mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
r26234: More global_loadparm fixes.
This commit is contained in:
parent
7780bf285f
commit
84892d030d
@ -30,6 +30,7 @@
|
||||
* except in case USER_INFO_DONT_CHECK_UNIX_ACCOUNT is set
|
||||
*/
|
||||
static NTSTATUS authunix_make_server_info(TALLOC_CTX *mem_ctx,
|
||||
const char *netbios_name,
|
||||
const struct auth_usersupplied_info *user_info,
|
||||
struct passwd *pwd,
|
||||
struct auth_serversupplied_info **_server_info)
|
||||
@ -39,7 +40,7 @@ static NTSTATUS authunix_make_server_info(TALLOC_CTX *mem_ctx,
|
||||
|
||||
/* This is a real, real hack */
|
||||
if (pwd->pw_uid == 0) {
|
||||
status = auth_system_server_info(mem_ctx, &server_info);
|
||||
status = auth_system_server_info(mem_ctx, netbios_name, &server_info);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
@ -810,7 +811,8 @@ static NTSTATUS authunix_check_password(struct auth_method_context *ctx,
|
||||
return nt_status;
|
||||
}
|
||||
|
||||
nt_status = authunix_make_server_info(mem_ctx, user_info, pwd, server_info);
|
||||
nt_status = authunix_make_server_info(mem_ctx, lp_netbios_name(ctx->auth_ctx->lp_ctx),
|
||||
user_info, pwd, server_info);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
talloc_free(check_ctx);
|
||||
return nt_status;
|
||||
|
@ -142,7 +142,8 @@ static int gensec_gssapi_destructor(struct gensec_gssapi_state *gensec_gssapi_st
|
||||
return 0;
|
||||
}
|
||||
|
||||
static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
|
||||
static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security,
|
||||
struct loadparm_context *lp_ctx)
|
||||
{
|
||||
struct gensec_gssapi_state *gensec_gssapi_state;
|
||||
krb5_error_code ret;
|
||||
@ -155,7 +156,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
|
||||
|
||||
gensec_gssapi_state->gss_exchange_count = 0;
|
||||
gensec_gssapi_state->max_wrap_buf_size
|
||||
= lp_parm_int(global_loadparm, NULL, "gensec_gssapi", "max wrap buf size", 65536);
|
||||
= lp_parm_int(lp_ctx, NULL, "gensec_gssapi", "max wrap buf size", 65536);
|
||||
|
||||
gensec_gssapi_state->sasl = false;
|
||||
gensec_gssapi_state->sasl_state = STAGE_GSS_NEG;
|
||||
@ -170,16 +171,16 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
|
||||
gensec_gssapi_state->input_chan_bindings = GSS_C_NO_CHANNEL_BINDINGS;
|
||||
|
||||
gensec_gssapi_state->want_flags = 0;
|
||||
if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "mutual", true)) {
|
||||
if (lp_parm_bool(lp_ctx, NULL, "gensec_gssapi", "mutual", true)) {
|
||||
gensec_gssapi_state->want_flags |= GSS_C_MUTUAL_FLAG;
|
||||
}
|
||||
if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "delegation", true)) {
|
||||
if (lp_parm_bool(lp_ctx, NULL, "gensec_gssapi", "delegation", true)) {
|
||||
gensec_gssapi_state->want_flags |= GSS_C_DELEG_FLAG;
|
||||
}
|
||||
if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "replay", true)) {
|
||||
if (lp_parm_bool(lp_ctx, NULL, "gensec_gssapi", "replay", true)) {
|
||||
gensec_gssapi_state->want_flags |= GSS_C_REPLAY_FLAG;
|
||||
}
|
||||
if (lp_parm_bool(global_loadparm, NULL, "gensec_gssapi", "sequence", true)) {
|
||||
if (lp_parm_bool(lp_ctx, NULL, "gensec_gssapi", "sequence", true)) {
|
||||
gensec_gssapi_state->want_flags |= GSS_C_SEQUENCE_FLAG;
|
||||
}
|
||||
|
||||
@ -213,10 +214,10 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
|
||||
talloc_free(gensec_gssapi_state);
|
||||
return NT_STATUS_INTERNAL_ERROR;
|
||||
}
|
||||
if (lp_realm(global_loadparm) && *lp_realm(global_loadparm)) {
|
||||
char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(global_loadparm));
