s4:kdc Push context to hdb_samba4 by way of the 'name' of the DB

This overloads the 'name' part of the keytab name to supply a context
pointer, and so avoids 3 global variables!

To do this, we had to stop putting the entry for kpasswd into the
secrets.ldb.  (I don't consider this a big loss, and any entry left
there by an upgrade will be harmless).

Andrew Bartlett

1 files changed, 12 insertions, 3 deletions

diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index f5e2f59b56f..1a0e93f7cef 100644
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -1563,8 +1563,14 @@ NTSTATUS hdb_samba4_create_kdc(TALLOC_CTX *mem_ctx,
 static krb5_error_code hdb_samba4_create(krb5_context context, struct HDB **db, const char *arg)
 {
 	NTSTATUS nt_status;
+	void *ptr;
+	struct hdb_samba4_context *hdb_samba4_context;
+	if (sscanf(arg, "&%p", &ptr) != 1) {
+		return EINVAL;
+	}
+	hdb_samba4_context = talloc_get_type_abort(ptr, struct hdb_samba4_context);
 	/* The global kdc_mem_ctx and kdc_lp_ctx, Disgusting, ugly hack, but it means one less private hook */
-	nt_status = hdb_samba4_create_kdc(hdb_samba4_mem_ctx, hdb_samba4_ev_ctx, hdb_samba4_lp_ctx,
+	nt_status = hdb_samba4_create_kdc(hdb_samba4_context, hdb_samba4_context->ev_ctx, hdb_samba4_context->lp_ctx,
 					  context, db);
 
 	if (NT_STATUS_IS_OK(nt_status)) {
@@ -1574,9 +1580,12 @@ static krb5_error_code hdb_samba4_create(krb5_context context, struct HDB **db,
 }
 
 /* Only used in the hdb-backed keytab code
- * for a keytab of 'samba4:', to find
+ * for a keytab of 'samba4&<address>', to find
  * kpasswd's key in the main DB, and to
- * copy all the keys into a file (libnet_keytab_export) */
+ * copy all the keys into a file (libnet_keytab_export)
+ *
+ * The <address> is the string form of a pointer to a talloced struct hdb_samba_context
+ */
 struct hdb_method hdb_samba4 = {
 	.interface_version = HDB_INTERFACE_VERSION,
 	.prefix = "samba4",