diff options
author | Andreas Schneider <asn@samba.org> | 2014-05-12 10:50:33 +0200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2016-03-17 04:32:27 +0100 |
commit | 33fcc76aa782a24d1d70c12a501a61ee657dcb2a (patch) | |
tree | e2fa0f52881a37df3f880a54b7a7b24e7100cf8c /source4 | |
parent | 209d4b5b28d517a5446923f9ad2eda583dc25d05 (diff) | |
download | samba-33fcc76aa782a24d1d70c12a501a61ee657dcb2a.tar.gz |
mit_samba: Make mit_samba a shim layer between Samba and KDB
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4')
-rw-r--r-- | source4/kdc/mit_samba.c | 85 | ||||
-rw-r--r-- | source4/kdc/mit_samba.h | 74 | ||||
-rw-r--r-- | source4/kdc/mit_samba_interface.h | 60 | ||||
-rwxr-xr-x | source4/kdc/wscript_build | 2 |
4 files changed, 107 insertions, 114 deletions
diff --git a/source4/kdc/mit_samba.c b/source4/kdc/mit_samba.c index fa1e1fce9ba..fa3186e09e4 100644 --- a/source4/kdc/mit_samba.c +++ b/source4/kdc/mit_samba.c @@ -26,23 +26,14 @@ #include <kdb.h> #include "kdc/sdb.h" #include "kdc/sdb_kdb.h" -#include "mit_samba_interface.h" #include "auth/kerberos/kerberos.h" #include "kdc/samba_kdc.h" #include "kdc/pac-glue.h" #include "kdc/db-glue.h" -const int mit_samba_interface_version = MIT_SAMBA_INTERFACE_VERSION; +#include "mit_samba.h" -struct mit_samba_context { - struct auth_session_info *session_info; - - /* for compat with hdb plugin common code */ - krb5_context context; - struct samba_kdc_db_context *db_ctx; -}; - -static void mit_samba_context_free(struct mit_samba_context *ctx) +void mit_samba_context_free(struct mit_samba_context *ctx) { /* free heimdal's krb5_context */ if (ctx->context) { @@ -53,7 +44,7 @@ static void mit_samba_context_free(struct mit_samba_context *ctx) talloc_free(ctx); } -static int mit_samba_context_init(struct mit_samba_context **_ctx) +int mit_samba_context_init(struct mit_samba_context **_ctx) { NTSTATUS status; struct mit_samba_context *ctx; @@ -112,10 +103,10 @@ done: } -static int mit_samba_get_principal(struct mit_samba_context *ctx, - char *principal_string, - unsigned int flags, - krb5_db_entry **_kentry) +int mit_samba_get_principal(struct mit_samba_context *ctx, + char *principal_string, + unsigned int flags, + krb5_db_entry **_kentry) { krb5_principal principal; struct sdb_entry_ex sentry; @@ -164,8 +155,8 @@ done: return ret; } -static int mit_samba_get_firstkey(struct mit_samba_context *ctx, - krb5_db_entry **_kentry) +int mit_samba_get_firstkey(struct mit_samba_context *ctx, + krb5_db_entry **_kentry) { struct sdb_entry_ex sentry; krb5_db_entry *kentry; @@ -202,8 +193,8 @@ static int mit_samba_get_firstkey(struct mit_samba_context *ctx, return ret; } -static int mit_samba_get_nextkey(struct mit_samba_context *ctx, - krb5_db_entry **_kentry) +int mit_samba_get_nextkey(struct mit_samba_context *ctx, + krb5_db_entry **_kentry) { struct sdb_entry_ex sentry; krb5_db_entry *kentry; @@ -240,16 +231,16 @@ static int mit_samba_get_nextkey(struct mit_samba_context *ctx, return ret; } -static int mit_samba_get_pac_data(struct mit_samba_context *ctx, - krb5_db_entry *client, - DATA_BLOB *data) +int mit_samba_get_pac_data(struct mit_samba_context *ctx, + krb5_db_entry *client, + DATA_BLOB *data) { TALLOC_CTX *tmp_ctx; DATA_BLOB *pac_blob; NTSTATUS nt_status; struct samba_kdc_entry *skdc_entry; - skdc_entry = talloc_get_type_abort(client->ctx, + skdc_entry = talloc_get_type_abort(client->e_data, struct samba_kdc_entry); tmp_ctx = talloc_named(ctx, 0, "mit_samba_get_pac_data context"); @@ -275,10 +266,10 @@ static int mit_samba_get_pac_data(struct mit_samba_context *ctx, return 0; } -static int mit_samba_update_pac_data(struct mit_samba_context *ctx, - krb5_db_entry *client, - DATA_BLOB *pac_data, - DATA_BLOB *logon_data) +int mit_samba_update_pac_data(struct mit_samba_context *ctx, + krb5_db_entry *client, + DATA_BLOB *pac_data, + DATA_BLOB *logon_data) { TALLOC_CTX *tmp_ctx; DATA_BLOB *logon_blob; @@ -289,7 +280,7 @@ static int mit_samba_update_pac_data(struct mit_samba_context *ctx, struct samba_kdc_entry *skdc_entry = NULL; if (client) { - skdc_entry = talloc_get_type_abort(client->ctx, + skdc_entry = talloc_get_type_abort(client->e_data, struct samba_kdc_entry); } @@ -391,14 +382,14 @@ static void samba_kdc_build_edata_reply(NTSTATUS nt_status, DATA_BLOB *e_data) return; } -static int mit_samba_check_client_access(struct mit_samba_context *ctx, - krb5_db_entry *client, - const char *client_name, - krb5_db_entry *server, - const char *server_name, - const char *netbios_name, - bool password_change, - DATA_BLOB *e_data) +int mit_samba_check_client_access(struct mit_samba_context *ctx, + krb5_db_entry *client, + const char *client_name, + krb5_db_entry *server, + const char *server_name, + const char *netbios_name, + bool password_change, + DATA_BLOB *e_data) { struct samba_kdc_entry *skdc_entry; NTSTATUS nt_status; @@ -423,10 +414,10 @@ static int mit_samba_check_client_access(struct mit_samba_context *ctx, return 0; } -static int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx, - struct samba_kdc_entry *entry, - const char *target_name, - bool is_nt_enterprise_name) +int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx, + krb5_db_entry *kentry, + const char *target_name, + bool is_nt_enterprise_name) { #if 1 /* @@ -460,15 +451,3 @@ static int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx, return ret; #endif } - -struct mit_samba_function_table mit_samba_function_table = { - mit_samba_context_init, - mit_samba_context_free, - mit_samba_get_principal, - mit_samba_get_firstkey, - mit_samba_get_nextkey, - mit_samba_get_pac_data, - mit_samba_update_pac_data, - mit_samba_check_client_access, - mit_samba_check_s4u2proxy -}; diff --git a/source4/kdc/mit_samba.h b/source4/kdc/mit_samba.h new file mode 100644 index 00000000000..6bc06053e31 --- /dev/null +++ b/source4/kdc/mit_samba.h @@ -0,0 +1,74 @@ +/* + MIT-Samba4 library + + Copyright (c) 2010, Simo Sorce <idra@samba.org> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef _MIT_SAMBA_H +#define _MIT_SAMBA_H + +struct mit_samba_context { + struct auth_session_info *session_info; + + /* for compat with hdb plugin common code */ + krb5_context context; + struct samba_kdc_db_context *db_ctx; +}; + +int mit_samba_context_init(struct mit_samba_context **_ctx); + +void mit_samba_context_free(struct mit_samba_context *ctx); + +int mit_samba_get_principal(struct mit_samba_context *ctx, + char *principal_string, + unsigned int flags, + krb5_db_entry **_kentry); + +int mit_samba_get_firstkey(struct mit_samba_context *ctx, + krb5_db_entry **_kentry); + +int mit_samba_get_nextkey(struct mit_samba_context *ctx, + krb5_db_entry **_kentry); + +int mit_samba_get_pac_data(struct mit_samba_context *ctx, + krb5_db_entry *client, + DATA_BLOB *data); + +int mit_samba_update_pac_data(struct mit_samba_context *ctx, + krb5_db_entry *client, + DATA_BLOB *pac_data, + DATA_BLOB *logon_data); + +int mit_samba_update_pac_data(struct mit_samba_context *ctx, + krb5_db_entry *client, + DATA_BLOB *pac_data, + DATA_BLOB *logon_data); + +int mit_samba_check_client_access(struct mit_samba_context *ctx, + krb5_db_entry *client, + const char *client_name, + krb5_db_entry *server, + const char *server_name, + const char *netbios_name, + bool password_change, + DATA_BLOB *e_data); + +int mit_samba_check_s4u2proxy(struct mit_samba_context *ctx, + krb5_db_entry *kentry, + const char *target_name, + bool is_nt_enterprise_name); + +#endif /* _MIT_SAMBA_H */ diff --git a/source4/kdc/mit_samba_interface.h b/source4/kdc/mit_samba_interface.h deleted file mode 100644 index 094caff16e5..00000000000 --- a/source4/kdc/mit_samba_interface.h +++ /dev/null @@ -1,60 +0,0 @@ -/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ -/* - * plugins/kdb/samba/kdb_samba_interface.h - * - * Copyright (c) 2009, Simo Sorce <idra@samba.org> - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - -#define MIT_SAMBA_INTERFACE_VERSION 1 - -#ifndef _SAMBA_BUILD_ -typedef struct datablob { - uint8_t *data; - size_t length; -} DATA_BLOB; -#endif - -struct mit_samba_context; - -struct mit_samba_function_table { - int (*init)(struct mit_samba_context **ctx); - void (*fini)(struct mit_samba_context *ctx); - - /* db */ - int (*get_principal)(struct mit_samba_context *, char *, - unsigned int, krb5_db_entry **); - int (*get_firstkey)(struct mit_samba_context *, krb5_db_entry **); - int (*get_nextkey)(struct mit_samba_context *, krb5_db_entry **); - - /* windc */ - int (*get_pac)(struct mit_samba_context *, krb5_db_entry *, DATA_BLOB *); - int (*update_pac)(struct mit_samba_context *, krb5_db_entry *, - DATA_BLOB *, DATA_BLOB *); - int (*client_access)(struct mit_samba_context *, - krb5_db_entry *, const char *, - krb5_db_entry *, const char *, - const char *, bool, DATA_BLOB *); - int (*check_s4u2proxy)(struct mit_samba_context *, - krb5_db_entry *, const char *, bool); -}; diff --git a/source4/kdc/wscript_build b/source4/kdc/wscript_build index 8e006b2a726..f6779247bf6 100755 --- a/source4/kdc/wscript_build +++ b/source4/kdc/wscript_build @@ -119,4 +119,4 @@ bld.SAMBA_SUBSYSTEM('MIT_SAMBA', sdb_kdb kdb5 ''', - enabled=not bld.CONFIG_SET('SAMBA4_USES_HEIMDAL')) + enabled=(not bld.CONFIG_SET('SAMBA4_USES_HEIMDAL') and bld.CONFIG_SET('HAVE_KDB_H')) ) |