summaryrefslogtreecommitdiff
path: root/source4/kdc
diff options
context:
space:
mode:
Diffstat (limited to 'source4/kdc')
-rw-r--r--source4/kdc/config.mk18
-rw-r--r--source4/kdc/hdb-samba4.h2
-rw-r--r--source4/kdc/kdc.c9
-rw-r--r--source4/kdc/kdc.h2
-rw-r--r--source4/kdc/pac-glue.c43
-rw-r--r--source4/kdc/pac-glue.h30
6 files changed, 72 insertions, 32 deletions
diff --git a/source4/kdc/config.mk b/source4/kdc/config.mk
index 03fa2db295c..7a998572483 100644
--- a/source4/kdc/config.mk
+++ b/source4/kdc/config.mk
@@ -6,7 +6,7 @@
INIT_FUNCTION = server_service_kdc_init
SUBSYSTEM = service
PRIVATE_DEPENDENCIES = \
- HEIMDAL_KDC HDB_SAMBA4 LIBSAMBA-HOSTCONFIG
+ HEIMDAL_KDC HDB_SAMBA4 PAC_GLUE LIBSAMBA-HOSTCONFIG
# End SUBSYSTEM KDC
#######################
@@ -22,5 +22,17 @@ PRIVATE_DEPENDENCIES = \
# End SUBSYSTEM KDC
#######################
-HDB_SAMBA4_OBJ_FILES = $(addprefix $(kdcsrcdir)/, hdb-samba4.o pac-glue.o)
-$(eval $(call proto_header_template,$(kdcsrcdir)/pac_glue.h,$(HDB_SAMBA4_OBJ_FILES:.o=.c)))
+HDB_SAMBA4_OBJ_FILES = $(addprefix $(kdcsrcdir)/, hdb-samba4.o)
+
+#######################
+# Start SUBSYSTEM KDC
+[SUBSYSTEM::PAC_GLUE]
+CFLAGS = -Iheimdal/kdc -Iheimdal/lib/hdb
+PRIVATE_DEPENDENCIES = \
+ LIBLDB auth_sam auth_sam_reply CREDENTIALS \
+ HEIMDAL_HDB LIBSAMBA-HOSTCONFIG
+# End SUBSYSTEM KDC
+#######################
+
+PAC_GLUE_OBJ_FILES = $(addprefix $(kdcsrcdir)/, pac-glue.o)
+$(eval $(call proto_header_template,$(kdcsrcdir)/pac-glue_proto.h,$(HDB_SAMBA4_OBJ_FILES:.o=.c)))
diff --git a/source4/kdc/hdb-samba4.h b/source4/kdc/hdb-samba4.h
index 0b39fdfb10d..fc2f9c13107 100644
--- a/source4/kdc/hdb-samba4.h
+++ b/source4/kdc/hdb-samba4.h
@@ -20,8 +20,6 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-extern TALLOC_CTX *hdb_samba4_mem_ctx;
-
struct hdb_samba4_context {
struct tevent_context *ev_ctx;
struct loadparm_context *lp_ctx;
diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c
index 746781f02d3..c861f7ae3e2 100644
--- a/source4/kdc/kdc.c
+++ b/source4/kdc/kdc.c
@@ -550,15 +550,6 @@ static NTSTATUS kdc_startup_interfaces(struct kdc_server *kdc, struct loadparm_c
return NT_STATUS_OK;
}
-static struct krb5plugin_windc_ftable windc_plugin_table = {
- .minor_version = KRB5_WINDC_PLUGING_MINOR,
- .init = samba_kdc_plugin_init,
- .fini = samba_kdc_plugin_fini,
- .pac_generate = samba_kdc_get_pac,
- .pac_verify = samba_kdc_reget_pac,
- .client_access = samba_kdc_check_client_access,
-};
-
static NTSTATUS kdc_check_generic_kerberos(struct irpc_message *msg,
struct kdc_check_generic_kerberos *r)
diff --git a/source4/kdc/kdc.h b/source4/kdc/kdc.h
index e8511d95eb0..fb70f953927 100644
--- a/source4/kdc/kdc.h
+++ b/source4/kdc/kdc.h
@@ -25,7 +25,7 @@
#include <hdb.h>
#include <kdc.h>
#include <krb5/windc_plugin.h>
-#include "kdc/pac_glue.h"
+#include "kdc/pac-glue.h"
#include "kdc/hdb-samba4.h"
struct kdc_server;
diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c
index 3dcdd4d439f..3d542d9a942 100644
--- a/source4/kdc/pac-glue.c
