING */
- TALLOC_CTX *mem_ctx;
- void *wrap_private_data;
- struct {
- uint32_t ofs;
- uint32_t needed;
- uint32_t left;
-#define ADS_SASL_WRAPPING_IN_MAX_WRAPPED 0x0FFFFFFF
- uint32_t max_wrapped;
- uint32_t min_wrapped;
- uint32_t size;
- uint8_t *buf;
- } in;
- struct {
- uint32_t ofs;
- uint32_t left;
-#define ADS_SASL_WRAPPING_OUT_MAX_WRAPPED 0x00A00000
- uint32_t max_unwrapped;
- uint32_t sig_size;
- uint32_t size;
- uint8_t *buf;
- } out;
-};
-
-typedef struct ads_struct {
- /* info needed to find the server */
- struct {
- char *realm;
- char *workgroup;
- char *ldap_server;
- bool gc; /* Is this a global catalog server? */
- bool no_fallback; /* Bail if the ldap_server is not available */
- } server;
-
- /* info needed to authenticate */
- struct {
- char *realm;
- char *password;
- char *user_name;
- char *kdc_server;
- unsigned flags;
- int time_offset;
- char *ccache_name;
- time_t tgt_expire;
- time_t tgs_expire;
- time_t renewable;
- } auth;
-
- /* info derived from the servers config */
- struct {
- uint32_t flags; /* cldap flags identifying the services. */
- char *realm;
- char *bind_path;
- char *ldap_server_name;
- char *server_site_name;
- char *client_site_name;
- time_t current_time;
- char *schema_path;
- char *config_path;
- int ldap_page_size;
- } config;
-
- /* info about the current LDAP connection */
-#ifdef HAVE_LDAP
- struct ads_saslwrap ldap_wrap_data;
- struct {
- LDAP *ld;
- struct sockaddr_storage ss; /* the ip of the active connection, if any */
- time_t last_attempt; /* last attempt to reconnect, monotonic clock */
- int port;
- } ldap;
-#endif /* HAVE_LDAP */
-} ADS_STRUCT;
+typedef struct ads_struct ADS_STRUCT;
#ifdef HAVE_ADS
typedef LDAPMod **ADS_MODLIST;
@@ -151,4 +67,6 @@ typedef struct {
#include "libads/kerberos_proto.h"
+#define ADS_TALLOC_CONST_FREE(PTR) do { talloc_free(discard_const(PTR)); PTR = NULL; } while (0);
+
#endif /* _INCLUDE_ADS_H_ */
diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c
index ced16031d44..a2c66877b0c 100644
--- a/source3/lib/netapi/joindomain.c
+++ b/source3/lib/netapi/joindomain.c
@@ -434,7 +434,7 @@ WERROR NetGetJoinableOUs_l(struct libnetapi_ctx *ctx,
goto out;
}
- TALLOC_FREE(ads->auth.user_name);
+ ADS_TALLOC_CONST_FREE(ads->auth.user_name);
if (r->in.account) {
ads->auth.user_name = talloc_strdup(ads, r->in.account);
if (ads->auth.user_name == NULL) {
@@ -454,7 +454,7 @@ WERROR NetGetJoinableOUs_l(struct libnetapi_ctx *ctx,
}
}
- TALLOC_FREE(ads->auth.password);
+ ADS_TALLOC_CONST_FREE(ads->auth.password);
if (r->in.password) {
ads->auth.password = talloc_strdup(ads, r->in.password);
if (ads->auth.password == NULL) {
diff --git a/source3/libads/ads_proto.h b/source3/libads/ads_proto.h
index 76396aabc34..ceefcd6d807 100644
--- a/source3/libads/ads_proto.h
+++ b/source3/libads/ads_proto.h
@@ -199,11 +199,6 @@ ADS_STATUS ads_ranged_search(ADS_STRUCT *ads,
char ***strings,
size_t *num_strings);
-/* The following definitions come from libads/ndr.c */
-
-struct ndr_print;
-void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct ads_struct *r);
-
/* The following definitions come from libads/sasl.c */
ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads);
