Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-test

(This used to be commit 3ab9abf40605a4a6b220faeebaef81546a8d87a0)
author: Andrew Tridgell <tridge@samba.org> 2008-04-17 15:21:08 +0200
committer: Andrew Tridgell <tridge@samba.org> 2008-04-17 15:21:08 +0200
commit: dc74e0fad683cb0ef9ee5996aedadd4c377a0f00 (patch)
tree: e33375abeb4ec70f646e420adfe9221e1bb87a2d /source4/auth
parent: 11703b298685c9984a6a3c3a64eddb8a1a516b90 (diff)
parent: ef457187b4372f039f84fbb4f6e4f0fcffd67b5b (diff)
download: samba-dc74e0fad683cb0ef9ee5996aedadd4c377a0f00.tar.gz
samba-dc74e0fad683cb0ef9ee5996aedadd4c377a0f00.tar.bz2
samba-dc74e0fad683cb0ef9ee5996aedadd4c377a0f00.zip
15 files changed, 88 insertions, 66 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 4b467cee75..731e489ba0 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -289,7 +289,7 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
+	sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->event_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
 	if (sam_ctx == NULL) {
 		talloc_free(tmp_ctx);
 		return NT_STATUS_INVALID_SYSTEM_SERVICE;
diff --git a/source4/auth/auth_simple.c b/source4/auth/auth_simple.c
index 50be02a353..e7039c3657 100644
--- a/source4/auth/auth_simple.c
+++ b/source4/auth/auth_simple.c
@@ -90,7 +90,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
 	}
 
 	if (session_info) {
-		nt_status = auth_generate_session_info(tmp_ctx, lp_ctx, server_info, session_info);
+		nt_status = auth_generate_session_info(tmp_ctx, ev, lp_ctx, server_info, session_info);
 
 		if (NT_STATUS_IS_OK(nt_status)) {
 			talloc_steal(mem_ctx, *session_info);
diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c
index 89dddc9e05..bfed451689 100644
--- a/source4/auth/credentials/credentials.c
+++ b/source4/auth/credentials/credentials.c
@@ -65,7 +65,6 @@ _PUBLIC_ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
 
 	cred->tries = 3;
 	cred->callback_running = false;
-	cred->ev = NULL;
 
 	cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS);
 	cli_credentials_set_gensec_features(cred, 0);
@@ -675,7 +674,7 @@ _PUBLIC_ void cli_credentials_guess(struct cli_credentials *cred,
 	}
 	
 	if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
-		cli_credentials_set_ccache(cred, lp_ctx, NULL, CRED_GUESS_FILE);
+		cli_credentials_set_ccache(cred, event_context_find(cred), lp_ctx, NULL, CRED_GUESS_FILE);
 	}
 }
 
@@ -775,22 +774,3 @@ _PUBLIC_ bool cli_credentials_wrong_password(struct cli_credentials *cred)
 
 	return (cred->tries > 0);
 }
-
-/*
-  set the common event context for this set of credentials
- */
-_PUBLIC_ void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev)
-{
-	cred->ev = ev;
-}
-
-/*
-  set the common event context for this set of credentials
- */
-_PUBLIC_ struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred)
-{
-	if (cred->ev == NULL) {
-		cred->ev = event_context_find(cred);
-	}
-	return cred->ev;
-}
diff --git a/source4/auth/credentials/credentials.h b/source4/auth/credentials/credentials.h
index afcb300638..2514b5b1ce 100644
--- a/source4/auth/credentials/credentials.h
+++ b/source4/auth/credentials/credentials.h
@@ -26,6 +26,7 @@
 #include "librpc/gen_ndr/misc.h"
 
 struct ccache_container;
+struct event_context;
 
 /* In order of priority */
 enum credentials_obtained { 
@@ -121,9 +122,6 @@ struct cli_credentials {
 
