diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-10-11 16:53:08 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-10-11 13:02:16 +0000 |
commit | 42127cdbb040a260c2c745e9114b600f2186794a (patch) | |
tree | 348783a93d8fd3efe162470678ae1cc128edb6f6 /source4/auth/credentials/credentials_krb5.c | |
parent | 5cd9495fb3f74d8e896c81e5c060a1643722870e (diff) | |
download | samba-42127cdbb040a260c2c745e9114b600f2186794a.tar.gz samba-42127cdbb040a260c2c745e9114b600f2186794a.tar.bz2 samba-42127cdbb040a260c2c745e9114b600f2186794a.zip |
s4-credentials Add explicit event context handling to Kerberos calls (only)
By setting the event context to use for this operation (only) onto
the krb5_context just before we call that operation, we can try
and emulate the specification of an event context to the actual send_to_kdc()
This eliminates the specification of an event context to many other
cli_credentials calls, and the last use of event_context_find()
Special care is taken to restore the event context in the event of
nesting in the send_to_kdc function.
Andrew Bartlett
Diffstat (limited to 'source4/auth/credentials/credentials_krb5.c')
-rw-r--r-- | source4/auth/credentials/credentials_krb5.c | 41 |
1 files changed, 17 insertions, 24 deletions
diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c index c678b80f87..fb4b440281 100644 --- a/source4/auth/credentials/credentials_krb5.c +++ b/source4/auth/credentials/credentials_krb5.c @@ -32,7 +32,6 @@ #include "param/param.h" _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred, - struct tevent_context *event_ctx, struct loadparm_context *lp_ctx, struct smb_krb5_context **smb_krb5_context) { @@ -42,7 +41,7 @@ _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred, return 0; } - ret = smb_krb5_init_context(cred, event_ctx, lp_ctx, + ret = smb_krb5_init_context(cred, NULL, lp_ctx, &cred->smb_krb5_context); if (ret) { cred->smb_krb5_context = NULL; @@ -126,7 +125,6 @@ static int free_dccache(struct ccache_container *ccc) { } _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred, - struct tevent_context *event_ctx, struct loadparm_context *lp_ctx, const char *name, enum credentials_obtained obtained, @@ -145,7 +143,7 @@ _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred, return ENOMEM; } - ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, + ret = cli_credentials_get_krb5_context(cred, lp_ctx, &ccc->smb_krb5_context); if (ret) { (*error_string) = error_message(ret); @@ -204,7 +202,6 @@ _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred, static int cli_credentials_new_ccache(struct cli_credentials *cred, - struct tevent_context *event_ctx, struct loadparm_context *lp_ctx, char *ccache_name, struct ccache_container **_ccc, @@ -217,7 +214,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred, return ENOMEM; } - ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, + ret = cli_credentials_get_krb5_context(cred, lp_ctx, &ccc->smb_krb5_context); if (ret) { talloc_free(ccc); @@ -294,12 +291,12 @@ _PUBLIC_ int cli_credentials_get_named_ccache(struct cli_credentials *cred, return EINVAL; } - ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, ccache_name, ccc, error_string); + ret = cli_credentials_new_ccache(cred, lp_ctx, ccache_name, ccc, error_string); if (ret) { return ret; } - ret = kinit_to_ccache(cred, cred, (*ccc)->smb_krb5_context, (*ccc)->ccache, &obtained, error_string); + ret = kinit_to_ccache(cred, cred, (*ccc)->smb_krb5_context, event_ctx, (*ccc)->ccache, &obtained, error_string); if (ret) { return ret; } @@ -529,7 +526,6 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, */ int cli_credentials_set_client_gss_creds(struct cli_credentials *cred, - struct tevent_context *event_ctx, struct loadparm_context *lp_ctx, gss_cred_id_t gssapi_cred, enum credentials_obtained obtained, @@ -549,7 +545,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, return ENOMEM; } - ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, NULL, &ccc, error_string); + ret = cli_credentials_new_ccache(cred, lp_ctx, NULL, &ccc, error_string); if (ret != 0) { return ret; } @@ -589,9 +585,8 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, * it will be generated from the password. */ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred, - struct tevent_context *event_ctx, - struct loadparm_context *lp_ctx, - struct keytab_container **_ktc) + struct loadparm_context *lp_ctx, + struct keytab_container **_ktc) { krb5_error_code ret; struct keytab_container *ktc; @@ -608,7 +603,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred, return EINVAL; } - ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, + ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context); if (ret) { return ret; @@ -640,10 +635,9 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred, * FILE:/etc/krb5.keytab), open it and attach it */ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred, - struct tevent_context *event_ctx, - struct loadparm_context *lp_ctx, - const char *keytab_name, - enum credentials_obtained obtained) + struct loadparm_context *lp_ctx, + const char *keytab_name, + enum credentials_obtained obtained) { krb5_error_code ret; struct keytab_container *ktc; @@ -654,7 +648,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred, return 0; } - ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context); + ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context); if (ret) { return ret; } @@ -682,9 +676,8 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred, /* Get server gss credentials (in gsskrb5, this means the keytab) */ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, - struct tevent_context *event_ctx, - struct loadparm_context *lp_ctx, - struct gssapi_creds_container **_gcc) + struct loadparm_context *lp_ctx, + struct gssapi_creds_container **_gcc) { int ret = 0; OM_uint32 maj_stat, min_stat; @@ -701,7 +694,7 @@ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, return ENOMEM; } - ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context); + ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context); if (ret) { return ret; } @@ -720,7 +713,7 @@ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, return 0; } - ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc); + ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc); if (ret) { DEBUG(1, ("Failed to get keytab for GSSAPI server: %s\n", error_message(ret))); return ret; |