1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s3-pdb: Break SECRETS3 dependency on PDB.

This is causing circular depdnendcies that bring libpdb in all code and this is
BAD.

This change 'protects' the sid and guid of the domain by adding a special key
that makes them effectively read only.

Limit this temporarily to the samba 4 build, once it gets some good testing the
samba4 ifdefs can be dropped.

fix pdb dependencies

Signed-off-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Simo Sorce 2012-01-26 15:27:54 -05:00 committed by Andreas Schneider
parent c543ce1028
commit e6c39a292c
4 changed files with 69 additions and 61 deletions

View File

@ -16,7 +16,7 @@ AUTH_SRC = '''auth.c
bld.SAMBA3_SUBSYSTEM('TOKEN_UTIL',
source='token_util.c',
deps='samba-util',
deps='samba-util pdb',
vars=locals())
bld.SAMBA3_SUBSYSTEM('USER_UTIL',

View File

@ -39,6 +39,7 @@
really secret. */
#define SECRETS_DOMAIN_SID "SECRETS/SID"
#define SECRETS_SAM_SID "SAM/SID"
#define SECRETS_PROTECT_IDS "SECRETS/PROTECT/IDS"
/* The domain GUID and server GUID (NOT the same) are also not secret */
#define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID"
@ -88,6 +89,10 @@ void secrets_shutdown(void);
void *secrets_fetch(const char *key, size_t *size);
bool secrets_store(const char *key, const void *data, size_t size);
bool secrets_delete(const char *key);
/* The following definitions come from passdb/machine_account_secrets.c */
bool secrets_mark_domain_protected(const char *domain);
bool secrets_clear_domain_protection(const char *domain);
bool secrets_store_domain_sid(const char *domain, const struct dom_sid *sid);
bool secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid);
bool secrets_store_domain_guid(const char *domain, struct GUID *guid);

View File

@ -53,19 +53,53 @@ static const char *domain_sid_keystr(const char *domain)
return keystr;
}
bool secrets_store_domain_sid(const char *domain, const struct dom_sid *sid)
static const char *protect_ids_keystr(const char *domain)
{
char *keystr;
keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
SECRETS_PROTECT_IDS, domain);
SMB_ASSERT(keystr != NULL);
return keystr;
}
/* N O T E: never use this outside of passdb modules that store the SID on their own */
bool secrets_mark_domain_protected(const char *domain)
{
bool ret;
ret = secrets_store(protect_ids_keystr(domain), "TRUE", 5);
if (!ret) {
DEBUG(0, ("Failed to protect the Domain IDs\n"));
}
return ret;
}
bool secrets_clear_domain_protection(const char *domain)
{
bool ret;
ret = secrets_delete(protect_ids_keystr(domain));
if (!ret) {
DEBUG(0, ("Failed to remove Domain IDs protection\n"));
}
return ret;
}
bool secrets_store_domain_sid(const char *domain, const struct dom_sid *sid)
{
char *protect_ids;
bool ret;
#if _SAMBA_BUILD_ == 4
if (strequal(domain, get_global_sam_name()) &&
(pdb_capabilities() & PDB_CAP_ADS)) {
/* If we have a ADS-capable passdb backend, we
* must never make up our own SID, it will
* already be in the directory */
DEBUG(0, ("Refusing to store a Domain SID, this should be read from the directory not stored here\n"));
protect_ids = secrets_fetch(protect_ids_keystr(domain), NULL);
if (protect_ids) {
if (strncmp(protect_ids, "TRUE", 4)) {
DEBUG(0, ("Refusing to store a Domain SID, "
"it has been marked as protected!\n"));
return false;
}
}
#endif
ret = secrets_store(domain_sid_keystr(domain), sid, sizeof(struct dom_sid ));
@ -81,24 +115,6 @@ bool secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid)
struct dom_sid *dyn_sid;
size_t size = 0;
#if _SAMBA_BUILD_ == 4
if (strequal(domain, get_global_sam_name()) &&
(pdb_capabilities() & PDB_CAP_ADS)) {
struct pdb_domain_info *domain_info;
domain_info = pdb_get_domain_info(talloc_tos());
if (!domain_info) {
/* If we have a ADS-capable passdb backend, we
* must never make up our own SID, it will
* already be in the directory */
DEBUG(0, ("Unable to fetch a Domain SID from the directory!\n"));
return false;
}
*sid = domain_info->sid;
return true;
}
#endif
dyn_sid = (struct dom_sid *)secrets_fetch(domain_sid_keystr(domain), &size);
if (dyn_sid == NULL)
@ -116,17 +132,18 @@ bool secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid)
bool secrets_store_domain_guid(const char *domain, struct GUID *guid)
{
char *protect_ids;
fstring key;
#if _SAMBA_BUILD_ == 4
if (strequal(domain, get_global_sam_name()) &&
(pdb_capabilities() & PDB_CAP_ADS)) {
/* If we have a ADS-capable passdb backend, we
* must never make up our own GUID, it will
* already be in the directory */
DEBUG(0, ("Refusing to store a Domain GUID, this should be read from the directory not stored here\n"));
protect_ids = secrets_fetch(protect_ids_keystr(domain), NULL);
if (protect_ids) {
if (strncmp(protect_ids, "TRUE", 4)) {
DEBUG(0, ("Refusing to store a Domain SID, "
"it has been marked as protected!\n"));
return false;
}
}
#endif
slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
@ -141,24 +158,6 @@ bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid)
size_t size = 0;
struct GUID new_guid;
#if _SAMBA_BUILD_ == 4
if (strequal(domain, get_global_sam_name()) &&
(pdb_capabilities() & PDB_CAP_ADS)) {
struct pdb_domain_info *domain_info;
domain_info = pdb_get_domain_info(talloc_tos());
if (!domain_info) {
/* If we have a ADS-capable passdb backend, we
* must never make up our own SID, it will
* already be in the directory */
DEBUG(0, ("Unable to fetch a Domain GUID from the directory!\n"));
return false;
}
*guid = domain_info->guid;
return true;
}
#endif
slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
strupper_m(key);
dyn_guid = (struct GUID *)secrets_fetch(key, &size);