 	/* Whether any callback is currently running */
 	bool callback_running;
-
-	/* an event context for anyone wanting to use the credentials */
-	struct event_context *ev;
 };
 
 struct ldb_context;
@@ -152,12 +150,15 @@ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_
 const char *cli_credentials_get_realm(struct cli_credentials *cred);
 const char *cli_credentials_get_username(struct cli_credentials *cred);
 int cli_credentials_get_krb5_context(struct cli_credentials *cred, 
+				     struct event_context *event_ctx,
 				     struct loadparm_context *lp_ctx,
 				     struct smb_krb5_context **smb_krb5_context);
 int cli_credentials_get_ccache(struct cli_credentials *cred, 
+			       struct event_context *event_ctx,
 			       struct loadparm_context *lp_ctx,
 			       struct ccache_container **ccc);
 int cli_credentials_get_keytab(struct cli_credentials *cred, 
+			       struct event_context *event_ctx,
 			       struct loadparm_context *lp_ctx,
 			       struct keytab_container **_ktc);
 const char *cli_credentials_get_domain(struct cli_credentials *cred);
@@ -168,15 +169,15 @@ void cli_credentials_set_conf(struct cli_credentials *cred,
 			      struct loadparm_context *lp_ctx);
 const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx);
 int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, 
+					 struct event_context *event_ctx,
 					 struct loadparm_context *lp_ctx,
 					 struct gssapi_creds_container **_gcc);
 int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, 
+					 struct event_context *event_ctx,
 					 struct loadparm_context *lp_ctx,
 					 struct gssapi_creds_container **_gcc);
-void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev);
 void cli_credentials_set_kerberos_state(struct cli_credentials *creds, 
 					enum credentials_use_kerberos use_kerberos);
-struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred);
 bool cli_credentials_set_domain(struct cli_credentials *cred, 
 				const char *val, 
 				enum credentials_obtained obtained);
@@ -199,6 +200,7 @@ void cli_credentials_set_netlogon_creds(struct cli_credentials *cred,
 NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred, 
 					  struct smb_krb5_context *smb_krb5_context);
 NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+					      struct event_context *event_ctx,
 					      struct loadparm_context *lp_ctx,
 					      const char *serviceprincipal);
 NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
@@ -220,14 +222,17 @@ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
 				 const struct samr_Password *nt_hash, 
 				 enum credentials_obtained obtained);
 int cli_credentials_set_keytab_name(struct cli_credentials *cred, 
+				    struct event_context *event_ctx,
 				    struct loadparm_context *lp_ctx,
 				    const char *keytab_name, 
 				    enum credentials_obtained obtained);
 int cli_credentials_update_keytab(struct cli_credentials *cred, 
+				  struct event_context *event_ctx,
 				  struct loadparm_context *lp_ctx);
 void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features);
 uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds);
 int cli_credentials_set_ccache(struct cli_credentials *cred, 
+			       struct event_context *event_ctx,
 			       struct loadparm_context *lp_ctx,
 			       const char *name, 
 			       enum credentials_obtained obtained);
@@ -239,6 +244,7 @@ void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
 void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal);
 enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds);
 NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, 
+				     struct event_context *event_ctx,
 				     struct loadparm_context *lp_ctx,
 				     struct ldb_context *ldb,
 				     const char *base,
diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c
index 1bbdf8a5ad..ab76ea2cde 100644
--- a/source4/auth/credentials/credentials_files.c
+++ b/source4/auth/credentials/credentials_files.c
@@ -30,6 +30,7 @@
 #include "auth/credentials/credentials.h"
 #include "auth/credentials/credentials_krb5.h"
 #include "param/param.h"
+#include "lib/events/events.h"
 
