mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s4:libnet: Pass SDB_F_ADMIN_DATA flag through to samba_kdc_message2entry()
This will allow us to specify whether to specify this flag for a keytab export. Signed-off-by: Jo Sutton <josutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
aa8aeeb655
commit
048de3da01
@ -3311,6 +3311,7 @@ struct samba_kdc_seq {
|
||||
|
||||
static krb5_error_code samba_kdc_seq(krb5_context context,
|
||||
struct samba_kdc_db_context *kdc_db_ctx,
|
||||
const unsigned sdb_flags,
|
||||
struct sdb_entry *entry)
|
||||
{
|
||||
krb5_error_code ret;
|
||||
@ -3364,7 +3365,7 @@ static krb5_error_code samba_kdc_seq(krb5_context context,
|
||||
|
||||
ret = samba_kdc_message2entry(context, kdc_db_ctx, mem_ctx,
|
||||
principal, SAMBA_KDC_ENT_TYPE_ANY,
|
||||
SDB_F_ADMIN_DATA|SDB_F_GET_ANY,
|
||||
sdb_flags|SDB_F_GET_ANY,
|
||||
0 /* kvno */,
|
||||
priv->realm_dn, msg, entry);
|
||||
krb5_free_principal(context, principal);
|
||||
@ -3420,7 +3421,7 @@ trusts:
|
||||
mem_ctx,
|
||||
trust_direction,
|
||||
priv->realm_dn,
|
||||
SDB_F_ADMIN_DATA|SDB_F_GET_ANY,
|
||||
sdb_flags|SDB_F_GET_ANY,
|
||||
0, /* kvno */
|
||||
msg,
|
||||
entry);
|
||||
@ -3436,6 +3437,7 @@ trusts:
|
||||
|
||||
krb5_error_code samba_kdc_firstkey(krb5_context context,
|
||||
struct samba_kdc_db_context *kdc_db_ctx,
|
||||
const unsigned sdb_flags,
|
||||
struct sdb_entry *entry)
|
||||
{
|
||||
struct ldb_context *ldb_ctx = kdc_db_ctx->samdb;
|
||||
@ -3500,7 +3502,7 @@ krb5_error_code samba_kdc_firstkey(krb5_context context,
|
||||
|
||||
kdc_db_ctx->seq_ctx = priv;
|
||||
|
||||
ret = samba_kdc_seq(context, kdc_db_ctx, entry);
|
||||
ret = samba_kdc_seq(context, kdc_db_ctx, sdb_flags, entry);
|
||||
|
||||
if (ret != 0) {
|
||||
TALLOC_FREE(priv);
|
||||
@ -3511,9 +3513,10 @@ krb5_error_code samba_kdc_firstkey(krb5_context context,
|
||||
|
||||
krb5_error_code samba_kdc_nextkey(krb5_context context,
|
||||
struct samba_kdc_db_context *kdc_db_ctx,
|
||||
const unsigned sdb_flags,
|
||||
struct sdb_entry *entry)
|
||||
{
|
||||
return samba_kdc_seq(context, kdc_db_ctx, entry);
|
||||
return samba_kdc_seq(context, kdc_db_ctx, sdb_flags, entry);
|
||||
}
|
||||
|
||||
/* Check if a given entry may delegate or do s4u2self to this target principal
|
||||
|
@ -68,10 +68,12 @@ krb5_error_code samba_kdc_fetch(krb5_context context,
|
||||
|
||||
krb5_error_code samba_kdc_firstkey(krb5_context context,
|
||||
struct samba_kdc_db_context *kdc_db_ctx,
|
||||
const unsigned sdb_flags,
|
||||
struct sdb_entry *entry);
|
||||
|
||||
krb5_error_code samba_kdc_nextkey(krb5_context context,
|
||||
struct samba_kdc_db_context *kdc_db_ctx,
|
||||
const unsigned sdb_flags,
|
||||
struct sdb_entry *entry);
|
||||
|
||||
krb5_error_code
|
||||
|
@ -237,7 +237,7 @@ static krb5_error_code hdb_samba4_firstkey(krb5_context context, HDB *db, unsign
|
||||
kdc_db_ctx = talloc_get_type_abort(db->hdb_db,
|
||||
struct samba_kdc_db_context);
|
||||
|
||||
ret = samba_kdc_firstkey(context, kdc_db_ctx, &sentry);
|
||||
ret = samba_kdc_firstkey(context, kdc_db_ctx, SDB_F_ADMIN_DATA, &sentry);
