diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-11-05 11:13:22 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:45:48 -0500 |
| commit | df9af348761989a8a1f257a29e9209aed4bfb373 (patch) | |
| tree | 6bfbbd9f36002c93257c01e9d1f14f8bf83769a3 | |
| parent | 72820aaf9281acc2acec869793a95f3353c1034c (diff) | |
| download | samba-df9af348761989a8a1f257a29e9209aed4bfb373.tar.gz samba-df9af348761989a8a1f257a29e9209aed4bfb373.tar.bz2 samba-df9af348761989a8a1f257a29e9209aed4bfb373.zip | |
r11522: Add support for delegated credentials and machine account credentials
to ldb, based on the sessionInfo we now pass around.
Andrew Bartlett
(This used to be commit 84e16e4ea7240409f15efd9f64344f9e0cec8111)
| -rw-r--r-- | source4/auth/auth_util.c | 20 | ||||
| -rw-r--r-- | source4/lib/ldb/ldb_ildap/ldb_ildap.c | 10 |
2 files changed, 28 insertions, 2 deletions
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index df4e510c2f..95d1ddb2fc 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -553,6 +553,14 @@ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, NT_STATUS_NOT_OK_RETURN(nt_status); + session_info->credentials = cli_credentials_init(session_info); + if (!session_info->credentials) { + return NT_STATUS_NO_MEMORY; + } + + cli_credentials_set_conf(session_info->credentials); + cli_credentials_set_anonymous(session_info->credentials); + *_session_info = session_info; return NT_STATUS_OK; @@ -590,6 +598,18 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, NT_STATUS_NOT_OK_RETURN(nt_status); + session_info->credentials = cli_credentials_init(session_info); + if (!session_info->credentials) { + return NT_STATUS_NO_MEMORY; + } + + cli_credentials_set_conf(session_info->credentials); + if (!NT_STATUS_IS_OK(cli_credentials_set_machine_account(session_info->credentials))) { + /* perhaps no credentials, we might not be joined to a domain */ + talloc_free(session_info->credentials); + session_info->credentials = NULL; + } + *_session_info = session_info; return NT_STATUS_OK; diff --git a/source4/lib/ldb/ldb_ildap/ldb_ildap.c b/source4/lib/ldb/ldb_ildap/ldb_ildap.c index 5fc326b425..06ff79b9a0 100644 --- a/source4/lib/ldb/ldb_ildap/ldb_ildap.c +++ b/source4/lib/ldb/ldb_ildap/ldb_ildap.c @@ -36,6 +36,7 @@ #include "libcli/ldap/ldap.h" #include "libcli/ldap/ldap_client.h" #include "lib/cmdline/popt_common.h" +#include "auth/auth.h" struct ildb_private { struct ldap_connection *ldap; @@ -459,9 +460,14 @@ int ildb_connect(struct ldb_context *ldb, const char *url, ldb->modules->ops = &ildb_ops; /* caller can optionally setup credentials using the opaque token 'credentials' */ - creds = ldb_get_opaque(ldb, "credentials"); + creds = talloc_get_type(ldb_get_opaque(ldb, "credentials"), struct cli_credentials); if (creds == NULL) { - creds = cmdline_credentials; + struct auth_session_info *session_info = talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info); + if (session_info && session_info->credentials) { + creds = session_info->credentials; + } else { + creds = cmdline_credentials; + } } if (creds != NULL && cli_credentials_authentication_requested(creds)) { |