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index da5a924cde0..a01b1193013 100755
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -33,6 +33,7 @@
#include "../librpc/gen_ndr/netlogon.h"
#include "lib/param/loadparm.h"
#include "libsmb/namequery.h"
+#include "../librpc/gen_ndr/ndr_ads.h"
#ifdef HAVE_LDAP
@@ -259,6 +260,7 @@ static bool ads_fill_cldap_reply(ADS_STRUCT *ads,
bool ret = false;
char addr[INET6_ADDRSTRLEN];
ADS_STATUS status;
+ char *dn;
print_sockaddr(addr, sizeof(addr), ss);
@@ -273,12 +275,12 @@ static bool ads_fill_cldap_reply(ADS_STRUCT *ads,
/* Fill in the ads->config values */
- TALLOC_FREE(ads->config.realm);
- TALLOC_FREE(ads->config.bind_path);
- TALLOC_FREE(ads->config.ldap_server_name);
- TALLOC_FREE(ads->config.server_site_name);
- TALLOC_FREE(ads->config.client_site_name);
- TALLOC_FREE(ads->server.workgroup);
+ ADS_TALLOC_CONST_FREE(ads->config.realm);
+ ADS_TALLOC_CONST_FREE(ads->config.bind_path);
+ ADS_TALLOC_CONST_FREE(ads->config.ldap_server_name);
+ ADS_TALLOC_CONST_FREE(ads->config.server_site_name);
+ ADS_TALLOC_CONST_FREE(ads->config.client_site_name);
+ ADS_TALLOC_CONST_FREE(ads->server.workgroup);
if (!check_cldap_reply_required_flags(cldap_reply->server_type,
ads->config.flags)) {
@@ -303,13 +305,14 @@ static bool ads_fill_cldap_reply(ADS_STRUCT *ads,
goto out;
}
- status = ads_build_dn(ads->config.realm, ads, &ads->config.bind_path);
+ status = ads_build_dn(ads->config.realm, ads, &dn);
if (!ADS_ERR_OK(status)) {
DBG_DEBUG("Failed to build bind path: %s\n",
ads_errstr(status));
ret = false;
goto out;
}
+ ads->config.bind_path = dn;
if (*cldap_reply->server_site) {
ads->config.server_site_name =
diff --git a/source3/libads/ndr.c b/source3/libads/ndr.c
deleted file mode 100644
index 4c454443e2c..00000000000
--- a/source3/libads/ndr.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- Unix SMB/CIFS implementation.
-
- debug print helpers
-
- Copyright (C) Guenther Deschner 2008
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "ads.h"
-#include "../librpc/gen_ndr/ndr_netlogon.h"
-#include "../librpc/ndr/libndr.h"
-#include "lib/param/loadparm.h"
-
-static void ndr_print_ads_auth_flags(struct ndr_print *ndr, const char *name, uint32_t r)
-{
- ndr_print_uint32(ndr, name, r);
- ndr->depth++;
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_DISABLE_KERBEROS", ADS_AUTH_DISABLE_KERBEROS, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_NO_BIND", ADS_AUTH_NO_BIND, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_ANON_BIND", ADS_AUTH_ANON_BIND, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_SIMPLE_BIND", ADS_AUTH_SIMPLE_BIND, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_ALLOW_NTLMSSP", ADS_AUTH_ALLOW_NTLMSSP, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_SASL_SIGN", ADS_AUTH_SASL_SIGN, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_SASL_SEAL", ADS_AUTH_SASL_SEAL, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_SASL_FORCE", ADS_AUTH_SASL_FORCE, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_USER_CREDS", ADS_AUTH_USER_CREDS, r);
- ndr->depth--;
-}
-
-void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct ads_struct *r)
-{
- ndr_print_struct(ndr, name, "ads_struct");
- ndr->depth++;
