diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2006-04-27 16:09:17 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:05:04 -0500 |
commit | 710ea949886dd57c66dc6d397e0ea41c89736107 (patch) | |
tree | f234adf0c7879144ef68044291753e43e028061d /source4 | |
parent | 70d10653ad3dcc4c12c83d4ca14752d0a0c89fe8 (diff) | |
download | samba-710ea949886dd57c66dc6d397e0ea41c89736107.tar.gz |
r15297: Move create_security_token() to samdb as it requires SAMDB (and the rest of LIBSECURITY doesn't)
Make the ldb password_hash module only depend on some keys manipulation code, not full heimdal
Some other dependency fixes
(This used to be commit 5b3ab728edfc9cdd9eee16ad0fe6dfd4b5ced630)
Diffstat (limited to 'source4')
-rw-r--r-- | source4/auth/auth_sam.c | 2 | ||||
-rw-r--r-- | source4/auth/auth_util.c | 1 | ||||
-rw-r--r-- | source4/auth/config.mk | 21 | ||||
-rw-r--r-- | source4/auth/credentials/config.mk | 2 | ||||
-rw-r--r-- | source4/auth/gensec/gensec_gssapi.c | 2 | ||||
-rw-r--r-- | source4/auth/gensec/gensec_krb5.c | 2 | ||||
-rw-r--r-- | source4/auth/kerberos/config.mk | 3 | ||||
-rw-r--r-- | source4/auth/kerberos/kerberos_pac.c | 2 | ||||
-rw-r--r-- | source4/client/config.mk | 2 | ||||
-rw-r--r-- | source4/dsdb/config.mk | 2 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/config.mk | 10 | ||||
-rw-r--r-- | source4/dsdb/samdb/samdb.c | 76 | ||||
-rw-r--r-- | source4/heimdal_build/config.mk | 17 | ||||
-rw-r--r-- | source4/kdc/config.mk | 2 | ||||
-rw-r--r-- | source4/libcli/auth/config.mk | 2 | ||||
-rw-r--r-- | source4/libcli/config.mk | 2 | ||||
-rw-r--r-- | source4/libcli/ldap/config.mk | 5 | ||||
-rw-r--r-- | source4/libcli/security/config.mk | 8 | ||||
-rw-r--r-- | source4/libcli/security/security_token.c | 74 | ||||
-rw-r--r-- | source4/librpc/config.mk | 6 | ||||
-rw-r--r-- | source4/passdb/config.mk | 2 |
21 files changed, 123 insertions, 120 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index 3de2723aee9..22e093581c3 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -229,7 +229,7 @@ NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, DEBUG(10,("sam_account_ok: checking for workstation match '%s' and '%s'\n", workstations[i], logon_workstation)); - if (strequal(workstations[i], logon_workstation)) { + if (strequal(workstations[i], logon_workstation) == 0) { invalid_ws = False; break; } diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index 4c6bf04fcbb..2f2a2f0b83f 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -26,6 +26,7 @@ #include "auth/auth.h" #include "libcli/security/security.h" #include "libcli/auth/libcli_auth.h" +#include "dsdb/samdb/samdb.h" /* this default function can be used by mostly all backends * which don't want to set a challenge diff --git a/source4/auth/config.mk b/source4/auth/config.mk index 3d42da6d615..6586fbfe5dc 100644 --- a/source4/auth/config.mk +++ b/source4/auth/config.mk @@ -13,7 +13,8 @@ PRIVATE_PROTO_HEADER = auth_sam.h INIT_FUNCTION = auth_sam_init SUBSYSTEM = auth OBJ_FILES = \ - auth_sam.o + auth_sam.o \ + auth_sam_reply.o PUBLIC_DEPENDENCIES = \ SAMDB # End MODULE auth_sam @@ -24,8 +25,7 @@ PUBLIC_DEPENDENCIES = \ [MODULE::auth_anonymous] INIT_FUNCTION = auth_anonymous_init