View File

@ -692,7 +692,7 @@ bld.SAMBA3_LIBRARY('nss_wins',
bld.SAMBA3_LIBRARY('gse',
source='librpc/crypto/gse_krb5.c librpc/crypto/gse.c',
deps='KRB5_WRAP gensec param KRBCLIENT SECRETS3',
deps='KRB5_WRAP gensec param KRBCLIENT secrets3',
private_library=True)
bld.SAMBA3_LIBRARY('msrpc3',
@ -725,7 +725,7 @@ bld.SAMBA3_SUBSYSTEM('TLDAP',
bld.SAMBA3_LIBRARY('pdb',
source=PASSDB_SRC,
deps='SECRETS3 GROUPDB SERVER_MUTEX wbclient LIBCLI_AUTH flag_mapping',
deps='secrets3 GROUPDB SERVER_MUTEX wbclient LIBCLI_AUTH flag_mapping',
private_library=True,
public_headers='''
include/passdb.h
@ -800,7 +800,7 @@ bld.SAMBA3_LIBRARY('popt_samba3',
bld.SAMBA3_LIBRARY('util_cmdline',
source='lib/util_cmdline.c',
deps='SECRETS3 popt',
deps='secrets3 popt',
private_library=True)
bld.SAMBA3_SUBSYSTEM('KRBCLIENT',
@ -871,9 +871,13 @@ bld.SAMBA3_SUBSYSTEM('CLDAP',
deps='cli-ldap-common cli_cldap LIBTSOCKET',
vars=locals())
bld.SAMBA3_SUBSYSTEM('SECRETS3',
# NOTE: The secrets3 library is a low level library used by several subsystems.
# PLEASE DO NOT make it depend on high level libraries like PDB, if you are
# doing that your design is wrong and needs changing. -SSS
bld.SAMBA3_LIBRARY('secrets3',
source=SECRETS_SRC,
deps='NDR_SECRETS param samba3util dbwrap pdb',
deps='NDR_SECRETS param samba3util dbwrap',
private_library=True,
vars=locals())
bld.SAMBA3_LIBRARY('smbldap',
@ -1010,7 +1014,7 @@ bld.SAMBA3_SUBSYSTEM('FNAME_UTIL',
bld.SAMBA3_SUBSYSTEM('LIBNET',
source=LIBNET_SRC,
deps='NDR_LIBNET_JOIN INIT_SAMR net_keytab',
deps='NDR_LIBNET_JOIN INIT_SAMR net_keytab pdb',
vars=locals())
bld.SAMBA3_LIBRARY('net_keytab',
@ -1074,7 +1078,7 @@ bld.SAMBA3_SUBSYSTEM('DCUTIL',
bld.SAMBA3_LIBRARY('trusts_util',
source='libsmb/trusts_util.c',
deps='libcli_netlogon3 msrpc3',
deps='libcli_netlogon3 msrpc3 pdb',
vars=locals(),
private_library=True)
@ -1148,7 +1152,7 @@ bld.SAMBA3_LIBRARY('libcli_netlogon3',
bld.SAMBA3_LIBRARY('cli_spoolss',
source=LIBCLI_SPOOLSS_SRC,
deps='RPC_NDR_SPOOLSS param SECRETS3',
deps='RPC_NDR_SPOOLSS param secrets3',
private_library=True)
bld.SAMBA3_SUBSYSTEM('LIBCLI_WINREG',
@ -1359,7 +1363,7 @@ bld.SAMBA3_BINARY('smbta-util',
source=SMBTA_UTIL_SRC,
deps='''
talloc
SECRETS3
secrets3
param''',
vars=locals())