The branch, master has been updated via 6063e8016fc s4:kdc: Translate HDB flags to SDB flags via 2a0d6c11330 s4:kdc: Remove trailing spaces in hdb-samba4.c via 63e00f81b5d s4:kdc: Add a HDB to SDB mask from 0eecfddd071 s3/rpc_server: install elasticsearch_mappings.json
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 6063e8016fccbefd1c3fe378e3807c77bc04e4ec Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 26 08:44:13 2022 +0100 s4:kdc: Translate HDB flags to SDB flags We used to have a 1 to 1 mapping, but now we have a conflict with these: #define SDB_F_FORCE_CANON 16384 #define HDB_F_PRECHECK 16384 We currently don't really care about HDB_F_PRECHECK, so we can just filter it out. In the long run we may change the SDB flags space to uint64... BUG: https://bugzilla.samba.org/show_bug.cgi?id=14960 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org> Autobuild-Date(master): Fri Jan 28 13:33:22 UTC 2022 on sn-devel-184 commit 2a0d6c11330c40f5692dc07ed6482c7107035bd4 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 26 08:43:41 2022 +0100 s4:kdc: Remove trailing spaces in hdb-samba4.c BUG: https://bugzilla.samba.org/show_bug.cgi?id=14960 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 63e00f81b5dd05b50e6ac286e87b8637a4ecd7e0 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 26 08:39:50 2022 +0100 s4:kdc: Add a HDB to SDB mask For most flags the mapping is 1 to 1, but it's not always the case anymore. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14960 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: source4/kdc/hdb-samba4.c | 12 ++++++++---- source4/kdc/sdb.h | 12 ++++++++++++ 2 files changed, 20 insertions(+), 4 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c index c0ec4bd3cd8..71260d3ed0a 100644 --- a/source4/kdc/hdb-samba4.c +++ b/source4/kdc/hdb-samba4.c @@ -223,6 +223,8 @@ static krb5_error_code hdb_samba4_fetch_kvno(krb5_context context, HDB *db, struct samba_kdc_db_context *kdc_db_ctx; struct sdb_entry_ex sdb_entry_ex = {}; krb5_error_code code, ret; + uint32_t sflags; + kdc_db_ctx = talloc_get_type_abort(db->hdb_db, struct samba_kdc_db_context); @@ -232,10 +234,12 @@ static krb5_error_code hdb_samba4_fetch_kvno(krb5_context context, HDB *db, entry_ex); } + sflags = (flags & SDB_F_HDB_MASK); + ret = samba_kdc_fetch(context, kdc_db_ctx, principal, - flags, + sflags, kvno, &sdb_entry_ex); switch (ret) { @@ -486,12 +490,12 @@ static void send_bad_password_netlogon(TALLOC_CTX *mem_ctx, req.in.validation_level = 3; - /* + /* * The memory in identity_info and user_info only needs to be * valid until the end of this function call, as it will be - * pushed to NDR during this call + * pushed to NDR during this call */ - + dcerpc_winbind_SamLogon_r_send(mem_ctx, kdc_db_ctx->ev_ctx, irpc_handle, &req); } diff --git a/source4/kdc/sdb.h b/source4/kdc/sdb.h index 19d9b920278..cf7060bd169 100644 --- a/source4/kdc/sdb.h +++ b/source4/kdc/sdb.h @@ -116,6 +116,18 @@ struct sdb_entry_ex { #define SDB_F_KVNO_SPECIFIED 128 /* we want a particular KVNO */ #define SDB_F_FOR_AS_REQ 4096 /* fetch is for a AS REQ */ #define SDB_F_FOR_TGS_REQ 8192 /* fetch is for a TGS REQ */ + +#define SDB_F_HDB_MASK (SDB_F_DECRYPT | \ + SDB_F_GET_CLIENT| \ + SDB_F_GET_SERVER | \ + SDB_F_GET_KRBTGT | \ + SDB_F_CANON | \ + SDB_F_ADMIN_DATA | \ + SDB_F_KVNO_SPECIFIED | \ + SDB_F_FOR_AS_REQ | \ + SDB_F_FOR_TGS_REQ) + +/* This is not supported by HDB */ #define SDB_F_FORCE_CANON 16384 /* force canonicalition */ void sdb_free_entry(struct sdb_entry_ex *e); -- Samba Shared Repository