summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2007-12-02 17:56:09 +0100
committerStefan Metzmacher <metze@samba.org>2007-12-21 05:47:05 +0100
commit51db4c3f3d81d1ed03beae6426786c843ac59807 (patch)
treed85647baa9f9715657a900da164ea54dc07fd13f
parentf4a1083cf9f64b4d2b65b68942e93861409ea90f (diff)
downloadsamba-51db4c3f3d81d1ed03beae6426786c843ac59807.tar.gz
samba-51db4c3f3d81d1ed03beae6426786c843ac59807.tar.bz2
samba-51db4c3f3d81d1ed03beae6426786c843ac59807.zip
r26228: Store loadparm context in auth context, move more loadparm_contexts up the call stack.
(This used to be commit ba75f1613a9aac69dd5df94dd8a2b37820acd166)
-rw-r--r--source4/auth/auth.c4
-rw-r--r--source4/auth/auth.h3
-rw-r--r--source4/auth/auth_sam.c21
-rw-r--r--source4/auth/auth_server.c2
-rw-r--r--source4/auth/auth_simple.c3
-rw-r--r--source4/auth/auth_unix.c2
-rw-r--r--source4/auth/auth_util.c6
-rw-r--r--source4/auth/gensec/schannel_state.c10
-rw-r--r--source4/auth/ntlm_check.c17
-rw-r--r--source4/dsdb/common/sidmap.c4
-rw-r--r--source4/dsdb/repl/drepl_service.c12
-rw-r--r--source4/ldap_server/ldap_bind.c3
-rw-r--r--source4/ldap_server/ldap_server.c5
-rw-r--r--source4/lib/dbwrap/dbwrap.c10
-rw-r--r--source4/lib/dbwrap/dbwrap.h5
-rw-r--r--source4/lib/dbwrap/dbwrap_tdb.c5
-rw-r--r--source4/lib/gencache/gencache.c4
-rw-r--r--source4/lib/ldb/tools/cmdline.c4
-rw-r--r--source4/ntvfs/common/brlock_tdb.c3
-rw-r--r--source4/ntvfs/posix/vfs_posix.c4
-rw-r--r--source4/ntvfs/unixuid/vfs_unixuid.c3
-rw-r--r--source4/rpc_server/lsa/lsa_init.c2
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c2
-rw-r--r--source4/rpc_server/unixinfo/dcesrv_unixinfo.c9
-rw-r--r--source4/scripting/ejs/smbcalls_auth.c2
-rw-r--r--source4/utils/ntlm_auth.c7
26 files changed, 88 insertions, 64 deletions
diff --git a/source4/auth/auth.c b/source4/auth/auth.c
index e4af53d25e..b915a43e39 100644
--- a/source4/auth/auth.c
+++ b/source4/auth/auth.c
@@ -353,6 +353,7 @@ NTSTATUS auth_check_password_recv(struct auth_check_password_request *req,
NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods,
struct event_context *ev,
struct messaging_context *msg,
+ struct loadparm_context *lp_ctx,
struct auth_context **auth_ctx)
{
int i;
@@ -381,6 +382,7 @@ NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods,
ctx->methods = NULL;
ctx->event_ctx = ev;
ctx->msg_ctx = msg;
+ ctx->lp_ctx = lp_ctx;
for (i=0; methods[i] ; i++) {
struct auth_method_context *method;
@@ -429,7 +431,7 @@ NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx,
auth_methods = lp_parm_string_list(lp_ctx, NULL, "auth methods", "domain controller", NULL);
break;
}
- return auth_context_create_methods(mem_ctx, auth_methods, ev, msg, auth_ctx);
+ return auth_context_create_methods(mem_ctx, auth_methods, ev, msg, lp_ctx, auth_ctx);
}
diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index 95819fbaf3..ff7132c3ff 100644
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -168,6 +168,9 @@ struct auth_context {
/* the messaging context which can be used by backends */
struct messaging_context *msg_ctx;
+
