sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code

r11522: Add support for delegated credentials and machine account credentials

Browse Source 
to ldb, based on the sessionInfo we now pass around.

Andrew Bartlett
This commit is contained in:
Andrew Bartlett 2005-11-05 11:13:22 +00:00 committed by Gerald (Jerry) Carter
parent 130eb9bb9a
commit 84e16e4ea7
2 changed files with 28 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
source/auth/auth_util.c
View File

@ -553,6 +553,14 @@ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
NT_STATUS_NOT_OK_RETURN(nt_status);
session_info->credentials = cli_credentials_init(session_info);
if (!session_info->credentials) {
return NT_STATUS_NO_MEMORY;
}
cli_credentials_set_conf(session_info->credentials);
cli_credentials_set_anonymous(session_info->credentials);
*_session_info = session_info;
return NT_STATUS_OK;
@ -590,6 +598,18 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx,
NT_STATUS_NOT_OK_RETURN(nt_status);
session_info->credentials = cli_credentials_init(session_info);
if (!session_info->credentials) {
return NT_STATUS_NO_MEMORY;
}
cli_credentials_set_conf(session_info->credentials);
if (!NT_STATUS_IS_OK(cli_credentials_set_machine_account(session_info->credentials))) {
/* perhaps no credentials, we might not be joined to a domain */
talloc_free(session_info->credentials);
session_info->credentials = NULL;
}
*_session_info = session_info;
return NT_STATUS_OK;

10
source/lib/ldb/ldb_ildap/ldb_ildap.c
View File

@ -36,6 +36,7 @@
#include "libcli/ldap/ldap.h"
#include "libcli/ldap/ldap_client.h"
#include "lib/cmdline/popt_common.h"
#include "auth/auth.h"
struct ildb_private {
struct ldap_connection *ldap;
@ -459,9 +460,14 @@ int ildb_connect(struct ldb_context *ldb, const char *url,
ldb->modules->ops = &ildb_ops;
/* caller can optionally setup credentials using the opaque token 'credentials' */
creds = ldb_get_opaque(ldb, "credentials");
creds = talloc_get_type(ldb_get_opaque(ldb, "credentials"), struct cli_credentials);
if (creds == NULL) {
creds = cmdline_credentials;
struct auth_session_info *session_info = talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info);
if (session_info && session_info->credentials) {
creds = session_info->credentials;
} else {
creds = cmdline_credentials;
}
}
if (creds != NULL && cli_credentials_authentication_requested(creds)) {