[PATCH] some cleanups for smbldap.c

Alexander Bokovoy ab at samba.org
Mon Jul 3 09:26:13 UTC 2017 

On ke, 19 huhti 2017, vl--- via samba-technical wrote:
> On Wed, Apr 19, 2017 at 07:13:15PM +0300, Alexander Bokovoy via samba-technical wrote:
> > > Right. That's why I referred to gensec. As much as I disagree with the
> > > bloat and non-asynchrony of gensec_update it brings, this is our
> > > solution to do such things.
> > Can we look into gensec use at SambaXP?
> 
> Sure. A good prototype for what we need is in tldap_gensec_bind I
> guess.
I've been trying to get to this over past two months but other tasks
interrupted me. As result, FreeIPA is currently not buildable against
Samba git master (and soon 4.7.0-RC1). So, to unblock
FreeIPA/Fedora/Samba 4.7 integration where a lot has depend on Samba 4.7
availability to allow FreeIPA to move to Python 3, I decided to propose
a function to give access to bind callback:

  smbldap_set_bind_callback(smbldap_state, callback, callback_state);

This would give us ability to work on smbldap/gensec/ads merge through
4.7.x timeframe.

Patch attached, please review.
-- 
/ Alexander Bokovoy
-------------- next part --------------
>From 5040c845313aa46b3ca06a027ee7ba7566d4271a Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <ab at samba.org>
Date: Mon, 3 Jul 2017 11:58:50 +0300
Subject: [PATCH] smbldap: expose bind callback via API and increase smbldap
 ABI version

Until we fully migrate to use gensec in smbldap, we need to continue
exposing bind callback to allow FreeIPA to integrate with smbldap.

Since libsmbclient API is now lacking direct access to 'struct
smbldap_state' and new API functions were added to give access to
individual members of this structure, it makes sense to increase ABI
version too.

Signed-off-by: Alexander Bokovoy <ab at samba.org>
---
 source3/include/smbldap.h |  7 +++++++
 source3/lib/smbldap.c     | 16 ++++++++++------
 source3/wscript_build     |  2 +-
 3 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h
index 6af0806b748..878268aebd6 100644
--- a/source3/include/smbldap.h
+++ b/source3/include/smbldap.h
@@ -34,6 +34,9 @@
  */
 
 struct smbldap_state;
+typedef int (*smbldap_bind_callback_fn)(LDAP *ldap_struct,
+					struct smbldap_state *ldap_state,
+					void *data);
 
 /* The following definitions come from lib/smbldap.c  */
 
@@ -50,6 +53,10 @@ bool smbldap_get_paged_results(struct smbldap_state *state);
 void smbldap_set_paged_results(struct smbldap_state *state,
 			       bool paged_results);
 
+void smbldap_set_bind_callback(struct smbldap_state *state,
+			       smbldap_bind_callback_fn callback,
+			       void *callback_data);
+
 void smbldap_set_mod (LDAPMod *** modlist, int modop, const char *attribute, const char *value);
 void smbldap_set_mod_blob(LDAPMod *** modlist, int modop, const char *attribute, const DATA_BLOB *newblob);
 void smbldap_make_mod(LDAP *ldap_struct, LDAPMessage *existing,
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 3e7cdd4dc58..71166f649be 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -46,8 +46,7 @@ struct smbldap_state {
 	bool anonymous;
 	char *bind_dn;
 	char *bind_secret;
-	int (*bind_callback)(LDAP *ldap_struct,
-			     struct smbldap_state *ldap_state, void *data);
+	smbldap_bind_callback_fn bind_callback;
 	void *bind_callback_data;
 
 	bool paged_results;
@@ -77,6 +76,13 @@ void smbldap_set_paged_results(struct smbldap_state *state,
 	state->paged_results = paged_results;
 }
 
+void smbldap_set_bind_callback(struct smbldap_state *state,
+			       smbldap_bind_callback_fn callback,
+			       void *callback_data)
+{
+	state->bind_callback = callback;
+	state->bind_callback_data = callback_data;
+}
 /*******************************************************************
  Search an attribute and return the first value found.
 ******************************************************************/
@@ -1726,8 +1732,7 @@ void smbldap_free_struct(struct smbldap_state **ldap_state)
 
 	SAFE_FREE((*ldap_state)->bind_dn);
 	SAFE_FREE((*ldap_state)->bind_secret);
-	(*ldap_state)->bind_callback = NULL;
-	(*ldap_state)->bind_callback_data = NULL;
+	smbldap_set_bind_callback(*ldap_state, NULL, NULL);
 
 	TALLOC_FREE(*ldap_state);
 
@@ -1907,8 +1912,7 @@ bool smbldap_set_creds(struct smbldap_state *ldap_state, bool anon, const char *
 	/* free any previously set credential */
 
 	SAFE_FREE(ldap_state->bind_dn);
-	ldap_state->bind_callback = NULL;
-	ldap_state->bind_callback_data = NULL;
+	smbldap_set_bind_callback(ldap_state, NULL, NULL);
 
 	if (ldap_state->bind_secret) {
 		/* make sure secrets are zeroed out of memory */
diff --git a/source3/wscript_build b/source3/wscript_build
index 2cc74e0f4ec..a030b8ad177 100644
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -523,7 +523,7 @@ bld.SAMBA3_LIBRARY('smbldap',
                     abi_directory='lib/ABI',
                     abi_match='smbldap_*',
                     pc_files=[],
-                    vnum='1',
+                    vnum='2',
                     public_headers='include/smbldap.h include/smb_ldap.h')
 
 bld.SAMBA3_LIBRARY('ads',
-- 
2.13.0

More information about the samba-technical mailing list