[RFC PATCH] unbreak mit kdc
Philipp Gesang
philipp.gesang at intra2net.com
Mon Nov 5 15:53:49 UTC 2018
Hey guys,
devel master is broken right now in an MIT KRB5 build.
Please review the attached patch which restores compilation for
me. Some inserts have been tagged “XXX” because frankly I have
no idea what status code would be appropriate. Suggestions would
be very much appreciated.
CI: https://gitlab.com/samba-team/devel/samba/pipelines/35478792
(Incomplete as of yet cause this is a RFC.)
Thanks again,
Philipp
-------------- next part --------------
From 0293b84cee8357791010b9fff2effc67bada9308 Mon Sep 17 00:00:00 2001
From: Philipp Gesang <philipp.gesang at intra2net.com>
Date: Mon, 5 Nov 2018 15:54:35 +0100
Subject: [PATCH] s4-kdc: restore MIT KDC backend
Fix fallout from the KDC prefork patchset (99aea42520fc..).
Adapt signature of mitkdc_task_init() to match task_init which
has been extended to return a status code.
Status codes try to mimick those of kdc-heimdal.c:kdc_task_init().
It was not possible to establish a 1-to-1 correspondence
everywhere. The uncertain cases return NT_STATUS_UNSUCCESSFUL and
have been tagged XXX.
Signed-off-by: Philipp Gesang <philipp.gesang at intra2net.com>
---
source4/kdc/kdc-service-mit.c | 31 +++++++++++++++++--------------
source4/kdc/kdc-service-mit.h | 2 +-
2 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/source4/kdc/kdc-service-mit.c b/source4/kdc/kdc-service-mit.c
index 8ae1c219dc7..db39a1254ae 100644
--- a/source4/kdc/kdc-service-mit.c
+++ b/source4/kdc/kdc-service-mit.c
@@ -134,7 +134,7 @@ out:
/*
* Startup a copy of the krb5kdc as a child daemon
*/
-void mitkdc_task_init(struct task_server *task)
+NTSTATUS mitkdc_task_init(struct task_server *task)
{
struct tevent_req *subreq;
const char * const *kdc_cmd;
@@ -155,13 +155,13 @@ void mitkdc_task_init(struct task_server *task)
"The KDC is not required in standalone "
"server configuration, terminate!",
false);
- return;
+ return NT_STATUS_INVALID_DOMAIN_ROLE;
case ROLE_DOMAIN_MEMBER:
task_server_terminate(task,
"The KDC is not required in member "
"server configuration",
false);
- return;
+ return NT_STATUS_INVALID_DOMAIN_ROLE;
case ROLE_ACTIVE_DIRECTORY_DC:
/* Yes, we want to start the KDC */
break;
@@ -173,7 +173,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: no network interfaces configured",
false);
- return;
+ return NT_STATUS_UNSUCCESSFUL;
}
kdc_config = talloc_asprintf(task,
@@ -183,7 +183,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: no memory",
false);
- return;
+ return NT_STATUS_NO_MEMORY;
}
setenv("KRB5_KDC_PROFILE", kdc_config, 0);
TALLOC_FREE(kdc_config);
@@ -208,7 +208,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"Failed to startup mitkdc task",
true);
- return;
+ return NT_STATUS_UNSUCCESSFUL; /* [phg] XXX */
}
tevent_req_set_callback(subreq, mitkdc_server_done, task);
@@ -227,7 +227,7 @@ void mitkdc_task_init(struct task_server *task)
kdc = talloc_zero(task, struct kdc_server);
if (kdc == NULL) {
task_server_terminate(task, "KDC: Out of memory", true);
- return;
+ return NT_STATUS_NO_MEMORY;
}
talloc_set_destructor(kdc, kdc_server_destroy);
@@ -236,7 +236,7 @@ void mitkdc_task_init(struct task_server *task)
kdc->base_ctx = talloc_zero(kdc, struct samba_kdc_base_context);
if (kdc->base_ctx == NULL) {
task_server_terminate(task, "KDC: Out of memory", true);
- return;
+ return NT_STATUS_NO_MEMORY;
}
kdc->base_ctx->ev_ctx = task->event_ctx;
@@ -251,7 +251,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: Unable to initialized krb5 context",
true);
- return;
+ return NT_STATUS_UNSUCCESSFUL; /* [phg] XXX */
}
code = kadm5_init_krb5_context(&kdc->smb_krb5_context->krb5_context);
@@ -259,7 +259,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: Unable to init kadm5 krb5_context",
true);
- return;
+ return NT_STATUS_UNSUCCESSFUL; /* [phg] XXX */
}
ZERO_STRUCT(config);
@@ -279,7 +279,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: Initialize kadm5",
true);
- return;
+ return NT_STATUS_UNSUCCESSFUL; /* [phg] XXX */
}
kdc->private_data = server_handle;
@@ -288,7 +288,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: Unable to KDB",
true);
- return;
+ return NT_STATUS_UNSUCCESSFUL; /* [phg] XXX */
}
kdc->keytab_name = talloc_asprintf(kdc, "KDB:");
@@ -296,7 +296,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: Out of memory",
true);
- return;
+ return NT_STATUS_NO_MEMORY;
}
kdc->samdb = samdb_connect(kdc,
@@ -309,7 +309,7 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: Unable to connect to sambdb",
true);
- return;
+ return NT_STATUS_UNSUCCESSFUL; /* [phg] XXX */
}
status = startup_kpasswd_server(kdc,
@@ -320,9 +320,12 @@ void mitkdc_task_init(struct task_server *task)
task_server_terminate(task,
"KDC: Unable to start kpasswd server",
true);
+ return status;
}
DEBUG(5,("Started kpasswd service for kdc_server\n"));
+
+ return NT_STATUS_OK;
}
/*
diff --git a/source4/kdc/kdc-service-mit.h b/source4/kdc/kdc-service-mit.h
index 6f38fe7ed97..79439331e16 100644
--- a/source4/kdc/kdc-service-mit.h
+++ b/source4/kdc/kdc-service-mit.h
@@ -22,6 +22,6 @@
#ifndef _KDC_SERVICE_MIT_H
#define _KDC_SERVICE_MIT_H
-void mitkdc_task_init(struct task_server *task);
+NTSTATUS mitkdc_task_init(struct task_server *task);
#endif /* _KDC_SERVICE_MIT_H */
--
2.17.2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20181105/331f8b3c/signature.sig>
More information about the samba-technical
mailing list