1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/libcli/auth/wscript_build
Stefan Metzmacher 6e6d9f9f12 libcli/auth: add netlogon_creds_cli* infrastructure
This provides an abstraction to hide netlogon_creds_CredentialState,
which is stored in a node local tdb.

Where the global state (netlogon_creds_CredentialState) between client and
server was only kept in memory (on the client side), we now use
the abstracted netlogon_creds_cli_context.

We now use a node specific computer name in order to establish
individual netlogon sessions per node.

If the caller wants to use some netlogon calls with credential chain
(struct netr_Authenticator), netlogon_creds_cli_lock*() is used
to get the current netlogon_creds_CredentialState in a g_lock'ed
fashion, a talloc_free() will release the lock.

The locking is needed as there might be more than one process
(multiple winbindd child, cmdline tools) which want to talk
to a specific domain controller. The usage of netlogon_creds_CredentialState
needs to be serialized as it uses sequence numbers.

LogonSamLogonEx doesn't use the credential chain, but for some operations
it needs the global session in order to de/encrypt individual fields.
It uses the lockless netlogon_creds_cli_get() and netlogon_creds_cli_validate()
functions, which just make sure the session hasn't changed between
get and validate.

This is prepares the proper fix for a large number of bugs:
https://bugzilla.samba.org/show_bug.cgi?id=6563
https://bugzilla.samba.org/show_bug.cgi?id=7944
https://bugzilla.samba.org/show_bug.cgi?id=7945
https://bugzilla.samba.org/show_bug.cgi?id=7568
https://bugzilla.samba.org/show_bug.cgi?id=8599

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-01-07 12:47:03 +01:00

44 lines
1.2 KiB
Python
Executable File

#!/usr/bin/env python
bld.SAMBA_LIBRARY('cliauth',
source='',
deps='MSRPC_PARSE LIBCLI_AUTH COMMON_SCHANNEL PAM_ERRORS SPNEGO_PARSE krb5samba errors NTLM_CHECK UTIL_LSARPC',
private_library=True,
grouping_library=True)
bld.SAMBA_SUBSYSTEM('MSRPC_PARSE',
source='msrpc_parse.c',
deps='talloc'
)
bld.SAMBA_SUBSYSTEM('NTLM_CHECK',
source='ntlm_check.c',
deps = 'talloc'
)
bld.SAMBA_SUBSYSTEM('LIBCLI_AUTH',
source='credentials.c session.c smbencrypt.c smbdes.c',
public_deps='MSRPC_PARSE',
public_headers='credentials.h:domain_credentials.h'
)
bld.SAMBA_SUBSYSTEM('COMMON_SCHANNEL',
source='schannel_state_tdb.c',
deps='dbwrap util_tdb samba-hostconfig NDR_NETLOGON'
)
bld.SAMBA_SUBSYSTEM('NETLOGON_CREDS_CLI',
source='netlogon_creds_cli.c',
deps='dbwrap util_tdb tevent-util samba-hostconfig RPC_NDR_NETLOGON NDR_NETLOGON'
)
bld.SAMBA_SUBSYSTEM('PAM_ERRORS',
source='pam_errors.c',
deps='talloc'
)
bld.SAMBA_SUBSYSTEM('SPNEGO_PARSE',
source='spnego_parse.c',
deps='asn1util')