+ /* loadparm context */
+ struct loadparm_context *lp_ctx;
};
/* this structure is used by backends to determine the size of some critical types */
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 42e5ae9e7e..812c80f4d0 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -151,7 +151,7 @@ static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
NTSTATUS status;
if (acct_flags & ACB_PWNOTREQ) {
- if (lp_null_passwords(global_loadparm)) {
+ if (lp_null_passwords(auth_context->lp_ctx)) {
DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n",
user_info->mapped.account_name));
return NT_STATUS_OK;
@@ -181,6 +181,7 @@ static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
*lm_sess_key = data_blob(NULL, 0);
*user_sess_key = data_blob(NULL, 0);
status = hash_password_check(mem_ctx,
+ auth_context->lp_ctx,
user_info->password.hash.lanman,
user_info->password.hash.nt,
user_info->mapped.account_name,
@@ -189,7 +190,9 @@ static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
break;
case AUTH_PASSWORD_RESPONSE:
- status = ntlm_password_check(mem_ctx, user_info->logon_parameters,
+ status = ntlm_password_check(mem_ctx,
+ auth_context->lp_ctx,
+ user_info->logon_parameters,
&auth_context->challenge.data,
&user_info->password.response.lanman,
&user_info->password.response.nt,
@@ -283,7 +286,7 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx
return NT_STATUS_NO_MEMORY;
}
- sam_ctx = samdb_connect(tmp_ctx, global_loadparm, system_session(mem_ctx));
+ sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx));
if (sam_ctx == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SYSTEM_SERVICE;
@@ -348,13 +351,13 @@ static NTSTATUS authsam_want_check(struct auth_method_context *ctx,
return NT_STATUS_NOT_IMPLEMENTED;
}
- is_local_name = lp_is_myname(global_loadparm,
+ is_local_name = lp_is_myname(ctx->auth_ctx->lp_ctx,
user_info->mapped.domain_name);
- is_my_domain = lp_is_mydomain(global_loadparm,
+ is_my_domain = lp_is_mydomain(ctx->auth_ctx->lp_ctx,
user_info->mapped.domain_name);
/* check whether or not we service this domain/workgroup name */
- switch (lp_server_role(global_loadparm)) {
+ switch (lp_server_role(ctx->auth_ctx->lp_ctx)) {
case ROLE_STANDALONE:
return NT_STATUS_OK;
@@ -390,14 +393,14 @@ static NTSTATUS authsam_check_password(struct auth_method_context *ctx,
const char *domain;
/* check whether or not we service this domain/workgroup name */
- switch (lp_server_role(global_loadparm)) {
+ switch (lp_server_role(ctx->auth_ctx->lp_ctx)) {
case ROLE_STANDALONE:
case ROLE_DOMAIN_MEMBER:
- domain = lp_netbios_name(global_loadparm);
+ domain = lp_netbios_name(ctx->auth_ctx->lp_ctx);
break;
case ROLE_DOMAIN_CONTROLLER:
- domain = lp_workgroup(global_loadparm);
+ domain = lp_workgroup(ctx->auth_ctx->lp_ctx);
break;
default:
diff --git a/source4/auth/auth_server.c b/source4/auth/auth_server.c
index 36637edd57..6502564dca 100644
--- a/source4/auth/auth_server.c
+++ b/source4/auth/auth_server.c
@@ -206,7 +206,7 @@ static NTSTATUS check_smbserver_security(const struct auth_context *auth_context
* password file.