+++ b/source4/kdc/pac-glue.c
@@ -34,13 +34,13 @@
struct krb5_dh_moduli;
struct _krb5_krb_auth_data;
-krb5_error_code samba_kdc_plugin_init(krb5_context context, void **ptr)
+static krb5_error_code samba_kdc_plugin_init(krb5_context context, void **ptr)
{
*ptr = NULL;
return 0;
}
-void samba_kdc_plugin_fini(void *ptr)
+static void samba_kdc_plugin_fini(void *ptr)
{
return;
}
@@ -104,10 +104,10 @@ static krb5_error_code make_pac(krb5_context context,
}
/* Given the right private pointer from hdb_samba4, get a PAC from the attached ldb messages */
-krb5_error_code samba_kdc_get_pac(void *priv,
- krb5_context context,
- struct hdb_entry_ex *client,
- krb5_pac *pac)
+static krb5_error_code samba_kdc_get_pac(void *priv,
+ krb5_context context,
+ struct hdb_entry_ex *client,
+ krb5_pac *pac)
{
krb5_error_code ret;
NTSTATUS nt_status;
@@ -149,10 +149,10 @@ krb5_error_code samba_kdc_get_pac(void *priv,
/* Resign (and reform, including possibly new groups) a PAC */
-krb5_error_code samba_kdc_reget_pac(void *priv, krb5_context context,
- const krb5_principal client_principal,
- struct hdb_entry_ex *client,
- struct hdb_entry_ex *server, krb5_pac *pac)
+static krb5_error_code samba_kdc_reget_pac(void *priv, krb5_context context,
+ const krb5_principal client_principal,
+ struct hdb_entry_ex *client,
+ struct hdb_entry_ex *server, krb5_pac *pac)
{
krb5_error_code ret;
@@ -230,13 +230,13 @@ static void samba_kdc_build_edata_reply(TALLOC_CTX *tmp_ctx, krb5_data *e_data,
* the account_ok routine in auth/auth_sam.c for consistancy */
-krb5_error_code samba_kdc_check_client_access(void *priv,
- krb5_context context,
- krb5_kdc_configuration *config,
- hdb_entry_ex *client_ex, const char *client_name,
- hdb_entry_ex *server_ex, const char *server_name,
- KDC_REQ *req,
- krb5_data *e_data)
+static krb5_error_code samba_kdc_check_client_access(void *priv,
+ krb5_context context,
+ krb5_kdc_configuration *config,
+ hdb_entry_ex *client_ex, const char *client_name,
+ hdb_entry_ex *server_ex, const char *server_name,
+ KDC_REQ *req,
+ krb5_data *e_data)
{
krb5_error_code ret;
NTSTATUS nt_status;
@@ -314,3 +314,12 @@ krb5_error_code samba_kdc_check_client_access(void *priv,
return ret;
}
+struct krb5plugin_windc_ftable windc_plugin_table = {
+ .minor_version = KRB5_WINDC_PLUGING_MINOR,
+ .init = samba_kdc_plugin_init,
+ .fini = samba_kdc_plugin_fini,
+ .pac_generate = samba_kdc_get_pac,
+ .pac_verify = samba_kdc_reget_pac,
+ .client_access = samba_kdc_check_client_access,
+};
+
diff --git a/source4/kdc/pac-glue.h b/source4/kdc/pac-glue.h
new file mode 100644
index 00000000000..1c14f7fdb6f
--- /dev/null
+++ b/source4/kdc/pac-glue.h
@@ -0,0 +1,30 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ KDC Server startup
+
+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef __KDC_PAC_GLUE_H__
+#define __KDC_PAC_GLUE_H__
+
+#include "kdc/pac-glue_proto.h"
+
+extern struct krb5plugin_windc_ftable windc_plugin_table;
+
+#endif /* __KDC_PAC_GLUE_H__ */
+