|
||||
if (lp_realm(lp_ctx) && *lp_realm(lp_ctx)) {
|
||||
char *upper_realm = strupper_talloc(gensec_gssapi_state, lp_realm(lp_ctx));
|
||||
if (!upper_realm) {
|
||||
DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(global_loadparm)));
|
||||
DEBUG(1,("gensec_krb5_start: could not uppercase realm: %s\n", lp_realm(lp_ctx)));
|
||||
talloc_free(gensec_gssapi_state);
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
@ -230,7 +231,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
|
||||
}
|
||||
|
||||
/* don't do DNS lookups of any kind, it might/will fail for a netbios name */
|
||||
ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(global_loadparm, NULL, "krb5", "set_dns_canonicalize", false));
|
||||
ret = gsskrb5_set_dns_canonicalize(lp_parm_bool(lp_ctx, NULL, "krb5", "set_dns_canonicalize", false));
|
||||
if (ret) {
|
||||
DEBUG(1,("gensec_krb5_start: gsskrb5_set_dns_canonicalize failed\n"));
|
||||
talloc_free(gensec_gssapi_state);
|
||||
@ -239,7 +240,7 @@ static NTSTATUS gensec_gssapi_start(struct gensec_security *gensec_security)
|
||||
|
||||
ret = smb_krb5_init_context(gensec_gssapi_state,
|
||||
gensec_security->event_ctx,
|
||||
global_loadparm,
|
||||
lp_ctx,
|
||||
&gensec_gssapi_state->smb_krb5_context);
|
||||
if (ret) {
|
||||
DEBUG(1,("gensec_krb5_start: krb5_init_context failed (%s)\n",
|
||||
@ -258,7 +259,7 @@ static NTSTATUS gensec_gssapi_server_start(struct gensec_security *gensec_securi
|
||||
struct cli_credentials *machine_account;
|
||||
struct gssapi_creds_container *gcc;
|
||||
|
||||
nt_status = gensec_gssapi_start(gensec_security);
|
||||
nt_status = gensec_gssapi_start(gensec_security, global_loadparm);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
return nt_status;
|
||||
}
|
||||
@ -323,7 +324,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
|
||||
return NT_STATUS_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
nt_status = gensec_gssapi_start(gensec_security);
|
||||
nt_status = gensec_gssapi_start(gensec_security, global_loadparm);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
return nt_status;
|
||||
}
|
||||
|
@ -29,6 +29,7 @@
|
||||
#include "auth/gensec/schannel_state.h"
|
||||
#include "auth/gensec/schannel_proto.h"
|
||||
#include "librpc/rpc/dcerpc.h"
|
||||
#include "param/param.h"
|
||||
|
||||
static size_t schannel_sig_size(struct gensec_security *gensec_security, size_t data_size)
|
||||
{
|
||||
@ -119,7 +120,7 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
|
||||
}
|
||||
|
||||
/* pull the session key for this client */
|
||||
status = schannel_fetch_session_key(out_mem_ctx, workstation,
|
||||
status = schannel_fetch_session_key(out_mem_ctx, global_loadparm, workstation,
|
||||
domain, &creds);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(3, ("Could not find session key for attempted schannel connection from %s: %s\n",
|
||||
|
@ -137,13 +137,14 @@ NTSTATUS schannel_store_session_key_ldb(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
|
||||
struct loadparm_context *lp_ctx,
|
||||
struct creds_CredentialState *creds)
|
||||
{
|
||||
struct ldb_context *ldb;
|
||||
NTSTATUS nt_status;
|
||||
int ret;
|
||||
|
||||
ldb = schannel_db_connect(mem_ctx, global_loadparm);
|
||||
ldb = schannel_db_connect(mem_ctx, lp_ctx);
|
||||
if (!ldb) {
|
||||
return NT_STATUS_ACCESS_DENIED;
|
||||
}
|
||||
@ -267,6 +268,7 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
|
||||
struct loadparm_context *lp_ctx,
|
||||
const char *computer_name,
|
||||
const char *domain,
|
||||