*/
- if (lp_is_myname(global_loadparm, user_info->domain.str)) {
+ if (lp_is_myname(auth_context->lp_ctx, user_info->domain.str)) {
DEBUG(3,("check_smbserver_security: Requested domain was for this machine.\n"));
return NT_STATUS_LOGON_FAILURE;
}
diff --git a/source4/auth/auth_simple.c b/source4/auth/auth_simple.c
index 0b94669008..cde170482a 100644
--- a/source4/auth/auth_simple.c
+++ b/source4/auth/auth_simple.c
@@ -33,6 +33,7 @@
_PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
struct event_context *ev,
struct messaging_context *msg,
+ struct loadparm_context *lp_ctx,
const char *nt4_domain,
const char *nt4_username,
const char *password,
@@ -50,7 +51,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
nt_status = auth_context_create(tmp_ctx,
ev, msg,
- global_loadparm,
+ lp_ctx,
&auth_context);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(tmp_ctx);
diff --git a/source4/auth/auth_unix.c b/source4/auth/auth_unix.c
index 4cbe3723a8..9efbe5dc12 100644
--- a/source4/auth/auth_unix.c
+++ b/source4/auth/auth_unix.c
@@ -804,7 +804,7 @@ static NTSTATUS authunix_check_password(struct auth_method_context *ctx,
return NT_STATUS_NO_MEMORY;
}
- nt_status = check_unix_password(check_ctx, global_loadparm, user_info, &pwd);
+ nt_status = check_unix_password(check_ctx, ctx->auth_ctx->lp_ctx, user_info, &pwd);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(check_ctx);
return nt_status;
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c
index 91f0e5163c..9110fc1b97 100644
--- a/source4/auth/auth_util.c
+++ b/source4/auth/auth_util.c
@@ -138,8 +138,8 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex
}
chall_blob = data_blob_talloc(mem_ctx, challenge, 8);
- if (lp_client_ntlmv2_auth(global_loadparm)) {
- DATA_BLOB names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(global_loadparm), lp_workgroup(global_loadparm));
+ if (lp_client_ntlmv2_auth(auth_context->lp_ctx)) {
+ DATA_BLOB names_blob = NTLMv2_generate_names_blob(mem_ctx, lp_netbios_name(auth_context->lp_ctx), lp_workgroup(auth_context->lp_ctx));
DATA_BLOB lmv2_response, ntlmv2_response, lmv2_session_key, ntlmv2_session_key;
if (!SMBNTLMv2encrypt_hash(user_info_temp,
@@ -163,7 +163,7 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex
SMBOWFencrypt(user_info_in->password.hash.nt->hash, challenge, blob.data);
user_info_temp->password.response.nt = blob;
- if (lp_client_lanman_auth(global_loadparm) && user_info_in->password.hash.lanman) {
+ if (lp_client_lanman_auth(auth_context->lp_ctx) && user_info_in->password.hash.lanman) {
DATA_BLOB lm_blob = data_blob_talloc(mem_ctx, NULL, 24);
SMBOWFencrypt(user_info_in->password.hash.lanman->hash, challenge, blob.data);
user_info_temp->password.response.lanman = lm_blob;
diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c
index 1bb71d8fc9..77f5dfb599 100644
--- a/source4/auth/gensec/schannel_state.c
+++ b/source4/auth/gensec/schannel_state.c
@@ -32,7 +32,7 @@
/**
connect to the schannel ldb
*/
-struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx)
+struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
{
char *path;
struct ldb_context *ldb;
@@ -42,14 +42,14 @@ struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx)
"computerName: CASE_INSENSITIVE\n" \
"flatname: CASE_INSENSITIVE\n";
- path = smbd_tmp_path(mem_ctx, global_loadparm, "schannel.ldb");
+ path = smbd_tmp_path(mem_ctx, lp_ctx, "schannel.ldb");
if (!path) {
return NULL;
}
existed = file_exist(path);
- ldb = ldb_wrap_connect(mem_ctx, global_loadparm, path,
+ ldb = ldb_wrap_connect(mem_ctx, lp_ctx, path,
system_session(mem_ctx),
NULL, LDB_FLG_NOSYNC, NULL);
talloc_free(path);
@@ -143,7 +143,7 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
NTSTATUS nt_status;
int ret;
- ldb = schannel_db_connect(mem_ctx);
+ ldb = schannel_db_connect(mem_ctx, global_loadparm);
if (!ldb) {
return NT_STATUS_ACCESS_DENIED;
}
@@ -274,7 +274,7 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
NTSTATUS nt_status;
struct ldb_context *ldb;
- ldb = schannel_db_connect(mem_ctx);
+ ldb = schannel_db_connect(mem_ctx, global_loadparm);
if (!ldb) {
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source4/auth/ntlm_check.c b/source4/auth/ntlm_check.c
index 5214c46e0e..f1ea6829e0 100644
--- a/source4/auth/ntlm_check.c
+++ b/source4/auth/ntlm_check.c
@@ -219,6 +219,7 @@ static bool smb_sess_key_ntlmv2(TALLOC_CTX *mem_ctx,
*/
NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
const struct samr_Password *client_lanman,
const struct samr_Password *client_nt,
const char *username,
@@ -240,7 +241,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
}
} else if (client_lanman && stored_lanman) {
- if (!lp_lanman_auth(global_loadparm)) {
+ if (!lp_lanman_auth(lp_ctx)) {
DEBUG(3,("ntlm_password_check: Interactive logon: only LANMAN password supplied for user %s, and LM passwords are disabled!\n",
username));
return NT_STATUS_WRONG_PASSWORD;
@@ -281,6 +282,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
*/
NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
uint32_t logon_parameters,
const DATA_BLOB *challenge,
const DATA_BLOB *lm_response,
@@ -330,6 +332,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
lm_ok = false;
}
return hash_password_check(mem_ctx,
+ lp_ctx,
lm_ok ? &client_lm : NULL,
nt_response->length ? &client_nt : NULL,
username,
@@ -392,7 +395,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
DEBUG(3,("ntlm_password_check: NTLMv2 password check failed\n"));
}
} else if (nt_response->length == 24 && stored_nt) {
- if (lp_ntlm_auth(global_loadparm)) {
+ if (lp_ntlm_auth(lp_ctx)) {
/* We have the NT MD4 hash challenge available - see if we can
use it (ie. does it exist in the smbpasswd file).