- ndr_print_struct(ndr, name, "server");
- ndr->depth++;
- ndr_print_string(ndr, "realm", r->server.realm);
- ndr_print_string(ndr, "workgroup", r->server.workgroup);
- ndr_print_string(ndr, "ldap_server", r->server.ldap_server);
- ndr_print_bool(ndr, "gc", r->server.gc);
- ndr_print_bool(ndr, "no_fallback", r->server.no_fallback);
- ndr->depth--;
- ndr_print_struct(ndr, name, "auth");
- ndr->depth++;
- ndr_print_string(ndr, "realm", r->auth.realm);
-#ifdef DEBUG_PASSWORD
- ndr_print_string(ndr, "password", r->auth.password);
-#else
- ndr_print_string(ndr, "password", "(PASSWORD omitted)");
-#endif
- ndr_print_string(ndr, "user_name", r->auth.user_name);
- ndr_print_string(ndr, "kdc_server", r->auth.kdc_server);
- ndr_print_ads_auth_flags(ndr, "flags", r->auth.flags);
- ndr_print_uint32(ndr, "time_offset", r->auth.time_offset);
- ndr_print_string(ndr, "ccache_name", r->auth.ccache_name);
- ndr_print_time_t(ndr, "tgt_expire", r->auth.tgt_expire);
- ndr_print_time_t(ndr, "tgs_expire", r->auth.tgs_expire);
- ndr_print_time_t(ndr, "renewable", r->auth.renewable);
- ndr->depth--;
- ndr_print_struct(ndr, name, "config");
- ndr->depth++;
- ndr_print_netr_DsR_DcFlags(ndr, "flags", r->config.flags);
- ndr_print_string(ndr, "realm", r->config.realm);
- ndr_print_string(ndr, "bind_path", r->config.bind_path);
- ndr_print_string(ndr, "ldap_server_name", r->config.ldap_server_name);
- ndr_print_string(ndr, "server_site_name", r->config.server_site_name);
- ndr_print_string(ndr, "client_site_name", r->config.client_site_name);
- ndr_print_time_t(ndr, "current_time", r->config.current_time);
- ndr_print_string(ndr, "schema_path", r->config.schema_path);
- ndr_print_string(ndr, "config_path", r->config.config_path);
- ndr->depth--;
-#ifdef HAVE_LDAP
- ndr_print_struct(ndr, name, "ldap");
- ndr->depth++;
- ndr_print_ptr(ndr, "ld", r->ldap.ld);
- ndr_print_sockaddr_storage(ndr, "ss", &r->ldap.ss);
- ndr_print_time_t(ndr, "last_attempt", r->ldap.last_attempt);
- ndr_print_uint32(ndr, "port", r->ldap.port);
- ndr_print_ads_saslwrap_struct(ndr, "saslwrap", &(r->ldap_wrap_data));
- ndr->depth--;
- ndr->depth--;
-#endif /* HAVE_LDAP */
- ndr->depth--;
-}
diff --git a/source3/libads/sasl_wrapping.c b/source3/libads/sasl_wrapping.c
index 1dbd357a8de..7a58765007c 100644
--- a/source3/libads/sasl_wrapping.c
+++ b/source3/libads/sasl_wrapping.c
@@ -58,7 +58,7 @@ static int ads_saslwrap_setup(Sockbuf_IO_Desc *sbiod, void *arg)
{
struct ads_saslwrap *wrap = (struct ads_saslwrap *)arg;
- wrap->sbiod = sbiod;
+ wrap->sbiod = (struct Sockbuf_IO_Desc *)sbiod;
sbiod->sbiod_pvt = wrap;
@@ -336,7 +336,7 @@ ADS_STATUS ads_setup_sasl_wrapping(struct ads_saslwrap *wrap, LDAP *ld,
return status;
}
- wrap->wrap_ops = ops;
+ wrap->wrap_ops = discard_const(ops);
wrap->wrap_private_data = private_data;
return ADS_SUCCESS;
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index d48833d6197..3bff7ec1412 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -171,7 +171,7 @@ static ADS_STATUS libnet_connect_ads(const char *dns_domain_name,
}
if (user_name) {
- TALLOC_FREE(my_ads->auth.user_name);
+ ADS_TALLOC_CONST_FREE(my_ads->auth.user_name);
my_ads->auth.user_name = talloc_strdup(my_ads, user_name);