|
||||
switch (ret) {
|
||||
case 0:
|
||||
break;
|
||||
@ -266,7 +266,7 @@ static krb5_error_code hdb_samba4_nextkey(krb5_context context, HDB *db, unsigne
|
||||
kdc_db_ctx = talloc_get_type_abort(db->hdb_db,
|
||||
struct samba_kdc_db_context);
|
||||
|
||||
ret = samba_kdc_nextkey(context, kdc_db_ctx, &sentry);
|
||||
ret = samba_kdc_nextkey(context, kdc_db_ctx, SDB_F_ADMIN_DATA, &sentry);
|
||||
switch (ret) {
|
||||
case 0:
|
||||
break;
|
||||
|
@ -348,7 +348,7 @@ krb5_error_code mit_samba_get_firstkey(struct mit_samba_context *ctx,
|
||||
return ENOMEM;
|
||||
}
|
||||
|
||||
ret = samba_kdc_firstkey(ctx->context, ctx->db_ctx, &sentry);
|
||||
ret = samba_kdc_firstkey(ctx->context, ctx->db_ctx, SDB_F_ADMIN_DATA, &sentry);
|
||||
switch (ret) {
|
||||
case 0:
|
||||
break;
|
||||
@ -386,7 +386,7 @@ krb5_error_code mit_samba_get_nextkey(struct mit_samba_context *ctx,
|
||||
return ENOMEM;
|
||||
}
|
||||
|
||||
ret = samba_kdc_nextkey(ctx->context, ctx->db_ctx, &sentry);
|
||||
ret = samba_kdc_nextkey(ctx->context, ctx->db_ctx, SDB_F_ADMIN_DATA, &sentry);
|
||||
switch (ret) {
|
||||
case 0:
|
||||
break;
|
||||
|
@ -37,6 +37,7 @@ static NTSTATUS sdb_kt_copy(TALLOC_CTX *mem_ctx,
|
||||
const char *principal,
|
||||
bool keep_stale_entries,
|
||||
bool include_historic_keys,
|
||||
const unsigned sdb_flags,
|
||||
const char **error_string)
|
||||
{
|
||||
struct sdb_entry sentry = {};
|
||||
@ -74,15 +75,15 @@ static NTSTATUS sdb_kt_copy(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
code = samba_kdc_fetch(context, db_ctx, k5_princ,
|
||||
SDB_F_GET_ANY | SDB_F_ADMIN_DATA,
|
||||
SDB_F_GET_ANY | sdb_flags,
|
||||
0, &sentry);
|
||||
|
||||
krb5_free_principal(context, k5_princ);
|
||||
} else {
|
||||
code = samba_kdc_firstkey(context, db_ctx, &sentry);
|
||||
code = samba_kdc_firstkey(context, db_ctx, sdb_flags, &sentry);
|
||||
}
|
||||
|
||||
for (; code == 0; code = samba_kdc_nextkey(context, db_ctx, &sentry)) {
|
||||
for (; code == 0; code = samba_kdc_nextkey(context, db_ctx, sdb_flags, &sentry)) {
|
||||
int i;
|
||||
bool found_previous = false;
|
||||
tmp_ctx = talloc_new(mem_ctx);
|
||||
@ -352,6 +353,7 @@ NTSTATUS libnet_export_keytab(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, s
|
||||
struct samba_kdc_base_context *base_ctx;
|
||||
struct samba_kdc_db_context *db_ctx = NULL;
|
||||
const char *error_string = NULL;
|
||||
unsigned sdb_flags;
|
||||
NTSTATUS status;
|
||||
|
||||
bool keep_stale_entries = r->in.keep_stale_entries;
|
||||
@ -408,6 +410,7 @@ NTSTATUS libnet_export_keytab(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, s
|
||||
}
|
||||
}
|
||||
|
||||
sdb_flags = SDB_F_ADMIN_DATA;
|
||||
|
||||
status = sdb_kt_copy(mem_ctx,
|
||||
smb_krb5_context,
|
||||
@ -416,6 +419,7 @@ NTSTATUS libnet_export_keytab(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, s
|
||||
r->in.principal,
|
||||
keep_stale_entries,
|
||||
!r->in.only_current_keys,
|
||||
sdb_flags,
|
||||
&error_string);
|
||||
|
||||
talloc_free(db_ctx);
|
||||
|
Loading…
Reference in New Issue
Block a user