*/
@@ -404,7 +407,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
/* The LM session key for this response is not very secure,
so use it only if we otherwise allow LM authentication */
- if (lp_lanman_auth(global_loadparm) && stored_lanman) {
+ if (lp_lanman_auth(lp_ctx) && stored_lanman) {
*lm_sess_key = data_blob_talloc(mem_ctx, stored_lanman->hash, 8);
}
return NT_STATUS_OK;
@@ -432,7 +435,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
return NT_STATUS_WRONG_PASSWORD;
}
- if (!lp_lanman_auth(global_loadparm)) {
+ if (!lp_lanman_auth(lp_ctx)) {
DEBUG(3,("ntlm_password_check: Lanman passwords NOT PERMITTED for user %s\n",
username));
} else if (!stored_lanman) {
@@ -451,7 +454,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
It not very secure, so use it only if we otherwise
allow LM authentication */
- if (lp_lanman_auth(global_loadparm) && stored_lanman) {
+ if (lp_lanman_auth(lp_ctx) && stored_lanman) {
uint8_t first_8_lm_hash[16];
memcpy(first_8_lm_hash, stored_lanman->hash, 8);
memset(first_8_lm_hash + 8, '\0', 8);
@@ -567,7 +570,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
- I think this is related to Win9X pass-though authentication
*/
DEBUG(4,("ntlm_password_check: Checking NT MD4 password in LM field\n"));
- if (lp_ntlm_auth(global_loadparm)) {
+ if (lp_ntlm_auth(lp_ctx)) {
if (smb_pwd_check_ntlmv1(mem_ctx,
lm_response,
stored_nt->hash, challenge,
@@ -576,7 +579,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
It not very secure, so use it only if we otherwise
allow LM authentication */
- if (lp_lanman_auth(global_loadparm) && stored_lanman) {
+ if (lp_lanman_auth(lp_ctx) && stored_lanman) {
uint8_t first_8_lm_hash[16];
memcpy(first_8_lm_hash, stored_lanman->hash, 8);
memset(first_8_lm_hash + 8, '\0', 8);
diff --git a/source4/dsdb/common/sidmap.c b/source4/dsdb/common/sidmap.c
index 8383d2b36b..97e5fb2b19 100644
--- a/source4/dsdb/common/sidmap.c
+++ b/source4/dsdb/common/sidmap.c
@@ -48,14 +48,14 @@ struct sidmap_context {
/*
open a sidmap context - use talloc_free to close
*/
-_PUBLIC_ struct sidmap_context *sidmap_open(TALLOC_CTX *mem_ctx)
+_PUBLIC_ struct sidmap_context *sidmap_open(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
{
struct sidmap_context *sidmap;
sidmap = talloc(mem_ctx, struct sidmap_context);
if (sidmap == NULL) {
return NULL;
}
- sidmap->samctx = samdb_connect(sidmap, global_loadparm, system_session(sidmap));
+ sidmap->samctx = samdb_connect(sidmap, lp_ctx, system_session(sidmap));
if (sidmap->samctx == NULL) {
talloc_free(sidmap);
return NULL;
diff --git a/source4/dsdb/repl/drepl_service.c b/source4/dsdb/repl/drepl_service.c
index 5c74dbfb72..72033f4177 100644
--- a/source4/dsdb/repl/drepl_service.c
+++ b/source4/dsdb/repl/drepl_service.c
@@ -45,12 +45,12 @@ static WERROR dreplsrv_init_creds(struct dreplsrv_service *service)
return WERR_OK;
}
-static WERROR dreplsrv_connect_samdb(struct dreplsrv_service *service)
+static WERROR dreplsrv_connect_samdb(struct dreplsrv_service *service, struct loadparm_context *lp_ctx)
{
const struct GUID *ntds_guid;
struct drsuapi_DsBindInfo28 *bind_info28;
- service->samdb = samdb_connect(service, global_loadparm, service->system_session_info);
+ service->samdb = samdb_connect(service, lp_ctx, service->system_session_info);
if (!service->samdb) {
