summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2006-04-27 16:09:17 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:05:04 -0500
commit710ea949886dd57c66dc6d397e0ea41c89736107 (patch)
treef234adf0c7879144ef68044291753e43e028061d
parent70d10653ad3dcc4c12c83d4ca14752d0a0c89fe8 (diff)
downloadsamba-710ea949886dd57c66dc6d397e0ea41c89736107.tar.gz
samba-710ea949886dd57c66dc6d397e0ea41c89736107.tar.bz2
samba-710ea949886dd57c66dc6d397e0ea41c89736107.zip
r15297: Move create_security_token() to samdb as it requires SAMDB (and the rest of LIBSECURITY doesn't)
Make the ldb password_hash module only depend on some keys manipulation code, not full heimdal Some other dependency fixes (This used to be commit 5b3ab728edfc9cdd9eee16ad0fe6dfd4b5ced630)
-rw-r--r--source4/auth/auth_sam.c2
-rw-r--r--source4/auth/auth_util.c1
-rw-r--r--source4/auth/config.mk21
-rw-r--r--source4/auth/credentials/config.mk2
-rw-r--r--source4/auth/gensec/gensec_gssapi.c2
-rw-r--r--source4/auth/gensec/gensec_krb5.c2
-rw-r--r--source4/auth/kerberos/config.mk3
-rw-r--r--source4/auth/kerberos/kerberos_pac.c2
-rw-r--r--source4/client/config.mk2
-rw-r--r--source4/dsdb/config.mk2
-rw-r--r--source4/dsdb/samdb/ldb_modules/config.mk10
-rw-r--r--source4/dsdb/samdb/samdb.c76
-rw-r--r--source4/heimdal_build/config.mk17
-rw-r--r--source4/kdc/config.mk2
-rw-r--r--source4/libcli/auth/config.mk2
-rw-r--r--source4/libcli/config.mk2
-rw-r--r--source4/libcli/ldap/config.mk5
-rw-r--r--source4/libcli/security/config.mk8
-rw-r--r--source4/libcli/security/security_token.c74
-rw-r--r--source4/librpc/config.mk6
-rw-r--r--source4/passdb/config.mk2
21 files changed, 123 insertions, 120 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 3de2723aee..22e093581c 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -229,7 +229,7 @@ NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx,
DEBUG(10,("sam_account_ok: checking for workstation match '%s' and '%s'\n",
workstations[i], logon_workstation));
- if (strequal(workstations[i], logon_workstation)) {
+ if (strequal(workstations[i], logon_workstation) == 0) {
invalid_ws = False;
break;
}
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c
index 4c6bf04fcb..2f2a2f0b83 100644
--- a/source4/auth/auth_util.c
+++ b/source4/auth/auth_util.c
@@ -26,6 +26,7 @@
#include "auth/auth.h"
#include "libcli/security/security.h"
#include "libcli/auth/libcli_auth.h"
+#include "dsdb/samdb/samdb.h"
/* this default function can be used by mostly all backends
* which don't want to set a challenge
diff --git a/source4/auth/config.mk b/source4/auth/config.mk
index 3d42da6d61..6586fbfe5d 100644
--- a/source4/auth/config.mk
+++ b/source4/auth/config.mk
@@ -13,7 +13,8 @@ PRIVATE_PROTO_HEADER = auth_sam.h
INIT_FUNCTION = auth_sam_init
SUBSYSTEM = auth
OBJ_FILES = \
- auth_sam.o
+ auth_sam.o \
+ auth_sam_reply.o
PUBLIC_DEPENDENCIES = \
SAMDB
# End MODULE auth_sam
@@ -24,8 +25,7 @@ PUBLIC_DEPENDENCIES = \
[MODULE::auth_anonymous]
INIT_FUNCTION = auth_anonymous_init
SUBSYSTEM = auth
-OBJ_FILES = \
- auth_anonymous.o
+OBJ_FILES = auth_anonymous.o
# End MODULE auth_anonymous
#######################
@@ -34,8 +34,7 @@ OBJ_FILES = \
[MODULE::auth_winbind]
