The branch, master has been updated
via 78075cf waf: Add talloc as a dependency
via 38d7617 sdb: Assert if the HDB flags will change
via ab08575 hdb-samba: Translate SDB errors to HDB errors
from a3af166 s4-torture: add test for CLUSCTL_NODE_GET_ID in
clusapi_NodeControl.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 78075cfcda6e6899f6a7e147b8d35ec258c4bb7d
Author: Andreas Schneider <a...@samba.org>
Date: Tue Aug 4 12:00:33 2015 +0200
waf: Add talloc as a dependency
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
Autobuild-User(master): Andrew Bartlett <abart...@samba.org>
Autobuild-Date(master): Wed Aug 5 04:08:30 CEST 2015 on sn-devel-104
commit 38d76178026761a871243c436d905664d2b6f57b
Author: Andreas Schneider <a...@samba.org>
Date: Mon Aug 3 13:10:28 2015 +0200
sdb: Assert if the HDB flags will change
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
commit ab0857540551648af28b6d1079d539e9b1b35e00
Author: Andreas Schneider <a...@samba.org>
Date: Tue Aug 4 11:35:45 2015 +0200
hdb-samba: Translate SDB errors to HDB errors
Signed-off-by: Andreas Schneider <a...@samba.org>
Reviewed-by: Andrew Bartlett <abart...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source4/kdc/hdb-samba4.c | 123 ++++++++++++++++++++++++++++++++++++----------
source4/kdc/sdb_to_hdb.c | 36 +++++++++++++-
source4/kdc/wscript_build | 4 +-
3 files changed, 133 insertions(+), 30 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index c8f26e0..14a974a 100644
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -95,24 +95,33 @@ static krb5_error_code hdb_samba4_fetch_kvno(krb5_context
context, HDB *db,
kdc_db_ctx = talloc_get_type_abort(db->hdb_db,
struct samba_kdc_db_context);
- code = samba_kdc_fetch(context,
- kdc_db_ctx,
- principal,
- flags,
- kvno,
- &sdb_entry_ex);
- /*
- * If SDB_ERR_WRONG_REALM is returned we need to process the sdb_entry
- * to fill the principal in the HDB entry.
- */
- if (code != 0 && code != SDB_ERR_WRONG_REALM) {
- return code;
+ ret = samba_kdc_fetch(context,
+ kdc_db_ctx,
+ principal,
+ flags,
+ kvno,
+ &sdb_entry_ex);
+ switch (ret) {
+ case 0:
+ code = 0;
+ break;
+ case SDB_ERR_WRONG_REALM:
+ /*
+ * If SDB_ERR_WRONG_REALM is returned we need to process the
+ * sdb_entry to fill the principal in the HDB entry.
+ */
+ code = HDB_ERR_WRONG_REALM;
+ break;
+ case SDB_ERR_NOENTRY:
+ return HDB_ERR_NOENTRY;
+ default:
+ return HDB_ERR_NOT_FOUND_HERE;
}
ret = sdb_entry_ex_to_hdb_entry_ex(context, &sdb_entry_ex, entry_ex);
sdb_free_entry(&sdb_entry_ex);
- if (code == 0 && ret != 0) {
+ if (code != 0 && ret != 0) {
code = ret;
}
@@ -130,8 +139,15 @@ static krb5_error_code hdb_samba4_firstkey(krb5_context
context, HDB *db, unsign
struct samba_kdc_db_context);
ret = samba_kdc_firstkey(context, kdc_db_ctx, &sdb_entry_ex);
- if (ret) {
- return ret;
+ switch (ret) {
+ case 0:
+ break;
+ case SDB_ERR_WRONG_REALM:
+ return HDB_ERR_WRONG_REALM;
+ case SDB_ERR_NOENTRY:
+ return HDB_ERR_NOENTRY;
+ default:
+ return HDB_ERR_NOT_FOUND_HERE;
}
ret = sdb_entry_ex_to_hdb_entry_ex(context, &sdb_entry_ex, entry);
@@ -150,8 +166,15 @@ static krb5_error_code hdb_samba4_nextkey(krb5_context
context, HDB *db, unsigne
struct samba_kdc_db_context);
ret = samba_kdc_nextkey(context, kdc_db_ctx, &sdb_entry_ex);
- if (ret) {
- return ret;
+ switch (ret) {
+ case 0:
+ break;
+ case SDB_ERR_WRONG_REALM:
+ return HDB_ERR_WRONG_REALM;
+ case SDB_ERR_NOENTRY:
+ return HDB_ERR_NOENTRY;
+ default:
+ return HDB_ERR_NOT_FOUND_HERE;
}
ret = sdb_entry_ex_to_hdb_entry_ex(context, &sdb_entry_ex, entry);
@@ -172,15 +195,31 @@ hdb_samba4_check_constrained_delegation(krb5_context
context, HDB *db,
{
struct samba_kdc_db_context *kdc_db_ctx;
struct samba_kdc_entry *skdc_entry;
+ krb5_error_code ret;
kdc_db_ctx = talloc_get_type_abort(db->hdb_db,
struct samba_kdc_db_context);
skdc_entry = talloc_get_type_abort(entry->ctx,
struct samba_kdc_entry);
- return samba_kdc_check_s4u2proxy(context, kdc_db_ctx,
- skdc_entry,
- target_principal);