SUBSYSTEM = auth -OBJ_FILES = \ - auth_anonymous.o +OBJ_FILES = auth_anonymous.o # End MODULE auth_anonymous ####################### @@ -34,8 +34,7 @@ OBJ_FILES = \ [MODULE::auth_winbind] INIT_FUNCTION = auth_winbind_init SUBSYSTEM = auth -OBJ_FILES = \ - auth_winbind.o +OBJ_FILES = auth_winbind.o PUBLIC_DEPENDENCIES = \ LIBWINBIND-CLIENT \ NDR_NETLOGON LIBNDR @@ -47,8 +46,7 @@ PUBLIC_DEPENDENCIES = \ [MODULE::auth_developer] INIT_FUNCTION = auth_developer_init SUBSYSTEM = auth -OBJ_FILES = \ - auth_developer.o +OBJ_FILES = auth_developer.o # End MODULE auth_developer ####################### @@ -57,10 +55,8 @@ OBJ_FILES = \ [MODULE::auth_unix] INIT_FUNCTION = auth_unix_init SUBSYSTEM = auth -OBJ_FILES = \ - auth_unix.o -PUBLIC_DEPENDENCIES = \ - CRYPT PAM PAM_ERRORS +OBJ_FILES = auth_unix.o +PUBLIC_DEPENDENCIES = CRYPT PAM PAM_ERRORS # End MODULE auth_unix ####################### @@ -76,9 +72,8 @@ PUBLIC_PROTO_HEADER = auth_proto.h OBJ_FILES = \ auth.o \ auth_util.o \ - auth_sam_reply.o \ ntlm_check.o \ auth_simple.o -PUBLIC_DEPENDENCIES = LIB_SECURITY process_model +PUBLIC_DEPENDENCIES = LIBSECURITY process_model SAMDB # End SUBSYSTEM auth ####################### diff --git a/source4/auth/credentials/config.mk b/source4/auth/credentials/config.mk index b1212e59633..1f6a07ae01e 100644 --- a/source4/auth/credentials/config.mk +++ b/source4/auth/credentials/config.mk @@ -8,7 +8,7 @@ OBJ_FILES = credentials.o \ credentials_krb5.o \ credentials_ntlm.o PUBLIC_DEPENDENCIES = \ - HEIMDAL LIBCLI_AUTH ldb SECRETS + HEIMDAL LIBCLI_AUTH SECRETS # End SUBSYSTEM CREDENTIALS ################################# diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index 8f487571f3b..4cc067ffde3 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -252,7 +252,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi DEBUG(2, ("Cannot do GSSAPI to an IP address\n")); return NT_STATUS_INVALID_PARAMETER; } - if (strequal(hostname, "localhost")) { + if (strcmp(hostname, "localhost") == 0) { DEBUG(2, ("GSSAPI to 'localhost' does not make sense\n")); return NT_STATUS_INVALID_PARAMETER; } diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index f2f3361bf95..c07b5c95e3f 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -230,7 +230,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security DEBUG(2, ("Cannot do krb5 to an IP address")); return NT_STATUS_INVALID_PARAMETER; } - if (strequal(hostname, "localhost")) { + if (strcmp(hostname, "localhost") == 0) { DEBUG(2, ("krb5 to 'localhost' does not make sense")); return NT_STATUS_INVALID_PARAMETER; } diff --git a/source4/auth/kerberos/config.mk b/source4/auth/kerberos/config.mk index 2a729ef2394..9a7ace6ab58 100644 --- a/source4/auth/kerberos/config.mk +++ b/source4/auth/kerberos/config.mk @@ -9,6 +9,7 @@ OBJ_FILES = kerberos.o \ kerberos_pac.o \ gssapi_parse.o \ krb5_init_context.o -PUBLIC_DEPENDENCIES = HEIMDAL_KRB5 NDR_KRB5PAC SOCKET HEIMDAL_ROKEN_ADDRINFO +PUBLIC_DEPENDENCIES = HEIMDAL_KRB5 NDR_KRB5PAC SOCKET +PRIVATE_DEPENDENCIES = ASN1_UTIL HEIMDAL_ROKEN_ADDRINFO auth_sam # End SUBSYSTEM KERBEROS ################################# diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c index 4712166ea7a..673137fd5ce 