 /**
  * Read a file descriptor, and parse it for a password (eg from a file or stdin)
@@ -169,6 +170,7 @@ _PUBLIC_ bool cli_credentials_parse_file(struct cli_credentials *cred, const cha
  * @retval NTSTATUS error detailing any failure
  */
 _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, 
+					      struct event_context *event_ctx,
 				     struct loadparm_context *lp_ctx,
 				     struct ldb_context *ldb,
 				     const char *base,
@@ -305,13 +307,13 @@ _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
 	 * (chewing CPU time) from the password */
 	keytab = ldb_msg_find_attr_as_string(msgs[0], "krb5Keytab", NULL);
 	if (keytab) {
-		cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
+		cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED);
 	} else {
 		keytab = ldb_msg_find_attr_as_string(msgs[0], "privateKeytab", NULL);
 		if (keytab) {
 			keytab = talloc_asprintf(mem_ctx, "FILE:%s", private_path(mem_ctx, lp_ctx, keytab));
 			if (keytab) {
-				cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
+				cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED);
 			}
 		}
 	}
@@ -336,7 +338,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
 	cred->machine_account_pending = false;
 	filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER, 
 				       cli_credentials_get_domain(cred));
-	return cli_credentials_set_secrets(cred, lp_ctx, NULL, 
+	return cli_credentials_set_secrets(cred, event_context_find(cred), lp_ctx, NULL, 
 					   SECRETS_PRIMARY_DOMAIN_DN,
 					   filter);
 }
@@ -348,6 +350,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
  * @retval NTSTATUS error detailing any failure
  */
 NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
+			            struct event_context *event_ctx,
 				    struct loadparm_context *lp_ctx)
 {
 	char *filter;
@@ -358,7 +361,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
 	filter = talloc_asprintf(cred, SECRETS_KRBTGT_SEARCH,
 				       cli_credentials_get_realm(cred),
 				       cli_credentials_get_domain(cred));
-	return cli_credentials_set_secrets(cred, lp_ctx, NULL, 
+	return cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL, 
 					   SECRETS_PRINCIPALS_DN,
 					   filter);
 }
@@ -370,6 +373,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
  * @retval NTSTATUS error detailing any failure
  */
 _PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+						       struct event_context *event_ctx,
 					      struct loadparm_context *lp_ctx,
 					      const char *serviceprincipal)
 {
@@ -382,7 +386,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *c
 				 cli_credentials_get_realm(cred),
 				 cli_credentials_get_domain(cred),
 				 serviceprincipal);
-	return cli_credentials_set_secrets(cred, lp_ctx, NULL, 
+	return cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL, 
 					   SECRETS_PRINCIPALS_DN, filter);
 }
 
diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c
index cd9285b09d..3bc1764448 100644
--- a/source4/auth/credentials/credentials_krb5.c
+++ b/source4/auth/credentials/credentials_krb5.c
@@ -30,6 +30,7 @@
 #include "param/param.h"
 
 _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred, 
+					      struct event_context *event_ctx,
 				     struct loadparm_context *lp_ctx,
 				     struct smb_krb5_context **smb_krb5_context) 
 {
@@ -39,8 +40,7 @@ _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
 		return 0;
 	}
 
-	ret = smb_krb5_init_context(cred, cli_credentials_get_event_context(cred), 
-				    lp_ctx, &cred->smb_krb5_context);
+	ret = smb_krb5_init_context(cred, event_ctx, lp_ctx, &cred->smb_krb5_context);
 	if (ret) {
 		cred->smb_krb5_context = NULL;
 		return ret;
@@ -128,6 +128,7 @@ static int free_dccache(struct ccache_container *ccc) {
 }
 
 _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred, 
+					struct event_context *event_ctx,
 			       struct loadparm_context *lp_ctx,
 			       const char *name, 
 			       enum credentials_obtained obtained)
@@ -144,7 +145,7 @@ _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
+	ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, 
 					       &ccc->smb_krb5_context);
 	if (ret) {
 		talloc_free(ccc);
@@ -203,6 +204,7 @@ _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
 
 
 static int cli_credentials_new_ccache(struct cli_credentials *cred, 
+				      struct event_context *event_ctx,
 				      struct loadparm_context *lp_ctx,
 				      struct ccache_container **_ccc)
 {
@@ -221,7 +223,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
+	ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, 
 					       &ccc->smb_krb5_context);
 	if (ret) {
 		talloc_free(ccc);
@@ -253,6 +255,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
 }
 
 _PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred, 
+					struct event_context *event_ctx,
 			       struct loadparm_context *lp_ctx,
 			       struct ccache_container **ccc)
 {
@@ -271,7 +274,7 @@ _PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred,
 		return EINVAL;
 	}
 
-	ret = cli_credentials_new_ccache(cred, lp_ctx, ccc);
+	ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, ccc);
 	if (ret) {
 		return ret;
 	}
@@ -348,6 +351,7 @@ static int free_gssapi_creds(struct gssapi_creds_container *gcc)
 }
 