+ ret = samba_kdc_check_s4u2proxy(context, kdc_db_ctx,
+ skdc_entry,
+ target_principal);
+ switch (ret) {
+ case 0:
+ break;
+ case SDB_ERR_WRONG_REALM:
+ ret = HDB_ERR_WRONG_REALM;
+ break;
+ case SDB_ERR_NOENTRY:
+ ret = HDB_ERR_NOENTRY;
+ break;
+ default:
+ ret = HDB_ERR_NOT_FOUND_HERE;
+ break;
+ }
+
+ return ret;
}
static krb5_error_code
@@ -190,15 +229,31 @@ hdb_samba4_check_pkinit_ms_upn_match(krb5_context
context, HDB *db,
{
struct samba_kdc_db_context *kdc_db_ctx;
struct samba_kdc_entry *skdc_entry;
+ krb5_error_code ret;
kdc_db_ctx = talloc_get_type_abort(db->hdb_db,
struct samba_kdc_db_context);
skdc_entry = talloc_get_type_abort(entry->ctx,
struct samba_kdc_entry);
- return samba_kdc_check_pkinit_ms_upn_match(context, kdc_db_ctx,
- skdc_entry,
- certificate_principal);
+ ret = samba_kdc_check_pkinit_ms_upn_match(context, kdc_db_ctx,
+ skdc_entry,
+ certificate_principal);
+ switch (ret) {
+ case 0:
+ break;
+ case SDB_ERR_WRONG_REALM:
+ ret = HDB_ERR_WRONG_REALM;
+ break;
+ case SDB_ERR_NOENTRY:
+ ret = HDB_ERR_NOENTRY;
+ break;
+ default:
+ ret = HDB_ERR_NOT_FOUND_HERE;
+ break;
+ }
+
+ return ret;
}
static krb5_error_code
@@ -208,15 +263,31 @@ hdb_samba4_check_s4u2self(krb5_context context, HDB *db,
{
struct samba_kdc_db_context *kdc_db_ctx;
struct samba_kdc_entry *skdc_entry;
+ krb5_error_code ret;
kdc_db_ctx = talloc_get_type_abort(db->hdb_db,
struct samba_kdc_db_context);
skdc_entry = talloc_get_type_abort(entry->ctx,
struct samba_kdc_entry);
- return samba_kdc_check_s4u2self(context, kdc_db_ctx,
- skdc_entry,
- target_principal);
+ ret = samba_kdc_check_s4u2self(context, kdc_db_ctx,
+ skdc_entry,
+ target_principal);
+ switch (ret) {
+ case 0:
+ break;
+ case SDB_ERR_WRONG_REALM:
+ ret = HDB_ERR_WRONG_REALM;
+ break;
+ case SDB_ERR_NOENTRY:
+ ret = HDB_ERR_NOENTRY;
+ break;
+ default:
+ ret = HDB_ERR_NOT_FOUND_HERE;
+ break;
+ }
+
+ return ret;
}
static krb5_error_code hdb_samba4_auth_status(krb5_context context, HDB *db,
diff --git a/source4/kdc/sdb_to_hdb.c b/source4/kdc/sdb_to_hdb.c
index e11d616..7ac0b0e 100644
--- a/source4/kdc/sdb_to_hdb.c
+++ b/source4/kdc/sdb_to_hdb.c
@@ -31,8 +31,40 @@
static void sdb_flags_to_hdb_flags(const struct SDBFlags *s,
HDBFlags *h)
{
- /* as long as we are a 100% copy... */
- memcpy(h, s, sizeof(*s));
+ SMB_ASSERT(sizeof(struct SDBFlags) == sizeof(HDBFlags));
+
+ h->initial = s->initial;
+ h->forwardable = s->forwardable;
+ h->proxiable = s->proxiable;
+ h->renewable = s->renewable;
+ h->postdate = s->postdate;
+ h->server = s->server;
+ h->client = s->client;
+ h->invalid = s->invalid;
+ h->require_preauth = s->require_preauth;
+ h->change_pw = s->change_pw;
+ h->require_hwauth = s->require_hwauth;
+ h->ok_as_delegate = s->ok_as_delegate;
+ h->user_to_user = s->user_to_user;
+ h->immutable = s->immutable;
+ h->trusted_for_delegation = s->trusted_for_delegation;
+ h->allow_kerberos4 = s->allow_kerberos4;
+ h->allow_digest = s->allow_digest;
+ h->locked_out = s->locked_out;
+ h->_unused18 = s->_unused18;
+ h->_unused19 = s->_unused19;
+ h->_unused20 = s->_unused20;
+ h->_unused21 = s->_unused21;
+ h->_unused22 = s->_unused22;
+ h->_unused23 = s->_unused23;
+ h->_unused24 = s->_unused24;
+ h->_unused25 = s->_unused25;
+ h->_unused26 = s->_unused26;
+ h->_unused27 = s->_unused27;
+ h->_unused28 = s->_unused28;
+ h->_unused29 = s->_unused29;
+ h->_unused30 = s->_unused30;
+ h->do_not_store = s->do_not_store;
}
static int sdb_salt_to_Salt(const struct sdb_salt *s, Salt *h)
diff --git a/source4/kdc/wscript_build b/source4/kdc/wscript_build
index 7b8fcb1..2abafa6 100755
--- a/source4/kdc/wscript_build
+++ b/source4/kdc/wscript_build
@@ -61,13 +61,13 @@ bld.SAMBA_SUBSYSTEM('WDC_SAMBA4',
bld.SAMBA_SUBSYSTEM('sdb',
source='sdb.c',
includes=kdc_include,
- deps='krb5',
+ deps='talloc krb5',
)
bld.SAMBA_SUBSYSTEM('sdb_hdb',
source='sdb_to_hdb.c',
includes=kdc_include,
- deps='sdb hdb',
+ deps='talloc sdb hdb',
autoproto='sdb_hdb.h',
enabled=bld.CONFIG_SET('SAMBA4_USES_HEIMDAL')
)
--
Samba Shared Repository
