[SCM] Samba Shared Repository - branch v3-5-test updated

Karolin Seeger Mon, 26 Sep 2011 11:28:57 -0700

The branch, v3-5-test has been updated
       via  52e5c80 s3-netapi: allow to use default krb5 credential cache for 
libnetapi users.
       via  01f30f5 s3-libnet: allow to use default krb5 ccache in 
libnet_Join/libnet_Unjoin.
      from  da08c8a s3: Fix bug 7844: Race in winbind


http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test


- Log -----------------------------------------------------------------
commit 52e5c8002f1ccd417eaf56f0c1c9abb9d13bb7d6
Author: Günther Deschner <g...@samba.org>
Date:   Wed Sep 21 17:47:27 2011 +0200

    s3-netapi: allow to use default krb5 credential cache for libnetapi users.
    
    Guenther

commit 01f30f5c3e690956f1bd85006c88b6d79e63a1c7
Author: Günther Deschner <g...@samba.org>
Date:   Wed Sep 21 17:28:58 2011 +0200

    s3-libnet: allow to use default krb5 ccache in libnet_Join/libnet_Unjoin.
    
    We force using a MEMORY ccache though in the wkssvc server.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/lib/netapi/netapi.c        |   24 +++++++++++++++++-------
 source3/lib/netapi/netapi.h        |    6 ++++++
 source3/libnet/libnet_join.c       |   30 ------------------------------
 source3/rpc_server/srv_wkssvc_nt.c |    4 ++++
 4 files changed, 27 insertions(+), 37 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/netapi/netapi.c b/source3/lib/netapi/netapi.c
index bde6fd8..34a88a9 100644
--- a/source3/lib/netapi/netapi.c
+++ b/source3/lib/netapi/netapi.c
@@ -55,7 +55,6 @@ NET_API_STATUS libnetapi_init(struct libnetapi_ctx **context)
 {
        NET_API_STATUS status;
        struct libnetapi_ctx *ctx = NULL;
-       char *krb5_cc_env = NULL;
 
        if (stat_ctx && libnetapi_initialized) {
                *context = stat_ctx;
@@ -101,12 +100,6 @@ NET_API_STATUS libnetapi_init(struct libnetapi_ctx 
**context)
 
        BlockSignals(True, SIGPIPE);
 
-       krb5_cc_env = getenv(KRB5_ENV_CCNAME);
-       if (!krb5_cc_env || (strlen(krb5_cc_env) == 0)) {
-               ctx->krb5_cc_env = talloc_strdup(frame, "MEMORY:libnetapi");
-               setenv(KRB5_ENV_CCNAME, ctx->krb5_cc_env, 1);
-       }
-
        if (getenv("USER")) {
                ctx->username = talloc_strdup(frame, getenv("USER"));
        } else {
@@ -250,6 +243,23 @@ NET_API_STATUS libnetapi_set_use_kerberos(struct 
libnetapi_ctx *ctx)
        return NET_API_STATUS_SUCCESS;
 }
 
+/****************************************************************
+****************************************************************/
+
+NET_API_STATUS libnetapi_set_use_memory_krb5_ccache(struct libnetapi_ctx *ctx)
+{
+       ctx->krb5_cc_env = talloc_strdup(ctx, "MEMORY:libnetapi");
+       if (!ctx->krb5_cc_env) {
+               return W_ERROR_V(WERR_NOMEM);
+       }
+       setenv(KRB5_ENV_CCNAME, ctx->krb5_cc_env, 1);
+       ctx->use_memory_krb5_ccache = 1;
+       return NET_API_STATUS_SUCCESS;
+}
+
+/****************************************************************
+****************************************************************/
+
 NET_API_STATUS libnetapi_set_use_ccache(struct libnetapi_ctx *ctx)
 {
        ctx->use_ccache = true;
diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h
index 8976ebd..069d526 100644
--- a/source3/lib/netapi/netapi.h
+++ b/source3/lib/netapi/netapi.h
@@ -1319,6 +1319,7 @@ struct libnetapi_ctx {
        char *krb5_cc_env;
        int use_kerberos;
        int use_ccache;
+       int use_memory_krb5_ccache;
        int disable_policy_handle_cache;
 
        void *private_data;
@@ -1376,6 +1377,11 @@ NET_API_STATUS libnetapi_set_use_ccache(struct 
libnetapi_ctx *ctx);
 /****************************************************************
 ****************************************************************/
 
+NET_API_STATUS libnetapi_set_use_memory_krb5_ccache(struct libnetapi_ctx *ctx);
+
+/****************************************************************
+****************************************************************/
+
 const char *libnetapi_errstr(NET_API_STATUS status);
 
