mit_samba: Make mit_samba a shim layer between Samba and KDB

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

4 files changed, 107 insertions, 114 deletions

diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c
index fa1e1fce9ba..fa3186e09e4 100644
--- a/source4/kdc/mit_samba.c
+++ b/source4/kdc/mit_samba.c
@@ -26,23 +26,14 @@
 #include <kdb.h>
 #include "kdc/sdb.h"
 #include "kdc/sdb_kdb.h"
-#include "mit_samba_interface.h"
 #include "auth/kerberos/kerberos.h"
 #include "kdc/samba_kdc.h"
 #include "kdc/pac-glue.h"
 #include "kdc/db-glue.h"
 
-const int mit_samba_interface_version = MIT_SAMBA_INTERFACE_VERSION;
+#include "mit_samba.h"
 
-struct mit_samba_context {
-	struct auth_session_info *session_info;
-
-	/* for compat with hdb plugin common code */
-	krb5_context context;
-	struct samba_kdc_db_context *db_ctx;
-};
-
-static void mit_samba_context_free(struct mit_samba_context *ctx)
+void mit_samba_context_free(struct mit_samba_context *ctx)
 {
 	/* free heimdal's krb5_context */
 	if (ctx->context) {
@@ -53,7 +44,7 @@ static void mit_samba_context_free(struct mit_samba_context *ctx)
 	talloc_free(ctx);
 }
 
-static int mit_samba_context_init(struct mit_samba_context **_ctx)
+int mit_samba_context_init(struct mit_samba_context **_ctx)
 {
 	NTSTATUS status;
 	struct mit_samba_context *ctx;
@@ -112,10 +103,10 @@ done:
 }
 
 
-static int mit_samba_get_principal(struct mit_samba_context *ctx,
-				   char *principal_string,
-				   unsigned int flags,
-				   krb5_db_entry **_kentry)
+int mit_samba_get_principal(struct mit_samba_context *ctx,
+			    char *principal_string,
+			    unsigned int flags,
+			    krb5_db_entry **_kentry)
 {
 	krb5_principal principal;
 	struct sdb_entry_ex sentry;
@@ -164,8 +155,8 @@ done:
 	return ret;
 }
 
-static int mit_samba_get_firstkey(struct mit_samba_context *ctx,
-				  krb5_db_entry **_kentry)
+int mit_samba_get_firstkey(struct mit_samba_context *ctx,
+			   krb5_db_entry **_kentry)
 {
 	struct sdb_entry_ex sentry;
 	krb5_db_entry *kentry;
@@ -202,8 +193,8 @@ static int mit_samba_get_firstkey(struct mit_samba_context *ctx,
 	return ret;
 }
 
-static int mit_samba_get_nextkey(struct mit_samba_context *ctx,
-				 krb5_db_entry **_kentry)
+int mit_samba_get_nextkey(struct mit_samba_context *ctx,
+			  krb5_db_entry **_kentry)
 {
 	struct sdb_entry_ex sentry;
 	krb5_db_entry *kentry;
@@ -240,16 +231,16 @@ static int mit_samba_get_nextkey(struct mit_samba_context *ctx,
 	return ret;
 }
 
-static int mit_samba_get_pac_data(struct mit_samba_context *ctx,
-				  krb5_db_entry *client,
-				  DATA_BLOB *data)
+int mit_samba_get_pac_data(struct mit_samba_context *ctx,
+			   krb5_db_entry *client,
+			   DATA_BLOB *data)
 {
 	TALLOC_CTX *tmp_ctx;
 	DATA_BLOB *pac_blob;
 	NTSTATUS nt_status;
 	struct samba_kdc_entry *skdc_entry;
 
-	skdc_entry = talloc_get_type_abort(client->ctx,
+	skdc_entry = talloc_get_type_abort(client->e_data,
 					   struct samba_kdc_entry);
 
 	tmp_ctx = talloc_named(ctx, 0, "mit_samba_get_pac_data context");
@@ -275,10 +266,10 @@ static int mit_samba_get_pac_data(struct mit_samba_context *ctx,
 	return 0;
 }
 