 _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, 
+					 struct event_context *event_ctx,
 					 struct loadparm_context *lp_ctx,
 					 struct gssapi_creds_container **_gcc) 
 {
@@ -360,7 +364,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
 		*_gcc = cred->client_gss_creds;
 		return 0;
 	}
-	ret = cli_credentials_get_ccache(cred, lp_ctx, 
+	ret = cli_credentials_get_ccache(cred, event_ctx, lp_ctx, 
 					 &ccache);
 	if (ret) {
 		DEBUG(1, ("Failed to get CCACHE for GSSAPI client: %s\n", error_message(ret)));
@@ -402,6 +406,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
 */
 
  int cli_credentials_set_client_gss_creds(struct cli_credentials *cred, 
+					  struct event_context *event_ctx,
 					  struct loadparm_context *lp_ctx,
 					  gss_cred_id_t gssapi_cred,
 					  enum credentials_obtained obtained) 
@@ -419,7 +424,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_new_ccache(cred, lp_ctx, &ccc);
+	ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, &ccc);
 	if (ret != 0) {
 		return ret;
 	}
@@ -456,6 +461,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
  * it will be generated from the password.
  */
 _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred, 
+					struct event_context *event_ctx,
 			       struct loadparm_context *lp_ctx,
 			       struct keytab_container **_ktc)
 {
@@ -475,7 +481,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
 		return EINVAL;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
+	ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, 
 					       &smb_krb5_context);
 	if (ret) {
 		return ret;
@@ -510,6 +516,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
  * FILE:/etc/krb5.keytab), open it and attach it */
 
 _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred, 
+					     struct event_context *event_ctx,
 				    struct loadparm_context *lp_ctx,
 				    const char *keytab_name, 
 				    enum credentials_obtained obtained) 
@@ -523,7 +530,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
 		return 0;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
 	if (ret) {
 		return ret;
 	}
@@ -549,6 +556,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
 }
 
 _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred, 
+					   struct event_context *event_ctx,
 				  struct loadparm_context *lp_ctx) 
 {
 	krb5_error_code ret;
@@ -562,7 +570,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
 	if (ret) {
 		talloc_free(mem_ctx);
 		return ret;
@@ -570,7 +578,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
 
 	enctype_strings = cli_credentials_get_enctype_strings(cred);
 	
-	ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
+	ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc);
 	if (ret != 0) {
 		talloc_free(mem_ctx);
 		return ret;
@@ -585,6 +593,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
 /* Get server gss credentials (in gsskrb5, this means the keytab) */
 
 _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, 
+						  struct event_context *event_ctx,
 					 struct loadparm_context *lp_ctx,
 					 struct gssapi_creds_container **_gcc) 
 {
@@ -603,12 +612,12 @@ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
 		return 0;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
 	if (ret) {
 		return ret;
 	}
 
-	ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
+	ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc);
 	if (ret) {
 		DEBUG(1, ("Failed to get keytab for GSSAPI server: %s\n", error_message(ret)));
 		return ret;
diff --git a/source4/auth/credentials/credentials_krb5.h b/source4/auth/credentials/credentials_krb5.h
index aaa7d7f0da..f672b0ad9a 100644
--- a/source4/auth/credentials/credentials_krb5.h
+++ b/source4/auth/credentials/credentials_krb5.h
@@ -32,6 +32,7 @@ struct gssapi_creds_container {
 
 /* Manually prototyped here to avoid needing gss headers in most callers */
 int cli_credentials_set_client_gss_creds(struct cli_credentials *cred, 
+					 struct event_context *event_ctx,
 					 struct loadparm_context *lp_ctx,
 					 gss_cred_id_t gssapi_cred,
 					 enum credentials_obtained obtained);
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index e7dcb4ea68..cc0d40469e 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -273,7 +273,9 @@ static NTSTATUS gensec_gssapi_server_start(struct gensec_security *gensec_securi
 		DEBUG(3, ("No machine account credentials specified\n"));
 		return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
 	} else {
-		ret = cli_credentials_get_server_gss_creds(machine_account, gensec_security->lp_ctx, &gcc);
+		ret = cli_credentials_get_server_gss_creds(machine_account, 
+							   gensec_security->event_ctx, 
+							   gensec_security->lp_ctx, &gcc);
 		if (ret) {
 			DEBUG(1, ("Aquiring acceptor credentials failed: %s\n", 
 				  error_message(ret)));
@@ -359,7 +361,9 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	ret = cli_credentials_get_client_gss_creds(creds, gensec_security->lp_ctx, &gcc);
+	ret = cli_credentials_get_client_gss_creds(creds, 
+						   gensec_security->event_ctx, 
+						   gensec_security->lp_ctx, &gcc);
 	switch (ret) {
 	case 0:
 		break;
@@ -1323,7 +1327,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 	} else if (!lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec", "require_pac", false)) {
 		DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
 			  gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
-		nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->lp_ctx, principal_string,
+		nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
 							  &server_info);
 