if (my_ads->auth.user_name == NULL) {
status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
@@ -179,7 +179,7 @@ static ADS_STATUS libnet_connect_ads(const char *dns_domain_name,
}
if ((cp = strchr_m(my_ads->auth.user_name, '@'))!=0) {
*cp++ = '\0';
- TALLOC_FREE(my_ads->auth.realm);
+ ADS_TALLOC_CONST_FREE(my_ads->auth.realm);
my_ads->auth.realm = talloc_asprintf_strupper_m(my_ads, "%s", cp);
if (my_ads->auth.realm == NULL) {
status = ADS_ERROR_LDAP(LDAP_NO_MEMORY);
@@ -189,7 +189,7 @@ static ADS_STATUS libnet_connect_ads(const char *dns_domain_name,
}
if (password) {
- TALLOC_FREE(my_ads->auth.password);
+ ADS_TALLOC_CONST_FREE(my_ads->auth.password);
my_ads->auth.password = talloc_strdup(my_ads, password);
if (my_ads->auth.password == NULL) {
status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
@@ -198,7 +198,7 @@ static ADS_STATUS libnet_connect_ads(const char *dns_domain_name,
}
if (ccname != NULL) {
- TALLOC_FREE(my_ads->auth.ccache_name);
+ ADS_TALLOC_CONST_FREE(my_ads->auth.ccache_name);
my_ads->auth.ccache_name = talloc_strdup(my_ads, ccname);
if (my_ads->auth.ccache_name == NULL) {
status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
@@ -1045,7 +1045,7 @@ static ADS_STATUS libnet_join_post_processing_ads_modify(TALLOC_CTX *mem_ctx,
if (r->in.ads->auth.ccache_name != NULL) {
ads_kdestroy(r->in.ads->auth.ccache_name);
- TALLOC_FREE(r->in.ads->auth.ccache_name);
+ ADS_TALLOC_CONST_FREE(r->in.ads->auth.ccache_name);
}
TALLOC_FREE(r->in.ads);
diff --git a/source3/librpc/idl/ads.idl b/source3/librpc/idl/ads.idl
new file mode 100644
index 00000000000..4f3a387556a
--- /dev/null
+++ b/source3/librpc/idl/ads.idl
@@ -0,0 +1,130 @@
+#include "idl_types.h"
+#include "config.h"
+
+/*
+ ads interface definition
+*/
+
+import "nbt.idl";
+
+cpp_quote("#include <system/network.h>")
+
+[
+ pointer_default(unique)
+]
+interface ads
+{
+ typedef [public] enum {
+ ADS_SASLWRAP_TYPE_PLAIN = 1,
+ ADS_SASLWRAP_TYPE_SIGN = 2,
+ ADS_SASLWRAP_TYPE_SEAL = 4
+ } ads_saslwrap_type;
+
+ /* ads auth control flags */
+ typedef [public] bitmap {
+ ADS_AUTH_DISABLE_KERBEROS = 0x0001,
+ ADS_AUTH_NO_BIND = 0x0002,
+ ADS_AUTH_ANON_BIND = 0x0004,
+ ADS_AUTH_SIMPLE_BIND = 0x0008,
+ ADS_AUTH_ALLOW_NTLMSSP = 0x0010,
+ ADS_AUTH_SASL_SIGN = 0x0020,
+ ADS_AUTH_SASL_SEAL = 0x0040,
+ ADS_AUTH_SASL_FORCE = 0x0080,
+ ADS_AUTH_USER_CREDS = 0x0100
+ } ads_auth_flags;
+
+ const int ADS_SASL_WRAPPING_IN_MAX_WRAPPED = 0x0FFFFFFF;
+ const int ADS_SASL_WRAPPING_OUT_MAX_WRAPPED = 0x00A00000;
+
+ typedef [nopull,nopush] struct {
+ string realm;
+ string workgroup;
+ string ldap_server;
+ boolean8 gc; /* Is this a global catalog server? */
+ boolean8 no_fallback; /* Bail if the ldap_server is not available */
+ } ads_server;
+
+ typedef [nopull,nopush] struct {
+ string realm;
+ string password;
+ string user_name;
+ string kdc_server;
+ ads_auth_flags flags;
+ int time_offset;
+ string ccache_name;
+ time_t tgt_expire;
+ time_t tgs_expire;
+ time_t renewable;
+ } ads_auth;
+
+ typedef [nopull,nopush] struct {
+ nbt_server_type flags; /* cldap flags identifying the services. */
+ string realm;
+ string bind_path;
--
Samba Shared Repository
More information about the samba-cvs
mailing list