100644 --- a/source4/auth/kerberos/kerberos_pac.c +++ b/source4/auth/kerberos/kerberos_pac.c @@ -28,7 +28,7 @@ #include "system/kerberos.h" #include "auth/kerberos/kerberos.h" #include "librpc/gen_ndr/ndr_krb5pac.h" -#include "auth/auth.h" +#include "auth/auth_sam.h" static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, DATA_BLOB pac_data, diff --git a/source4/client/config.mk b/source4/client/config.mk index 369d2a658aa..b38be8da3dd 100644 --- a/source4/client/config.mk +++ b/source4/client/config.mk @@ -8,7 +8,7 @@ OBJ_FILES = \ client.o PRIVATE_DEPENDENCIES = \ LIBSAMBA-CONFIG \ - LIBREADLINE \ + SMBREADLINE \ LIBSAMBA-UTIL \ LIBSMB \ RPC_NDR_SRVSVC \ diff --git a/source4/dsdb/config.mk b/source4/dsdb/config.mk index 15aa9fd0aa5..e0426167e3a 100644 --- a/source4/dsdb/config.mk +++ b/source4/dsdb/config.mk @@ -7,7 +7,7 @@ include samdb/ldb_modules/config.mk [SUBSYSTEM::SAMDB] PUBLIC_PROTO_HEADER = samdb/samdb_proto.h PUBLIC_HEADERS = samdb/samdb.h -PUBLIC_DEPENDENCIES = DB_WRAP LIBCLI_LDAP +PUBLIC_DEPENDENCIES = ldb LIBCLI_LDAP OBJ_FILES = \ samdb/samdb.o \ samdb/samdb_privilege.o \ diff --git a/source4/dsdb/samdb/ldb_modules/config.mk b/source4/dsdb/samdb/ldb_modules/config.mk index 207fdf82011..20f6e182e56 100644 --- a/source4/dsdb/samdb/ldb_modules/config.mk +++ b/source4/dsdb/samdb/ldb_modules/config.mk @@ -17,7 +17,6 @@ SUBSYSTEM = ldb INIT_FUNCTION = samldb_module_init OBJ_FILES = \ samldb.o -PUBLIC_DEPENDENCIES = SAMDB # # End MODULE ldb_samldb ################################################ @@ -62,10 +61,9 @@ OBJ_FILES = \ [MODULE::ldb_password_hash] SUBSYSTEM = ldb INIT_FUNCTION = password_hash_module_init -OBJ_FILES = \ - password_hash.o -PUBLIC_DEPENDENCIES = \ - HEIMDAL_HDB HEIMDAL_KRB5 +OBJ_FILES = password_hash.o +PUBLIC_DEPENDENCIES = HEIMDAL_KRB5 +PRIVATE_DEPENDENCIES = HEIMDAL_HDB_KEYS # # End MODULE ldb_rootdse ################################################ @@ -78,7 +76,7 @@ INIT_FUNCTION = ldb_kludge_acl_init OBJ_FILES = \ kludge_acl.o PUBLIC_DEPENDENCIES = \ - LIB_SECURITY + LIBSECURITY # # End MODULE ldb_rootdse ################################################ diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c index bd133c87452..5dbfd4ee87c 100644 --- a/source4/dsdb/samdb/samdb.c +++ b/source4/dsdb/samdb/samdb.c @@ -1353,3 +1353,79 @@ _PUBLIC_ NTSTATUS samdb_set_password_sid(struct ldb_context *ctx, TALLOC_CTX *me } return NT_STATUS_OK; } + +/**************************************************************************** + Create the SID list for this user. +****************************************************************************/ +NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, + struct dom_sid *user_sid, + struct dom_sid *group_sid, + int n_groupSIDs, + struct dom_sid **groupSIDs, + BOOL is_authenticated, + struct security_token **token) +{ + struct security_token *ptoken; + int i; + NTSTATUS status; + + ptoken = security_token_initialise(mem_ctx); + NT_STATUS_HAVE_NO_MEMORY(ptoken); + + ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 5); + NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); + + ptoken->user_sid = talloc_reference(ptoken, user_sid); + ptoken->group_sid = talloc_reference(ptoken, group_sid); + ptoken->privilege_mask = 0; + + ptoken->sids[0] = ptoken->user_sid; + ptoken->sids[1] = ptoken->group_sid; + + /* + * Finally add the "standard" SIDs. + * The only difference between guest and "anonymous" + * is the addition of Authenticated_Users. + */ + ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD); + NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]); + ptoken->sids[3] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK); + NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[3]); + ptoken->num_sids = 4; + + if (is_authenticated) { + ptoken->sids[4] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS); + NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[4]); + ptoken->num_sids++; + } + + for (i = 0; i < n_groupSIDs; i++) { + size_t check_sid_idx; + for (check_sid_idx = 1; + check_sid_idx < ptoken->num_sids; + check_sid_idx++) { + if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) { + break; + } + } + + if (check_sid_idx == ptoken->num_sids) { + ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]); + } + } + + /* setup the privilege mask for this token */ + status = samdb_privilege_setup(ptoken); + if (!NT_STATUS_IS_OK(status)) { + talloc_free(ptoken); + return status; + } + + security_token_debug(10, ptoken); + + *token = ptoken; + + return NT_STATUS_OK; +} + + diff --git a/source4/heimdal_build/config.mk b/source4/heimdal_build/config.mk index 8d1b6c57810..f6215a30724 100644 --- a/source4/heimdal_build/config.mk +++ b/source4/heimdal_build/config.mk @@ -16,6 +16,14 @@ PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_KRB5 HEIMDAL_HDB # End SUBSYSTEM HEIMDAL_KDC ####################### +[SUBSYSTEM::HEIMDAL_HDB_KEYS] +CFLAGS = -Iheimdal_build -Iheimdal/lib/hdb +OBJ_FILES = \ + ../heimdal/lib/hdb/keys.o \ + ../heimdal/lib/hdb/asn1_Key.o \ + ../heimdal/lib/hdb/asn1_Salt.o +PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_KRB5 + ####################### # Start SUBSYSTEM HEIMDAL_HDB [SUBSYSTEM::HEIMDAL_HDB] @@ -24,7 +32,6 @@ OBJ_FILES = \ ../heimdal/lib/hdb/db.o \ ../heimdal/lib/hdb/hdb.o \ ../heimdal/lib/hdb/ext.o \ - ../heimdal/lib/hdb/keys.o \ ../heimdal/lib/hdb/keytab.o \ ../heimdal/lib/hdb/mkey.o \ ../heimdal/lib/hdb/ndbm.o \ @@ -39,11 +46,9 @@ OBJ_FILES = \ ../heimdal/lib/hdb/asn1_HDB_Ext_Password.o \ ../heimdal/lib/hdb/asn1_HDB_extension.o \ ../heimdal/lib/hdb/asn1_HDB_extensions.o \ - ../heimdal/lib/hdb/asn1_Key.o \ - ../heimdal/lib/hdb/asn1_Salt.o \ ../heimdal/lib/hdb/asn1_hdb_entry.o \ ../heimdal/lib/hdb/hdb_err.o -PUBLIC_DEPENDENCIES = HDB_LDB +PUBLIC_DEPENDENCIES = HDB_LDB HEIMDAL_HDB_KEYS HEIMDAL_ROKEN # End SUBSYSTEM HEIMDAL_HDB ####################### @@ -99,7 +104,7 @@ PUBLIC_DEPENDENCIES = KERBEROS HEIMDAL_KRB5 # Start SUBSYSTEM HEIMDAL_KRB5 [SUBSYSTEM::HEIMDAL_KRB5] CFLAGS = -Iheimdal_build -Iheimdal/lib/krb5 -PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_ASN1 +PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_ASN1 HEIMDAL_GLUE OBJ_FILES = \ ../heimdal/lib/krb5/acache.o \ ../heimdal/lib/krb5/add_et_list.o \ @@ -480,7 +485,7 @@ CFLAGS = -Iheimdal_build OBJ_FILES = ../heimdal/lib/vers/print_version.o PUBLIC_DEPENDENCIES = \ LIBREPLACE HEIMDAL_GSSAPI HEIMDAL_KRB5 