 /****************************************************************
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index f14bffd..8522c17 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -1620,17 +1620,10 @@ static WERROR libnet_join_post_processing(TALLOC_CTX 
*mem_ctx,
 
 static int libnet_destroy_JoinCtx(struct libnet_JoinCtx *r)
 {
-       const char *krb5_cc_env = NULL;
-
        if (r->in.ads) {
                ads_destroy(&r->in.ads);
        }
 
-       krb5_cc_env = getenv(KRB5_ENV_CCNAME);
-       if (krb5_cc_env && StrCaseCmp(krb5_cc_env, "MEMORY:libnetjoin")) {
-               unsetenv(KRB5_ENV_CCNAME);
-       }
-
        return 0;
 }
 
@@ -1639,17 +1632,10 @@ static int libnet_destroy_JoinCtx(struct libnet_JoinCtx 
*r)
 
 static int libnet_destroy_UnjoinCtx(struct libnet_UnjoinCtx *r)
 {
-       const char *krb5_cc_env = NULL;
-
        if (r->in.ads) {
                ads_destroy(&r->in.ads);
        }
 
-       krb5_cc_env = getenv(KRB5_ENV_CCNAME);
-       if (krb5_cc_env && StrCaseCmp(krb5_cc_env, "MEMORY:libnetjoin")) {
-               unsetenv(KRB5_ENV_CCNAME);
-       }
-
        return 0;
 }
 
@@ -1660,7 +1646,6 @@ WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx,
                           struct libnet_JoinCtx **r)
 {
        struct libnet_JoinCtx *ctx;
-       const char *krb5_cc_env = NULL;
 
        ctx = talloc_zero(mem_ctx, struct libnet_JoinCtx);
        if (!ctx) {
@@ -1672,13 +1657,6 @@ WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx,
        ctx->in.machine_name = talloc_strdup(mem_ctx, global_myname());
        W_ERROR_HAVE_NO_MEMORY(ctx->in.machine_name);
 
-       krb5_cc_env = getenv(KRB5_ENV_CCNAME);
-       if (!krb5_cc_env || (strlen(krb5_cc_env) == 0)) {
-               krb5_cc_env = talloc_strdup(mem_ctx, "MEMORY:libnetjoin");
-               W_ERROR_HAVE_NO_MEMORY(krb5_cc_env);
-               setenv(KRB5_ENV_CCNAME, krb5_cc_env, 1);
-       }
-
        ctx->in.secure_channel_type = SEC_CHAN_WKSTA;
 
        *r = ctx;
@@ -1693,7 +1671,6 @@ WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx,
                             struct libnet_UnjoinCtx **r)
 {
        struct libnet_UnjoinCtx *ctx;
-       const char *krb5_cc_env = NULL;
 
        ctx = talloc_zero(mem_ctx, struct libnet_UnjoinCtx);
        if (!ctx) {
@@ -1705,13 +1682,6 @@ WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx,
        ctx->in.machine_name = talloc_strdup(mem_ctx, global_myname());
        W_ERROR_HAVE_NO_MEMORY(ctx->in.machine_name);
 
-       krb5_cc_env = getenv(KRB5_ENV_CCNAME);
-       if (!krb5_cc_env || (strlen(krb5_cc_env) == 0)) {
-               krb5_cc_env = talloc_strdup(mem_ctx, "MEMORY:libnetjoin");
-               W_ERROR_HAVE_NO_MEMORY(krb5_cc_env);
-               setenv(KRB5_ENV_CCNAME, krb5_cc_env, 1);
-       }
-
        *r = ctx;
 
        return WERR_OK;
diff --git a/source3/rpc_server/srv_wkssvc_nt.c 
b/source3/rpc_server/srv_wkssvc_nt.c
index d7f3f82..2367f55 100644
--- a/source3/rpc_server/srv_wkssvc_nt.c
+++ b/source3/rpc_server/srv_wkssvc_nt.c
@@ -845,7 +845,9 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p,
        j->in.msg_ctx           = smbd_messaging_context();
 
        become_root();
+       setenv(KRB5_ENV_CCNAME, "MEMORY:_wkssvc_NetrJoinDomain2", 1);
        werr = libnet_Join(p->mem_ctx, j);
+       unsetenv(KRB5_ENV_CCNAME);
        unbecome_root();
 
        if (!W_ERROR_IS_OK(werr)) {
@@ -911,7 +913,9 @@ WERROR _wkssvc_NetrUnjoinDomain2(pipes_struct *p,
        u->in.msg_ctx           = smbd_messaging_context();
 
        become_root();
+       setenv(KRB5_ENV_CCNAME, "MEMORY:_wkssvc_NetrUnjoinDomain2", 1);
        werr = libnet_Unjoin(p->mem_ctx, u);
+       unsetenv(KRB5_ENV_CCNAME);
        unbecome_root();
 
        if (!W_ERROR_IS_OK(werr)) {


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-5-test updated

Reply via email to