return WERR_DS_SERVICE_UNAVAILABLE;
}
@@ -118,7 +118,7 @@ static void dreplsrv_task_init(struct task_server *task)
struct dreplsrv_service *service;
uint32_t periodic_startup_interval;
- switch (lp_server_role(global_loadparm)) {
+ switch (lp_server_role(task->lp_ctx)) {
case ROLE_STANDALONE:
task_server_terminate(task, "dreplsrv: no DSDB replication required in standalone configuration");
return;
@@ -149,7 +149,7 @@ static void dreplsrv_task_init(struct task_server *task)
return;
}
- status = dreplsrv_connect_samdb(service);
+ status = dreplsrv_connect_samdb(service, task->lp_ctx);
if (!W_ERROR_IS_OK(status)) {
task_server_terminate(task, talloc_asprintf(task,
"dreplsrv: Failed to connect to local samdb: %s\n",
@@ -165,8 +165,8 @@ static void dreplsrv_task_init(struct task_server *task)
return;
}
- periodic_startup_interval = lp_parm_int(global_loadparm, NULL, "dreplsrv", "periodic_startup_interval", 15); /* in seconds */
- service->periodic.interval = lp_parm_int(global_loadparm, NULL, "dreplsrv", "periodic_interval", 300); /* in seconds */
+ periodic_startup_interval = lp_parm_int(task->lp_ctx, NULL, "dreplsrv", "periodic_startup_interval", 15); /* in seconds */
+ service->periodic.interval = lp_parm_int(task->lp_ctx, NULL, "dreplsrv", "periodic_interval", 300); /* in seconds */
status = dreplsrv_periodic_schedule(service, periodic_startup_interval);
if (!W_ERROR_IS_OK(status)) {
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index fe4680b1f2..50521e9a52 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -27,6 +27,7 @@
#include "dsdb/samdb/samdb.h"
#include "auth/gensec/gensec.h"
#include "auth/gensec/socket.h"
+#include "param/param.h"
static NTSTATUS ldapsrv_BindSimple(struct ldapsrv_call *call)
{
@@ -46,7 +47,7 @@ static NTSTATUS ldapsrv_BindSimple(struct ldapsrv_call *call)
status = crack_auto_name_to_nt4_name(call, req->dn, &nt4_domain, &nt4_account);
if (NT_STATUS_IS_OK(status)) {
- status = authenticate_username_pw(call,
+ status = authenticate_username_pw(global_loadparm, call,
call->conn->connection->event.ctx,
call->conn->connection->msg_ctx,
nt4_domain, nt4_account,
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index 1ee37dceff..30afe7c590 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -389,8 +389,7 @@ static void ldapsrv_accept(struct stream_connection *c)
/* Ensure we don't get packets until the database is ready below */
packet_recv_disable(conn->packet);
- server_credentials
- = cli_credentials_init(conn);
+ server_credentials = cli_credentials_init(conn);
if (!server_credentials) {
stream_terminate_connection(c, "Failed to init server credentials\n");
return;
@@ -515,7 +514,7 @@ static void ldapsrv_task_init(struct task_server *task)
NTSTATUS status;
const struct model_ops *model_ops;
- switch (lp_server_role(global_loadparm)) {
+ switch (lp_server_role(task->lp_ctx)) {
case ROLE_STANDALONE:
task_server_terminate(task, "ldap_server: no LDAP server required in standalone configuration");
return;
diff --git a/source4/lib/dbwrap/dbwrap.c b/source4/lib/dbwrap/dbwrap.c
index 9e893b1243..791d0adee6 100644
--- a/source4/lib/dbwrap/dbwrap.c
+++ b/source4/lib/dbwrap/dbwrap.c
@@ -25,15 +25,15 @@
#include "lib/dbwrap/dbwrap.h"
#include "param/param.h"
-/*
+/**
open a temporary database
*/