struct creds_CredentialState **creds)
|
||||
@ -274,7 +276,7 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
|
||||
NTSTATUS nt_status;
|
||||
struct ldb_context *ldb;
|
||||
|
||||
ldb = schannel_db_connect(mem_ctx, global_loadparm);
|
||||
ldb = schannel_db_connect(mem_ctx, lp_ctx);
|
||||
if (!ldb) {
|
||||
return NT_STATUS_ACCESS_DENIED;
|
||||
}
|
||||
|
@ -171,7 +171,7 @@ static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx,
|
||||
struct auth_session_info *session_info = NULL;
|
||||
TALLOC_CTX *mem_ctx = talloc_new(parent_ctx);
|
||||
|
||||
nt_status = auth_system_server_info(mem_ctx,
|
||||
nt_status = auth_system_server_info(mem_ctx, lp_netbios_name(global_loadparm),
|
||||
&server_info);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
talloc_free(mem_ctx);
|
||||
@ -225,7 +225,7 @@ _PUBLIC_ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx,
|
||||
_session_info);
|
||||
}
|
||||
|
||||
NTSTATUS auth_system_server_info(TALLOC_CTX *mem_ctx,
|
||||
NTSTATUS auth_system_server_info(TALLOC_CTX *mem_ctx, const char *netbios_name,
|
||||
struct auth_serversupplied_info **_server_info)
|
||||
{
|
||||
struct auth_serversupplied_info *server_info;
|
||||
@ -274,7 +274,7 @@ NTSTATUS auth_system_server_info(TALLOC_CTX *mem_ctx,
|
||||
server_info->home_drive = talloc_strdup(server_info, "");
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
|
||||
|
||||
server_info->logon_server = talloc_strdup(server_info, lp_netbios_name(global_loadparm));
|
||||
server_info->logon_server = talloc_strdup(server_info, netbios_name);
|
||||
NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
|
||||
|
||||
server_info->last_logon = 0;
|
||||
|
@ -3066,13 +3066,13 @@ static int do_host_query(const char *query_host, const char *workgroup)
|
||||
/****************************************************************************
|
||||
handle a message operation
|
||||
****************************************************************************/
|
||||
static int do_message_op(const char *desthost, const char *destip, int name_type)
|
||||
static int do_message_op(const char *netbios_name, const char *desthost, const char *destip, int name_type)
|
||||
{
|
||||
struct nbt_name called, calling;
|
||||
const char *server_name;
|
||||
struct smbcli_state *cli;
|
||||
|
||||
make_nbt_name_client(&calling, lp_netbios_name(global_loadparm));
|
||||
make_nbt_name_client(&calling, netbios_name);
|
||||
|
||||
nbt_choose_called_name(NULL, &called, desthost, name_type);
|
||||
|
||||
@ -3223,7 +3223,7 @@ static int do_message_op(const char *desthost, const char *destip, int name_type
|
||||
}
|
||||
|
||||
if (message) {
|
||||
return do_message_op(desthost, dest_ip, name_type);
|
||||
return do_message_op(lp_netbios_name(global_loadparm), desthost, dest_ip, name_type);
|
||||
}
|
||||
|
||||
|
||||
|
@ -111,7 +111,7 @@ static void usr1_handler(int x)
|
||||
/*****************************************************
|
||||
return a connection to a server
|
||||
*******************************************************/
|
||||
static struct smbcli_state *do_connection(char *the_service)
|
||||
static struct smbcli_state *do_connection(char *the_service, int maxprotocol)
|
||||
{
|
||||
struct smbcli_state *c;
|
||||
struct nmb_name called, calling;
|
||||
@ -181,7 +181,7 @@ static struct smbcli_state *do_connection(char *the_service)
|
||||
|
||||
DEBUG(4,("%d: session request ok\n", sys_getpid()));
|
||||
|
||||
if (!smbcli_negprot(c, lp_cli_maxprotocol(global_loadparm))) {
|
||||
if (!smbcli_negprot(c, maxprotocol)) {
|
||||
