summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexander Bokovoy <ab@samba.org>2012-09-05 15:56:37 +0300
committerAlexander Bokovoy <ab@samba.org>2012-09-07 12:31:42 +0200
commitc2e2857db41ac96dbd6eca69b09a8e4b659997eb (patch)
tree1daf1b30a06919a651326544021587d797d61e37
parent9c3e294400234ebdf9b98031bae583524fd0b0ac (diff)
downloadsamba-c2e2857db41ac96dbd6eca69b09a8e4b659997eb.tar.gz
samba-c2e2857db41ac96dbd6eca69b09a8e4b659997eb.tar.bz2
samba-c2e2857db41ac96dbd6eca69b09a8e4b659997eb.zip
s3-passdb: wrap secrets.tdb accessors used by PDB modules
PDB modules store domain sid and guid in secrets.tdb to cooperate with other parts of smbd. If PDB module is built outside Samba source code it has to be linked against internal libsecrets. Wrap required secrets_* calls to avoid direct linking. libpdb is linked against libsecrets by itself and this is enough.
-rw-r--r--source3/include/passdb.h11
-rw-r--r--source3/passdb/pdb_secrets.c34
2 files changed, 45 insertions, 0 deletions
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index ec724bccfa..5202bd3af4 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -922,4 +922,15 @@ void unixid_from_uid(struct unixid *id, uint32_t some_uid);
void unixid_from_gid(struct unixid *id, uint32_t some_gid);
void unixid_from_both(struct unixid *id, uint32_t some_id);
+/* The following definitions come from passdb/pdb_secrets.c
+ * and should be used by PDB modules if they need to store
+ * sid/guid information for the domain in secrets database
+ */
+bool PDB_secrets_mark_domain_protected(const char *domain);
+bool PDB_secrets_clear_domain_protection(const char *domain);
+bool PDB_secrets_store_domain_sid(const char *domain, const struct dom_sid *sid);
+bool PDB_secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid);
+bool PDB_secrets_store_domain_guid(const char *domain, struct GUID *guid);
+bool PDB_secrets_fetch_domain_guid(const char *domain, struct GUID *guid);
+
#endif /* _PASSDB_H */
diff --git a/source3/passdb/pdb_secrets.c b/source3/passdb/pdb_secrets.c
index 30262c999f..ad4fe4ab71 100644
--- a/source3/passdb/pdb_secrets.c
+++ b/source3/passdb/pdb_secrets.c
@@ -135,3 +135,37 @@ NTSTATUS secrets_trusted_domains(TALLOC_CTX *mem_ctx, uint32 *num_domains,
*domains = state.domains;
return NT_STATUS_OK;
}
+
+/* In order to avoid direct linking against libsecrets for pdb modules
+ * following helpers are provided for pdb module writers.
+ * To differentiate them from pdb_* API, they are prefixed by PDB upper case
+ */
+bool PDB_secrets_store_domain_sid(const char *domain, const struct dom_sid *sid)
+{
+ return secrets_store_domain_sid(domain, sid);
+}
+
+bool PDB_secrets_mark_domain_protected(const char *domain)
+{
+ return secrets_mark_domain_protected(domain);
+}
+
+bool PDB_secrets_clear_domain_protection(const char *domain)
+{
+ return secrets_clear_domain_protection(domain);
+}
+
+bool PDB_secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid)
+{
+ return secrets_fetch_domain_sid(domain, sid);
+}
+
+bool PDB_secrets_store_domain_guid(const char *domain, struct GUID *guid)
+{
+ return secrets_store_domain_guid(domain, guid);
+}
+
+bool PDB_secrets_fetch_domain_guid(const char *domain, struct GUID *guid)
+{
+ return secrets_fetch_domain_guid(domain, guid);
+}