KERBEROS \ - HEIMDAL_GLUE RESOLV + RESOLV # End SUBSYSTEM HEIMDAL ####################### diff --git a/source4/kdc/config.mk b/source4/kdc/config.mk index b6f613bf08e..39cfc4299ee 100644 --- a/source4/kdc/config.mk +++ b/source4/kdc/config.mk @@ -19,7 +19,7 @@ OBJ_FILES = \ hdb-ldb.o \ pac-glue.o PUBLIC_DEPENDENCIES = \ - ldb KERBEROS_LIB HEIMDAL_HDB auth_sam + ldb auth_sam # End SUBSYSTEM KDC ####################### diff --git a/source4/libcli/auth/config.mk b/source4/libcli/auth/config.mk index 756ea0ecbff..5a0b7e14dc9 100644 --- a/source4/libcli/auth/config.mk +++ b/source4/libcli/auth/config.mk @@ -8,6 +8,6 @@ OBJ_FILES = credentials.o \ smbencrypt.o \ smbdes.o PUBLIC_DEPENDENCIES = \ - auth SCHANNELDB MSRPC_PARSE + SCHANNELDB MSRPC_PARSE # End SUBSYSTEM LIBCLI_AUTH ################################# diff --git a/source4/libcli/config.mk b/source4/libcli/config.mk index e646985a786..c62f30dd20c 100644 --- a/source4/libcli/config.mk +++ b/source4/libcli/config.mk @@ -104,7 +104,7 @@ VERSION = 0.0.1 SO_VERSION = 0 DESCRIPTION = SMB/CIFS client library PUBLIC_DEPENDENCIES = LIBCLI_RAW LIBSAMBA-ERRORS LIBCLI_AUTH \ - LIBCLI_SMB_COMPOSITE LIBCLI_NBT LIB_SECURITY LIBCLI_RESOLVE \ + LIBCLI_SMB_COMPOSITE LIBCLI_NBT LIBSECURITY LIBCLI_RESOLVE \ LIBCLI_DGRAM LIBCLI_SMB2 LIBCLI_FINDDCS [SUBSYSTEM::LIBSMB] diff --git a/source4/libcli/ldap/config.mk b/source4/libcli/ldap/config.mk index 26f230d7ef7..ec5c48b48ce 100644 --- a/source4/libcli/ldap/config.mk +++ b/source4/libcli/ldap/config.mk @@ -10,7 +10,8 @@ OBJ_FILES = ldap.o \ ldap_ndr.o \ ldap_ildap.o \ ldap_controls.o -PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBEVENTS gensec SOCKET NDR_SAMR LIBTLS \ - LIBPACKET ASN1_UTIL +PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBEVENTS LIBPACKET +PRIVATE_DEPENDENCIES = LIBCLI_COMPOSITE SOCKET NDR_SAMR LIBTLS ASN1_UTIL +#PRIVATE_DEPENDENCIES = gensec # End SUBSYSTEM LIBCLI_LDAP ################################# diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk index fb4f1f71b76..e19947203db 100644 --- a/source4/libcli/security/config.mk +++ b/source4/libcli/security/config.mk @@ -1,6 +1,6 @@ ################################# -# Start SUBSYSTEM LIB_SECURITY -[SUBSYSTEM::LIB_SECURITY] +# Start SUBSYSTEM LIBSECURITY +[SUBSYSTEM::LIBSECURITY] PRIVATE_PROTO_HEADER = proto.h OBJ_FILES = security_token.o \ security_descriptor.o \ @@ -8,6 +8,6 @@ OBJ_FILES = security_token.o \ access_check.o \ privilege.o \ sddl.o -PUBLIC_DEPENDENCIES = NDR_SECURITY -# End SUBSYSTEM LIB_SECURITY +PUBLIC_DEPENDENCIES = NDR_SECURITY +# End SUBSYSTEM LIBSECURITY ################################# diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c index d872376bffd..00436781442 100644 --- a/source4/libcli/security/security_token.c +++ b/source4/libcli/security/security_token.c @@ -48,80 +48,6 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx) } /**************************************************************************** - Create the SID list for this user. -****************************************************************************/ -NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, - struct dom_sid *user_sid, - struct dom_sid *group_sid, - int n_groupSIDs, - struct