DEBUG(0,("%d: protocol negotiation failed\n", sys_getpid()));
|
||||
talloc_free(c);
|
||||
return NULL;
|
||||
@ -434,7 +434,7 @@ static void init_mount(void)
|
||||
}
|
||||
|
||||
|
||||
c = do_connection(service);
|
||||
c = do_connection(service, lp_cli_maxprotocol(global_loadparm));
|
||||
if (!c) {
|
||||
fprintf(stderr,"SMB connection failed\n");
|
||||
exit(1);
|
||||
|
@ -1196,6 +1196,7 @@ NTSTATUS crack_service_principal_name(struct ldb_context *sam_ctx,
|
||||
}
|
||||
|
||||
NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
|
||||
struct loadparm_context *lp_ctx,
|
||||
uint32_t format_offered,
|
||||
const char *name,
|
||||
const char **nt4_domain, const char **nt4_account)
|
||||
@ -1212,7 +1213,7 @@ NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
|
||||
return NT_STATUS_OK;
|
||||
}
|
||||
|
||||
ldb = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx));
|
||||
ldb = samdb_connect(mem_ctx, lp_ctx, system_session(mem_ctx));
|
||||
if (ldb == NULL) {
|
||||
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
||||
}
|
||||
@ -1257,6 +1258,7 @@ NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
|
||||
NTSTATUS crack_auto_name_to_nt4_name(TALLOC_CTX *mem_ctx,
|
||||
struct loadparm_context *lp_ctx,
|
||||
const char *name,
|
||||
const char **nt4_domain,
|
||||
const char **nt4_account)
|
||||
@ -1280,5 +1282,5 @@ NTSTATUS crack_auto_name_to_nt4_name(TALLOC_CTX *mem_ctx,
|
||||
format_offered = DRSUAPI_DS_NAME_FORMAT_CANONICAL;
|
||||
}
|
||||
|
||||
return crack_name_to_nt4_name(mem_ctx, format_offered, name, nt4_domain, nt4_account);
|
||||
return crack_name_to_nt4_name(mem_ctx, lp_ctx, format_offered, name, nt4_domain, nt4_account);
|
||||
}
|
||||
|
@ -45,7 +45,7 @@ static NTSTATUS ldapsrv_BindSimple(struct ldapsrv_call *call)
|
||||
|
||||
DEBUG(10, ("BindSimple dn: %s\n",req->dn));
|
||||
|
||||
status = crack_auto_name_to_nt4_name(call, req->dn, &nt4_domain, &nt4_account);
|
||||
status = crack_auto_name_to_nt4_name(call, global_loadparm, req->dn, &nt4_domain, &nt4_account);
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
status = authenticate_username_pw(call,
|
||||
call->conn->connection->event.ctx,
|
||||
|
@ -217,7 +217,7 @@ static NTSTATUS dcesrv_lsa_lookup_name(struct lsa_policy_state *state, TALLOC_CT
|
||||
}
|
||||
username = p + 1;
|
||||
} else if (strchr_m(name, '@')) {
|
||||
status = crack_name_to_nt4_name(mem_ctx, DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL, name, &domain, &username);
|
||||
status = crack_name_to_nt4_name(mem_ctx, global_loadparm, DRSUAPI_DS_NAME_FORMAT_USER_PRINCIPAL, name, &domain, &username);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return status;
|
||||
}
|
||||
|
@ -173,7 +173,7 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca
|
||||
|
||||
|
||||
/* remember this session key state */
|
||||
nt_status = schannel_store_session_key(mem_ctx, creds);
|
||||
nt_status = schannel_store_session_key(mem_ctx, global_loadparm, creds);
|
||||
|
||||
return nt_status;
|
||||
}
|
||||
@ -555,7 +555,7 @@ static NTSTATUS dcesrv_netr_LogonSamLogonEx(struct dcesrv_call_state *dce_call,
|
||||
{
|
||||
NTSTATUS nt_status;
|
||||
struct creds_CredentialState *creds;
|
||||
nt_status = schannel_fetch_session_key(mem_ctx, r->in.computer_name, lp_workgroup(global_loadparm), &creds);
|
||||
nt_status = schannel_fetch_session_key(mem_ctx, global_loadparm, r->in.computer_name, lp_workgroup(global_loadparm), &creds);
|
||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||
return nt_status;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user