INIT_FUNCTION = auth_winbind_init
SUBSYSTEM = auth
-OBJ_FILES = \
- auth_winbind.o
+OBJ_FILES = auth_winbind.o
PUBLIC_DEPENDENCIES = \
LIBWINBIND-CLIENT \
NDR_NETLOGON LIBNDR
@@ -47,8 +46,7 @@ PUBLIC_DEPENDENCIES = \
[MODULE::auth_developer]
INIT_FUNCTION = auth_developer_init
SUBSYSTEM = auth
-OBJ_FILES = \
- auth_developer.o
+OBJ_FILES = auth_developer.o
# End MODULE auth_developer
#######################
@@ -57,10 +55,8 @@ OBJ_FILES = \
[MODULE::auth_unix]
INIT_FUNCTION = auth_unix_init
SUBSYSTEM = auth
-OBJ_FILES = \
- auth_unix.o
-PUBLIC_DEPENDENCIES = \
- CRYPT PAM PAM_ERRORS
+OBJ_FILES = auth_unix.o
+PUBLIC_DEPENDENCIES = CRYPT PAM PAM_ERRORS
# End MODULE auth_unix
#######################
@@ -76,9 +72,8 @@ PUBLIC_PROTO_HEADER = auth_proto.h
OBJ_FILES = \
auth.o \
auth_util.o \
- auth_sam_reply.o \
ntlm_check.o \
auth_simple.o
-PUBLIC_DEPENDENCIES = LIB_SECURITY process_model
+PUBLIC_DEPENDENCIES = LIBSECURITY process_model SAMDB
# End SUBSYSTEM auth
#######################
diff --git a/source4/auth/credentials/config.mk b/source4/auth/credentials/config.mk
index b1212e5963..1f6a07ae01 100644
--- a/source4/auth/credentials/config.mk
+++ b/source4/auth/credentials/config.mk
@@ -8,7 +8,7 @@ OBJ_FILES = credentials.o \
credentials_krb5.o \
credentials_ntlm.o
PUBLIC_DEPENDENCIES = \
- HEIMDAL LIBCLI_AUTH ldb SECRETS
+ HEIMDAL LIBCLI_AUTH SECRETS
# End SUBSYSTEM CREDENTIALS
#################################
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 8f487571f3..4cc067ffde 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -252,7 +252,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
DEBUG(2, ("Cannot do GSSAPI to an IP address\n"));
return NT_STATUS_INVALID_PARAMETER;
}
- if (strequal(hostname, "localhost")) {
+ if (strcmp(hostname, "localhost") == 0) {
DEBUG(2, ("GSSAPI to 'localhost' does not make sense\n"));
return NT_STATUS_INVALID_PARAMETER;
}
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index f2f3361bf9..c07b5c95e3 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -230,7 +230,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
DEBUG(2, ("Cannot do krb5 to an IP address"));
return NT_STATUS_INVALID_PARAMETER;
}
- if (strequal(hostname, "localhost")) {
+ if (strcmp(hostname, "localhost") == 0) {
DEBUG(2, ("krb5 to 'localhost' does not make sense"));
return NT_STATUS_INVALID_PARAMETER;
}
diff --git a/source4/auth/kerberos/config.mk b/source4/auth/kerberos/config.mk
index 2a729ef239..9a7ace6ab5 100644
--- a/source4/auth/kerberos/config.mk
+++ b/source4/auth/kerberos/config.mk
@@ -9,6 +9,7 @@ OBJ_FILES = kerberos.o \
kerberos_pac.o \
gssapi_parse.o \
krb5_init_context.o
-PUBLIC_DEPENDENCIES = HEIMDAL_KRB5 NDR_KRB5PAC SOCKET HEIMDAL_ROKEN_ADDRINFO
+PUBLIC_DEPENDENCIES = HEIMDAL_KRB5 NDR_KRB5PAC SOCKET
+PRIVATE_DEPENDENCIES = ASN1_UTIL HEIMDAL_ROKEN_ADDRINFO auth_sam
# End SUBSYSTEM KERBEROS
#################################
diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c
index 4712166ea7..673137fd5c 100644
--- a/source4/auth/kerberos/kerberos_pac.c
+++ b/source4/auth/kerberos/kerberos_pac.c
@@ -28,7 +28,7 @@
#include "system/kerberos.h"
#include "auth/kerberos/kerberos.h"