-static int mit_samba_update_pac_data(struct mit_samba_context *ctx,
-				     krb5_db_entry *client,
-				     DATA_BLOB *pac_data,
-				     DATA_BLOB *logon_data)
+int mit_samba_update_pac_data(struct mit_samba_context *ctx,
+			      krb5_db_entry *client,
+			      DATA_BLOB *pac_data,
+			      DATA_BLOB *logon_data)
 {
 	TALLOC_CTX *tmp_ctx;
 	DATA_BLOB *logon_blob;
@@ -289,7 +280,7 @@ static int mit_samba_update_pac_data(struct mit_samba_context *ctx,
 	struct samba_kdc_entry *skdc_entry = NULL;
 
 	if (client) {
-		skdc_entry = talloc_get_type_abort(client->ctx,
+		skdc_entry = talloc_get_type_abort(client->e_data,
 						   struct samba_kdc_entry);
 	}
 
@@ -391,14 +382,14 @@ static void samba_kdc_build_edata_reply(NTSTATUS nt_status, DATA_BLOB *e_data)
 	return;
 }
 
-static int mit_samba_check_client_access(struct mit_samba_context *ctx,
-					 krb5_db_entry *client,
-					 const char *client_name,
-					 krb5_db_entry *server,
-					 const char *server_name,
-					 const char *netbios_name,
-					 bool password_change,
-					 DATA_BLOB *e_data)
+int mit_samba_check_client_access(struct mit_samba_context *ctx,
+				  krb5_db_entry *client,
+				  const char *client_name,
+				  krb5_db_entry *server,
+				  const char *server_name,
+				  const char *netbios_name,
+				  bool password_change,
+				  DATA_BLOB *e_data)
 {
 	struct samba_kdc_entry *skdc_entry;
 	NTSTATUS nt_status;
@@ -423,10 +414,10 @@ static int mit_samba_check_client_access(struct mit_samba_context *ctx,
 	return 0;
 }
 