-struct db_context *db_tmp_open(TALLOC_CTX *mem_ctx, const char *name, int tdb_flags)
+struct db_context *db_tmp_open(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, const char *name, int tdb_flags)
{
- if (lp_parm_bool(global_loadparm, NULL, "ctdb", "enable", false) &&
- lp_parm_bool(global_loadparm, NULL, "ctdb", name, true)) {
+ if (lp_parm_bool(lp_ctx, NULL, "ctdb", "enable", false) &&
+ lp_parm_bool(lp_ctx, NULL, "ctdb", name, true)) {
return db_tmp_open_ctdb(mem_ctx, name, tdb_flags);
}
- return db_tmp_open_tdb(mem_ctx, name, tdb_flags);
+ return db_tmp_open_tdb(mem_ctx, lp_ctx, name, tdb_flags);
}
diff --git a/source4/lib/dbwrap/dbwrap.h b/source4/lib/dbwrap/dbwrap.h
index b4267d802d..fc1f123e23 100644
--- a/source4/lib/dbwrap/dbwrap.h
+++ b/source4/lib/dbwrap/dbwrap.h
@@ -45,9 +45,10 @@ struct db_context {
void *private_data;
};
-struct db_context *db_tmp_open(TALLOC_CTX *mem_ctx, const char *name, int tdb_flags);
+struct loadparm_context;
+struct db_context *db_tmp_open(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, const char *name, int tdb_flags);
/* backends */
-struct db_context *db_tmp_open_tdb(TALLOC_CTX *mem_ctx, const char *name, int tdb_flags);
+struct db_context *db_tmp_open_tdb(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, const char *name, int tdb_flags);
struct db_context *db_tmp_open_ctdb(TALLOC_CTX *mem_ctx, const char *name, int tdb_flags);
diff --git a/source4/lib/dbwrap/dbwrap_tdb.c b/source4/lib/dbwrap/dbwrap_tdb.c
index 621b19532d..fae73a1db8 100644
--- a/source4/lib/dbwrap/dbwrap_tdb.c
+++ b/source4/lib/dbwrap/dbwrap_tdb.c
@@ -225,7 +225,8 @@ static int db_tdb_get_seqnum(struct db_context *db)
/*
open a temporary database
*/
-struct db_context *db_tmp_open_tdb(TALLOC_CTX *mem_ctx, const char *name, int tdb_flags)
+struct db_context *db_tmp_open_tdb(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx,
+ const char *name, int tdb_flags)
{
struct db_context *result;
struct db_tdb_ctx *db_tdb;
@@ -241,7 +242,7 @@ struct db_context *db_tmp_open_tdb(TALLOC_CTX *mem_ctx, const char *name, int td
/* the name passed in should not be a full path, it should be
just be the db name */
- path = smbd_tmp_path(result, global_loadparm, name);
+ path = smbd_tmp_path(result, lp_ctx, name);
db_tdb->wtdb = tdb_wrap_open(db_tdb, path, 0, tdb_flags,
O_CREAT|O_RDWR, 0666);
diff --git a/source4/lib/gencache/gencache.c b/source4/lib/gencache/gencache.c
index ea80a93624..aaaa40eea8 100644
--- a/source4/lib/gencache/gencache.c
+++ b/source4/lib/gencache/gencache.c
@@ -47,7 +47,7 @@ static struct tdb_wrap *cache;
* false on failure
**/
-bool gencache_init(void)
+bool gencache_init(struct loadparm_context *lp_ctx)
{
char* cache_fname = NULL;
TALLOC_CTX *mem_ctx = talloc_autofree_context();
@@ -55,7 +55,7 @@ bool gencache_init(void)
/* skip file open if it's already opened */
if (cache) return true;
- cache_fname = lock_path(mem_ctx, global_loadparm, "gencache.tdb");
+ cache_fname = lock_path(mem_ctx, lp_ctx, "gencache.tdb");
if (cache_fname != NULL) {
DEBUG(5, ("Opening cache file at %s\n", cache_fname));
} else {
diff --git a/source4/lib/ldb/tools/cmdline.c b/source4/lib/ldb/tools/cmdline.c
index 5e3013600a..1f8c7ce684 100644
--- a/source4/lib/ldb/tools/cmdline.c
+++ b/source4/lib/ldb/tools/cmdline.c