#include "librpc/gen_ndr/ndr_krb5pac.h"
-#include "auth/auth.h"
+#include "auth/auth_sam.h"
static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
DATA_BLOB pac_data,
diff --git a/source4/client/config.mk b/source4/client/config.mk
index 369d2a658a..b38be8da3d 100644
--- a/source4/client/config.mk
+++ b/source4/client/config.mk
@@ -8,7 +8,7 @@ OBJ_FILES = \
client.o
PRIVATE_DEPENDENCIES = \
LIBSAMBA-CONFIG \
- LIBREADLINE \
+ SMBREADLINE \
LIBSAMBA-UTIL \
LIBSMB \
RPC_NDR_SRVSVC \
diff --git a/source4/dsdb/config.mk b/source4/dsdb/config.mk
index 15aa9fd0aa..e0426167e3 100644
--- a/source4/dsdb/config.mk
+++ b/source4/dsdb/config.mk
@@ -7,7 +7,7 @@ include samdb/ldb_modules/config.mk
[SUBSYSTEM::SAMDB]
PUBLIC_PROTO_HEADER = samdb/samdb_proto.h
PUBLIC_HEADERS = samdb/samdb.h
-PUBLIC_DEPENDENCIES = DB_WRAP LIBCLI_LDAP
+PUBLIC_DEPENDENCIES = ldb LIBCLI_LDAP
OBJ_FILES = \
samdb/samdb.o \
samdb/samdb_privilege.o \
diff --git a/source4/dsdb/samdb/ldb_modules/config.mk b/source4/dsdb/samdb/ldb_modules/config.mk
index 207fdf8201..20f6e182e5 100644
--- a/source4/dsdb/samdb/ldb_modules/config.mk
+++ b/source4/dsdb/samdb/ldb_modules/config.mk
@@ -17,7 +17,6 @@ SUBSYSTEM = ldb
INIT_FUNCTION = samldb_module_init
OBJ_FILES = \
samldb.o
-PUBLIC_DEPENDENCIES = SAMDB
#
# End MODULE ldb_samldb
################################################
@@ -62,10 +61,9 @@ OBJ_FILES = \
[MODULE::ldb_password_hash]
SUBSYSTEM = ldb
INIT_FUNCTION = password_hash_module_init
-OBJ_FILES = \
- password_hash.o
-PUBLIC_DEPENDENCIES = \
- HEIMDAL_HDB HEIMDAL_KRB5
+OBJ_FILES = password_hash.o
+PUBLIC_DEPENDENCIES = HEIMDAL_KRB5
+PRIVATE_DEPENDENCIES = HEIMDAL_HDB_KEYS
#
# End MODULE ldb_rootdse
################################################
@@ -78,7 +76,7 @@ INIT_FUNCTION = ldb_kludge_acl_init
OBJ_FILES = \
kludge_acl.o
PUBLIC_DEPENDENCIES = \
- LIB_SECURITY
+ LIBSECURITY
#
# End MODULE ldb_rootdse
################################################
diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c
index bd133c8745..5dbfd4ee87 100644
--- a/source4/dsdb/samdb/samdb.c
+++ b/source4/dsdb/samdb/samdb.c
@@ -1353,3 +1353,79 @@ _PUBLIC_ NTSTATUS samdb_set_password_sid(struct ldb_context *ctx, TALLOC_CTX *me
}
return NT_STATUS_OK;
}
+
+/****************************************************************************
+ Create the SID list for this user.
+****************************************************************************/
+NTSTATUS security_token_create(TALLOC_CTX *mem_ctx,
+ struct dom_sid *user_sid,
+ struct dom_sid *group_sid,
+ int n_groupSIDs,
+ struct dom_sid **groupSIDs,
+ BOOL is_authenticated,
+ struct security_token **token)
+{
+ struct security_token *ptoken;
+ int i;
+ NTSTATUS status;
+
+ ptoken = security_token_initialise(mem_ctx);
+ NT_STATUS_HAVE_NO_MEMORY(ptoken);
+
+ ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 5);
+ NT_STATUS_HAVE_NO_MEMORY(ptoken->sids);
+
+ ptoken->user_sid = talloc_reference(ptoken, user_sid);
+ ptoken->group_sid = talloc_reference(ptoken, group_sid);
+ ptoken->privilege_mask = 0;
+
+ ptoken->sids[0] = ptoken->user_sid;
+ ptoken->sids[1] = ptoken->group_sid;
+
+ /*
+ * Finally add the "standard" SIDs.