dom_sid **groupSIDs, - BOOL is_authenticated, - struct security_token **token) -{ - struct security_token *ptoken; - int i; - NTSTATUS status; - - ptoken = security_token_initialise(mem_ctx); - NT_STATUS_HAVE_NO_MEMORY(ptoken); - - ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 5); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids); - - ptoken->user_sid = talloc_reference(ptoken, user_sid); - ptoken->group_sid = talloc_reference(ptoken, group_sid); - ptoken->privilege_mask = 0; - - ptoken->sids[0] = ptoken->user_sid; - ptoken->sids[1] = ptoken->group_sid; - - /* - * Finally add the "standard" SIDs. - * The only difference between guest and "anonymous" - * is the addition of Authenticated_Users. - */ - ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]); - ptoken->sids[3] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[3]); - ptoken->num_sids = 4; - - if (is_authenticated) { - ptoken->sids[4] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS); - NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[4]); - ptoken->num_sids++; - } - - for (i = 0; i < n_groupSIDs; i++) { - size_t check_sid_idx; - for (check_sid_idx = 1; - check_sid_idx < ptoken->num_sids; - check_sid_idx++) { - if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) { - break; - } - } - - if (check_sid_idx == ptoken->num_sids) { - ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]); - } - } - - /* setup the privilege mask for this token */ - status = samdb_privilege_setup(ptoken); - if (!NT_STATUS_IS_OK(status)) { - talloc_free(ptoken); - return status; - } - - security_token_debug(10, ptoken); - - *token = ptoken; - - return NT_STATUS_OK; -} - -/**************************************************************************** prints a struct security_token to debug output. ****************************************************************************/ void security_token_debug(int dbg_lev, const struct security_token *token) diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk index fa4d5045f67..e378f847444 100644 --- a/source4/librpc/config.mk +++ b/source4/librpc/config.mk @@ -11,7 +11,7 @@ OBJ_FILES = \ ndr/ndr_basic.o \ ndr/ndr_string.o \ ndr/ndr_misc.o -PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBTALLOC LIBSAMBA-UTIL +PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBTALLOC LIBSAMBA-UTIL CHARSET # End SUBSYSTEM LIBNDR ################################################ @@ -332,12 +332,12 @@ PUBLIC_DEPENDENCIES = LIBNDR [SUBSYSTEM::NDR_SCHANNEL] OBJ_FILES = gen_ndr/ndr_schannel.o -PUBLIC_DEPENDENCIES = LIBNDR +PUBLIC_DEPENDENCIES = LIBNDR NDR_NBT [SUBSYSTEM::NDR_NBT] OBJ_FILES = gen_ndr/ndr_nbt.o PUBLIC_HEADERS = gen_ndr/nbt.h -PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_NBT_BUF NDR_SVCCTL +PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_NBT_BUF NDR_SVCCTL NDR_SECURITY [LIBRARY::NDR_WINSREPL] VERSION = 0.0.1 diff --git a/source4/passdb/config.mk b/source4/passdb/config.mk index 0172f572611..51e2c4a83e7 100644 --- a/source4/passdb/config.mk +++ b/source4/passdb/config.mk @@ -1,4 +1,4 @@ [SUBSYSTEM::SECRETS] PRIVATE_PROTO_HEADER = proto.h OBJ_FILES = secrets.o -PUBLIC_DEPENDENCIES = SAMDB +PRIVATE_DEPENDENCIES = DB_WRAP |