@@ -217,6 +217,10 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const
if (ldb_set_opaque(ldb, "credentials", cmdline_credentials)) {
goto failed;
}
+ if (ldb_set_opaque(ldb, "loadparm", global_loadparm)) {
+ goto failed;
+ }
+
ldb_set_utf8_fns(ldb, NULL, wrap_casefold);
#endif
diff --git a/source4/ntvfs/common/brlock_tdb.c b/source4/ntvfs/common/brlock_tdb.c
index 2b81521a2c..25642d5f5c 100644
--- a/source4/ntvfs/common/brlock_tdb.c
+++ b/source4/ntvfs/common/brlock_tdb.c
@@ -34,6 +34,7 @@
#include "cluster/cluster.h"
#include "ntvfs/common/brlock.h"
#include "ntvfs/ntvfs.h"
+#include "param/param.h"
/*
in this module a "DATA_BLOB *file_key" is a blob that uniquely identifies
@@ -94,7 +95,7 @@ static struct brl_context *brl_tdb_init(TALLOC_CTX *mem_ctx, struct server_id se
return NULL;
}
- brl->db = db_tmp_open(brl, "brlock.tdb", TDB_DEFAULT);
+ brl->db = db_tmp_open(brl, global_loadparm, "brlock.tdb", TDB_DEFAULT);
if (brl->db == NULL) {
talloc_free(brl);
return NULL;
diff --git a/source4/ntvfs/posix/vfs_posix.c b/source4/ntvfs/posix/vfs_posix.c
index 24aa023de5..07948a64e2 100644
--- a/source4/ntvfs/posix/vfs_posix.c
+++ b/source4/ntvfs/posix/vfs_posix.c
@@ -31,7 +31,7 @@
#include "util/util_ldb.h"
#include "libcli/security/security.h"
#include "lib/events/events.h"
-
+#include "param/param.h"
/*
setup config options for a posix share
@@ -216,7 +216,7 @@ static NTSTATUS pvfs_connect(struct ntvfs_module_context *ntvfs,
event_context_find(pvfs),
pvfs->ntvfs->ctx->config);
- pvfs->sidmap = sidmap_open(pvfs);
+ pvfs->sidmap = sidmap_open(pvfs, global_loadparm);
if (pvfs->sidmap == NULL) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
diff --git a/source4/ntvfs/unixuid/vfs_unixuid.c b/source4/ntvfs/unixuid/vfs_unixuid.c
index 0ad8a8501b..d7b64b01f2 100644
--- a/source4/ntvfs/unixuid/vfs_unixuid.c
+++ b/source4/ntvfs/unixuid/vfs_unixuid.c
@@ -26,6 +26,7 @@
#include "auth/auth.h"
#include "ntvfs/ntvfs.h"
#include "dsdb/samdb/samdb.h"
+#include "param/param.h"
struct unixuid_private {
struct sidmap_context *sidmap;
@@ -215,7 +216,7 @@ static NTSTATUS unixuid_connect(struct ntvfs_module_context *ntvfs,
return NT_STATUS_NO_MEMORY;
}
- private->sidmap = sidmap_open(private);
+ private->sidmap = sidmap_open(private, global_loadparm);
if (private->sidmap == NULL) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
diff --git a/source4/rpc_server/lsa/lsa_init.c b/source4/rpc_server/lsa/lsa_init.c
index 83607cc446..c86fdf333d 100644
--- a/source4/rpc_server/lsa/lsa_init.c
+++ b/source4/rpc_server/lsa/lsa_init.c
@@ -57,7 +57,7 @@ NTSTATUS dcesrv_lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
partitions_basedn = samdb_partitions_dn(state->sam_ldb, mem_ctx);
- state->sidmap = sidmap_open(state);
+ state->sidmap = sidmap_open(state, global_loadparm);
if (state->sidmap == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index d5e385f70d..448f2b93f9 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -244,7 +244,7 @@ static NTSTATUS dcesrv_netr_creds_server_step_check(const char *computer_name,
struct ldb_context *ldb;
int ret;
- ldb = schannel_db_connect(mem_ctx);
+ ldb = schannel_db_connect(mem_ctx, global_loadparm);
if (!ldb) {
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source4/rpc_server/unixinfo/dcesrv_unixinfo.c b/source4/rpc_server/unixinfo/dcesrv_unixinfo.c