+ * The only difference between guest and "anonymous"
+ * is the addition of Authenticated_Users.
+ */
+ ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD);
+ NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]);
+ ptoken->sids[3] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK);
+ NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[3]);
+ ptoken->num_sids = 4;
+
+ if (is_authenticated) {
+ ptoken->sids[4] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS);
+ NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[4]);
+ ptoken->num_sids++;
+ }
+
+ for (i = 0; i < n_groupSIDs; i++) {
+ size_t check_sid_idx;
+ for (check_sid_idx = 1;
+ check_sid_idx < ptoken->num_sids;
+ check_sid_idx++) {
+ if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) {
+ break;
+ }
+ }
+
+ if (check_sid_idx == ptoken->num_sids) {
+ ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]);
+ }
+ }
+
+ /* setup the privilege mask for this token */
+ status = samdb_privilege_setup(ptoken);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_free(ptoken);
+ return status;
+ }
+
+ security_token_debug(10, ptoken);
+
+ *token = ptoken;
+
+ return NT_STATUS_OK;
+}
+
+
diff --git a/source4/heimdal_build/config.mk b/source4/heimdal_build/config.mk
index 8d1b6c5781..f6215a3072 100644
--- a/source4/heimdal_build/config.mk
+++ b/source4/heimdal_build/config.mk
@@ -16,6 +16,14 @@ PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_KRB5 HEIMDAL_HDB
# End SUBSYSTEM HEIMDAL_KDC
#######################
+[SUBSYSTEM::HEIMDAL_HDB_KEYS]
+CFLAGS = -Iheimdal_build -Iheimdal/lib/hdb
+OBJ_FILES = \
+ ../heimdal/lib/hdb/keys.o \
+ ../heimdal/lib/hdb/asn1_Key.o \
+ ../heimdal/lib/hdb/asn1_Salt.o
+PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_KRB5
+
#######################
# Start SUBSYSTEM HEIMDAL_HDB
[SUBSYSTEM::HEIMDAL_HDB]
@@ -24,7 +32,6 @@ OBJ_FILES = \
../heimdal/lib/hdb/db.o \
../heimdal/lib/hdb/hdb.o \
../heimdal/lib/hdb/ext.o \
- ../heimdal/lib/hdb/keys.o \
../heimdal/lib/hdb/keytab.o \
../heimdal/lib/hdb/mkey.o \
../heimdal/lib/hdb/ndbm.o \
@@ -39,11 +46,9 @@ OBJ_FILES = \
../heimdal/lib/hdb/asn1_HDB_Ext_Password.o \
../heimdal/lib/hdb/asn1_HDB_extension.o \
../heimdal/lib/hdb/asn1_HDB_extensions.o \
- ../heimdal/lib/hdb/asn1_Key.o \
- ../heimdal/lib/hdb/asn1_Salt.o \
../heimdal/lib/hdb/asn1_hdb_entry.o \
../heimdal/lib/hdb/hdb_err.o
-PUBLIC_DEPENDENCIES = HDB_LDB
+PUBLIC_DEPENDENCIES = HDB_LDB HEIMDAL_HDB_KEYS HEIMDAL_ROKEN
# End SUBSYSTEM HEIMDAL_HDB
#######################
@@ -99,7 +104,7 @@ PUBLIC_DEPENDENCIES = KERBEROS HEIMDAL_KRB5
# Start SUBSYSTEM HEIMDAL_KRB5
[SUBSYSTEM::HEIMDAL_KRB5]
CFLAGS = -Iheimdal_build -Iheimdal/lib/krb5
-PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_ASN1
+PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_ASN1 HEIMDAL_GLUE
OBJ_FILES = \
../heimdal/lib/krb5/acache.o \
../heimdal/lib/krb5/add_et_list.o \
@@ -480,7 +485,7 @@ CFLAGS = -Iheimdal_build
OBJ_FILES = ../heimdal/lib/vers/print_version.o
PUBLIC_DEPENDENCIES = \