-static int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx,
-				     struct samba_kdc_entry *entry,
-				     const char *target_name,
-				     bool is_nt_enterprise_name)
+int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx,
+			      krb5_db_entry *kentry,
+			      const char *target_name,
+			      bool is_nt_enterprise_name)
 {
 #if 1
 	/*
@@ -460,15 +451,3 @@ static int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx,
 	return ret;
 #endif
 }
-
-struct mit_samba_function_table mit_samba_function_table = {
-	mit_samba_context_init,
-	mit_samba_context_free,
-	mit_samba_get_principal,
-	mit_samba_get_firstkey,
-	mit_samba_get_nextkey,
-	mit_samba_get_pac_data,
-	mit_samba_update_pac_data,
-	mit_samba_check_client_access,
-	mit_samba_check_s4u2proxy
-};
diff --git a/source4/kdc/mit_samba.h b/source4/kdc/mit_samba.h
new file mode 100644
index 00000000000..6bc06053e31
--- /dev/null
+++ b/source4/kdc/mit_samba.h
@@ -0,0 +1,74 @@
+/*
+   MIT-Samba4 library
+
+   Copyright (c) 2010, Simo Sorce <idra@samba.org>
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _MIT_SAMBA_H
+#define _MIT_SAMBA_H
+
+struct mit_samba_context {
+	struct auth_session_info *session_info;
+
+	/* for compat with hdb plugin common code */
+	krb5_context context;
+	struct samba_kdc_db_context *db_ctx;
+};
+
+int mit_samba_context_init(struct mit_samba_context **_ctx);
+
+void mit_samba_context_free(struct mit_samba_context *ctx);
+
+int mit_samba_get_principal(struct mit_samba_context *ctx,
+				   char *principal_string,
+				   unsigned int flags,
+				   krb5_db_entry **_kentry);
+
+int mit_samba_get_firstkey(struct mit_samba_context *ctx,
+			   krb5_db_entry **_kentry);
+
+int mit_samba_get_nextkey(struct mit_samba_context *ctx,
+			  krb5_db_entry **_kentry);
+
+int mit_samba_get_pac_data(struct mit_samba_context *ctx,
+			   krb5_db_entry *client,
+			   DATA_BLOB *data);
+
+int mit_samba_update_pac_data(struct mit_samba_context *ctx,
+			      krb5_db_entry *client,
+			      DATA_BLOB *pac_data,
+			      DATA_BLOB *logon_data);
+
+int mit_samba_update_pac_data(struct mit_samba_context *ctx,
+			      krb5_db_entry *client,
+			      DATA_BLOB *pac_data,
+			      DATA_BLOB *logon_data);
+
+int mit_samba_check_client_access(struct mit_samba_context *ctx,
+				  krb5_db_entry *client,
+				  const char *client_name,
+				  krb5_db_entry *server,
+				  const char *server_name,
+				  const char *netbios_name,
+				  bool password_change,
+				  DATA_BLOB *e_data);
+
+int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx,
+			      krb5_db_entry *kentry,
+			      const char *target_name,
+			      bool is_nt_enterprise_name);
+
+#endif /* _MIT_SAMBA_H */
diff --git a/source4/kdc/mit_samba_interface.h b/source4/kdc/mit_samba_interface.h
deleted file mode 100644
index 094caff16e5..00000000000
--- a/source4/kdc/mit_samba_interface.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
-/*
- * plugins/kdb/samba/kdb_samba_interface.h
- *
- * Copyright (c) 2009, Simo Sorce <idra@samba.org>
- * All Rights Reserved.
- *
- *   Export of this software from the United States of America may
- *   require a specific license from the United States Government.
- *   It is the responsibility of any person or organization contemplating
- *   export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission.  Furthermore if you modify this software you must label
- * your software as modified software and not distribute it in such a
- * fashion that it might be confused with the original M.I.T. software.
- * M.I.T. makes no representations about the suitability of
- * this software for any purpose.  It is provided "as is" without express
- * or implied warranty.
- *
- */
-
-#define MIT_SAMBA_INTERFACE_VERSION 1
-
-#ifndef _SAMBA_BUILD_
-typedef struct datablob {
-	uint8_t *data;
-	size_t length;
-} DATA_BLOB;
-#endif
-
-struct mit_samba_context;
-
-struct mit_samba_function_table {
-    int (*init)(struct mit_samba_context **ctx);
-    void (*fini)(struct mit_samba_context *ctx);
-
-    /* db */
-    int (*get_principal)(struct mit_samba_context *, char *,
-                         unsigned int, krb5_db_entry **);
-    int (*get_firstkey)(struct mit_samba_context *, krb5_db_entry **);
-    int (*get_nextkey)(struct mit_samba_context *, krb5_db_entry **);
-
-    /* windc */
-    int (*get_pac)(struct mit_samba_context *, krb5_db_entry *, DATA_BLOB *);
-    int (*update_pac)(struct mit_samba_context *, krb5_db_entry *,
-                      DATA_BLOB *, DATA_BLOB *);
-    int (*client_access)(struct mit_samba_context *,
-                         krb5_db_entry *, const char *,
-                         krb5_db_entry *, const char *,
-                         const char *, bool, DATA_BLOB *);
-    int (*check_s4u2proxy)(struct mit_samba_context *,
-                           krb5_db_entry *, const char *, bool);
-};
diff --git a/source4/kdc/wscript_build b/source4/kdc/wscript_build
index 8e006b2a726..f6779247bf6 100755
--- a/source4/kdc/wscript_build
+++ b/source4/kdc/wscript_build
@@ -119,4 +119,4 @@ bld.SAMBA_SUBSYSTEM('MIT_SAMBA',
                          sdb_kdb
                          kdb5
                          ''',
-                    enabled=not bld.CONFIG_SET('SAMBA4_USES_HEIMDAL'))
+                    enabled=(not bld.CONFIG_SET('SAMBA4_USES_HEIMDAL') and bld.CONFIG_SET('HAVE_KDB_H')) )