index 1f9e584ecf..290cfda640 100644
--- a/source4/rpc_server/unixinfo/dcesrv_unixinfo.c
+++ b/source4/rpc_server/unixinfo/dcesrv_unixinfo.c
@@ -26,6 +26,7 @@
#include "lib/events/events.h"
#include "dsdb/samdb/samdb.h"
#include "system/passwd.h"
+#include "param/param.h"
static NTSTATUS dcesrv_unixinfo_SidToUid(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
@@ -35,7 +36,7 @@ static NTSTATUS dcesrv_unixinfo_SidToUid(struct dcesrv_call_state *dce_call,
struct sidmap_context *sidmap;
uid_t uid;
- sidmap = sidmap_open(mem_ctx);
+ sidmap = sidmap_open(mem_ctx, global_loadparm);
if (sidmap == NULL) {
DEBUG(10, ("sidmap_open failed\n"));
return NT_STATUS_NO_MEMORY;
@@ -55,7 +56,7 @@ static NTSTATUS dcesrv_unixinfo_UidToSid(struct dcesrv_call_state *dce_call,
struct sidmap_context *sidmap;
uid_t uid;
- sidmap = sidmap_open(mem_ctx);
+ sidmap = sidmap_open(mem_ctx, global_loadparm);
if (sidmap == NULL) {
DEBUG(10, ("sidmap_open failed\n"));
return NT_STATUS_NO_MEMORY;
@@ -79,7 +80,7 @@ static NTSTATUS dcesrv_unixinfo_SidToGid(struct dcesrv_call_state *dce_call,
struct sidmap_context *sidmap;
gid_t gid;
- sidmap = sidmap_open(mem_ctx);
+ sidmap = sidmap_open(mem_ctx, global_loadparm);
if (sidmap == NULL) {
DEBUG(10, ("sidmap_open failed\n"));
return NT_STATUS_NO_MEMORY;
@@ -99,7 +100,7 @@ static NTSTATUS dcesrv_unixinfo_GidToSid(struct dcesrv_call_state *dce_call,
struct sidmap_context *sidmap;
gid_t gid;
- sidmap = sidmap_open(mem_ctx);
+ sidmap = sidmap_open(mem_ctx, global_loadparm);
if (sidmap == NULL) {
DEBUG(10, ("sidmap_open failed\n"));
return NT_STATUS_NO_MEMORY;
diff --git a/source4/scripting/ejs/smbcalls_auth.c b/source4/scripting/ejs/smbcalls_auth.c
index 6ddb049788..39e84d7f2c 100644
--- a/source4/scripting/ejs/smbcalls_auth.c
+++ b/source4/scripting/ejs/smbcalls_auth.c
@@ -60,7 +60,7 @@ static int ejs_doauth(MprVarHandle eid,
}
if (auth_types) {
- nt_status = auth_context_create_methods(tmp_ctx, auth_types, ev, msg, &auth_context);
+ nt_status = auth_context_create_methods(tmp_ctx, auth_types, ev, msg, global_loadparm, &auth_context);
} else {
nt_status = auth_context_create(tmp_ctx, ev, msg, global_loadparm, &auth_context);
}
diff --git a/source4/utils/ntlm_auth.c b/source4/utils/ntlm_auth.c
index 80ecfff572..bb9b5d89fa 100644
--- a/source4/utils/ntlm_auth.c
+++ b/source4/utils/ntlm_auth.c
@@ -176,7 +176,8 @@ static bool check_plaintext_auth(const char *user, const char *pass,
/* authenticate a user with an encrypted username/password */
-static NTSTATUS local_pw_check_specified(const char *username,
+static NTSTATUS local_pw_check_specified(struct loadparm_context *lp_ctx,
+ const char *username,
const char *domain,
const char *workstation,
const DATA_BLOB *challenge,
@@ -206,6 +207,7 @@ static NTSTATUS local_pw_check_specified(const char *username,
nt_status = ntlm_password_check(mem_ctx,
+ lp_ctx,
MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT |
MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT,
challenge,
@@ -755,7 +757,8 @@ static void manage_ntlm_server_1_request(enum stdio_helper_mode stdio_helper_mod
flags |= NTLM_AUTH_FLAG_USER_SESSION_KEY;
if (!NT_STATUS_IS_OK(
- local_pw_check_specified(username,
+ local_pw_check_specified(global_loadparm,
+ username,
domain,
lp_netbios_name(global_loadparm),
&challenge,