LIBREPLACE HEIMDAL_GSSAPI HEIMDAL_KRB5 KERBEROS \
- HEIMDAL_GLUE RESOLV
+ RESOLV
# End SUBSYSTEM HEIMDAL
#######################
diff --git a/source4/kdc/config.mk b/source4/kdc/config.mk
index b6f613bf08..39cfc4299e 100644
--- a/source4/kdc/config.mk
+++ b/source4/kdc/config.mk
@@ -19,7 +19,7 @@ OBJ_FILES = \
hdb-ldb.o \
pac-glue.o
PUBLIC_DEPENDENCIES = \
- ldb KERBEROS_LIB HEIMDAL_HDB auth_sam
+ ldb auth_sam
# End SUBSYSTEM KDC
#######################
diff --git a/source4/libcli/auth/config.mk b/source4/libcli/auth/config.mk
index 756ea0ecbf..5a0b7e14dc 100644
--- a/source4/libcli/auth/config.mk
+++ b/source4/libcli/auth/config.mk
@@ -8,6 +8,6 @@ OBJ_FILES = credentials.o \
smbencrypt.o \
smbdes.o
PUBLIC_DEPENDENCIES = \
- auth SCHANNELDB MSRPC_PARSE
+ SCHANNELDB MSRPC_PARSE
# End SUBSYSTEM LIBCLI_AUTH
#################################
diff --git a/source4/libcli/config.mk b/source4/libcli/config.mk
index e646985a78..c62f30dd20 100644
--- a/source4/libcli/config.mk
+++ b/source4/libcli/config.mk
@@ -104,7 +104,7 @@ VERSION = 0.0.1
SO_VERSION = 0
DESCRIPTION = SMB/CIFS client library
PUBLIC_DEPENDENCIES = LIBCLI_RAW LIBSAMBA-ERRORS LIBCLI_AUTH \
- LIBCLI_SMB_COMPOSITE LIBCLI_NBT LIB_SECURITY LIBCLI_RESOLVE \
+ LIBCLI_SMB_COMPOSITE LIBCLI_NBT LIBSECURITY LIBCLI_RESOLVE \
LIBCLI_DGRAM LIBCLI_SMB2 LIBCLI_FINDDCS
[SUBSYSTEM::LIBSMB]
diff --git a/source4/libcli/ldap/config.mk b/source4/libcli/ldap/config.mk
index 26f230d7ef..ec5c48b48c 100644
--- a/source4/libcli/ldap/config.mk
+++ b/source4/libcli/ldap/config.mk
@@ -10,7 +10,8 @@ OBJ_FILES = ldap.o \
ldap_ndr.o \
ldap_ildap.o \
ldap_controls.o
-PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBEVENTS gensec SOCKET NDR_SAMR LIBTLS \
- LIBPACKET ASN1_UTIL
+PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBEVENTS LIBPACKET
+PRIVATE_DEPENDENCIES = LIBCLI_COMPOSITE SOCKET NDR_SAMR LIBTLS ASN1_UTIL
+#PRIVATE_DEPENDENCIES = gensec
# End SUBSYSTEM LIBCLI_LDAP
#################################
diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk
index fb4f1f71b7..e19947203d 100644
--- a/source4/libcli/security/config.mk
+++ b/source4/libcli/security/config.mk
@@ -1,6 +1,6 @@
#################################
-# Start SUBSYSTEM LIB_SECURITY
-[SUBSYSTEM::LIB_SECURITY]
+# Start SUBSYSTEM LIBSECURITY
+[SUBSYSTEM::LIBSECURITY]
PRIVATE_PROTO_HEADER = proto.h
OBJ_FILES = security_token.o \
security_descriptor.o \
@@ -8,6 +8,6 @@ OBJ_FILES = security_token.o \
access_check.o \
privilege.o \
sddl.o
-PUBLIC_DEPENDENCIES = NDR_SECURITY
-# End SUBSYSTEM LIB_SECURITY
+PUBLIC_DEPENDENCIES = NDR_SECURITY
+# End SUBSYSTEM LIBSECURITY
#################################
diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c
index d872376bff..0043678144 100644
--- a/source4/libcli/security/security_token.c
+++ b/source4/libcli/security/security_token.c
@@ -48,80 +48,6 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx)
}
/****************************************************************************
- Create the SID list for this user.
-****************************************************************************/
-NTSTATUS security_token_create(TALLOC_CTX *mem_ctx,
- struct dom_sid *user_sid,
- struct dom_sid *group_sid,
- int n_groupSIDs,
- struct dom_sid **groupSIDs,
- BOOL is_authenticated,
- struct security_token **token)
-{
- struct security_token *ptoken;
- int i;
- NTSTATUS status;
-
- ptoken = security_token_initialise(mem_ctx);
- NT_STATUS_HAVE_NO_MEMORY(ptoken);
-
- ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 5);
- NT_STATUS_HAVE_NO_MEMORY(ptoken->sids);
-
- ptoken->user_sid = talloc_reference(ptoken, user_sid);
- ptoken->group_sid = talloc_reference(ptoken, group_sid);
- ptoken->privilege_mask = 0;
-
- ptoken->sids[0] = ptoken->user_sid;
- ptoken->sids[1] = ptoken->group_sid;
-
- /*
- * Finally add the "standard" SIDs.
- * The only difference between guest and "anonymous"
- * is the addition of Authenticated_Users.
- */
- ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD);
- NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]);
- ptoken->sids[3] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK);
- NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[3]);
- ptoken->num_sids = 4;
-
- if (is_authenticated) {
- ptoken->sids[4] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS);
- NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[4]);
- ptoken->num_sids++;
- }
-
- for (i = 0; i < n_groupSIDs; i++) {
- size_t check_sid_idx;
- for (check_sid_idx = 1;
- check_sid_idx < ptoken->num_sids;
- check_sid_idx++) {
- if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) {
- break;
- }
- }
-
- if (check_sid_idx == ptoken->num_sids) {
- ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]);
- }
- }
-
- /* setup the privilege mask for this token */
- status = samdb_privilege_setup(ptoken);
- if (!NT_STATUS_IS_OK(status)) {
- talloc_free(ptoken);
- return status;
- }
-
- security_token_debug(10, ptoken);
-
- *token = ptoken;
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************************
prints a struct security_token to debug output.
****************************************************************************/
void security_token_debug(int dbg_lev, const struct security_token *token)
diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk
index fa4d5045f6..e378f84744 100644
--- a/source4/librpc/config.mk
+++ b/source4/librpc/config.mk
@@ -11,7 +11,7 @@ OBJ_FILES = \
ndr/ndr_basic.o \
ndr/ndr_string.o \
ndr/ndr_misc.o
-PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBTALLOC LIBSAMBA-UTIL
+PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBTALLOC LIBSAMBA-UTIL CHARSET
# End SUBSYSTEM LIBNDR
################################################
@@ -332,12 +332,12 @@ PUBLIC_DEPENDENCIES = LIBNDR
[SUBSYSTEM::NDR_SCHANNEL]
OBJ_FILES = gen_ndr/ndr_schannel.o
-PUBLIC_DEPENDENCIES = LIBNDR
+PUBLIC_DEPENDENCIES = LIBNDR NDR_NBT
[SUBSYSTEM::NDR_NBT]
OBJ_FILES = gen_ndr/ndr_nbt.o
PUBLIC_HEADERS = gen_ndr/nbt.h
-PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_NBT_BUF NDR_SVCCTL
+PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_NBT_BUF NDR_SVCCTL NDR_SECURITY
[LIBRARY::NDR_WINSREPL]
VERSION = 0.0.1
diff --git a/source4/passdb/config.mk b/source4/passdb/config.mk
index 0172f57261..51e2c4a83e 100644
--- a/source4/passdb/config.mk
+++ b/source4/passdb/config.mk
@@ -1,4 +1,4 @@
[SUBSYSTEM::SECRETS]
PRIVATE_PROTO_HEADER = proto.h
OBJ_FILES = secrets.o
-PUBLIC_DEPENDENCIES = SAMDB
+PRIVATE_DEPENDENCIES = DB_WRAP