 		if (!NT_STATUS_IS_OK(nt_status)) {
@@ -1338,7 +1342,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 	}
 
 	/* references the server_info into the session_info */
-	nt_status = auth_generate_session_info(mem_ctx, gensec_security->lp_ctx, server_info, &session_info);
+	nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		talloc_free(mem_ctx);
 		return nt_status;
@@ -1361,12 +1365,12 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 			return NT_STATUS_NO_MEMORY;
 		}
 
-		cli_credentials_set_event_context(session_info->credentials, gensec_security->event_ctx);
 		cli_credentials_set_conf(session_info->credentials, gensec_security->lp_ctx);
 		/* Just so we don't segfault trying to get at a username */
 		cli_credentials_set_anonymous(session_info->credentials);
 		
 		ret = cli_credentials_set_client_gss_creds(session_info->credentials, 
+							   gensec_security->event_ctx,
 							   gensec_security->lp_ctx, 
 							   gensec_gssapi_state->delegated_cred_handle,
 							   CRED_SPECIFIED);
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index ae601b19c2..47df2ccfcc 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -118,7 +118,9 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
 
 	talloc_set_destructor(gensec_krb5_state, gensec_krb5_destroy); 
 
-	if (cli_credentials_get_krb5_context(creds, gensec_security->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
+	if (cli_credentials_get_krb5_context(creds, 
+					     gensec_security->event_ctx, 
+					     gensec_security->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
 		talloc_free(gensec_krb5_state);
 		return NT_STATUS_INTERNAL_ERROR;
 	}
@@ -248,7 +250,9 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
 
 	principal = gensec_get_target_principal(gensec_security);
 
-	ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), gensec_security->lp_ctx, &ccache_container);
+	ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), 
+				         gensec_security->event_ctx, 
+					 gensec_security->lp_ctx, &ccache_container);
 	switch (ret) {
 	case 0:
 		break;
@@ -446,7 +450,9 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
 		}	
 
 		/* Grab the keytab, however generated */
-		ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), gensec_security->lp_ctx, &keytab);
+		ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), 
+					         gensec_security->event_ctx, 
+						 gensec_security->lp_ctx, &keytab);
 		if (ret) {
 			return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
 		}
@@ -597,7 +603,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 		DEBUG(5, ("krb5_ticket_get_authorization_data_type failed to find PAC: %s\n", 
 			  smb_get_krb5_error_message(context, 
 						     ret, mem_ctx)));
-		nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->lp_ctx, principal_string,
+		nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
 							  &server_info);
 		krb5_free_principal(context, client_principal);
 		free(principal_string);
@@ -645,7 +651,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 	}
 
 	/* references the server_info into the session_info */
-	nt_status = auth_generate_session_info(mem_ctx, gensec_security->lp_ctx, server_info, &session_info);
+	nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		talloc_free(mem_ctx);
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index b3117ee9b2..f21202b86f 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -125,7 +125,8 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
 		}
 		
 		/* pull the session key for this client */
-		status = schannel_fetch_session_key(out_mem_ctx, gensec_security->lp_ctx, workstation, 
+		status = schannel_fetch_session_key(out_mem_ctx, gensec_security->event_ctx, 
+						    gensec_security->lp_ctx, workstation, 
 						    domain, &creds);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(3, ("Could not find session key for attempted schannel connection from %s: %s\n",
@@ -189,7 +190,7 @@ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security,
 					 struct auth_session_info **_session_info) 
 {
 	struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
-	return auth_anonymous_session_info(state, gensec_security->lp_ctx, _session_info);
+	return auth_anonymous_session_info(state, gensec_security->event_ctx, gensec_security->lp_ctx, _session_info);
 }
 
 static NTSTATUS schannel_start(struct gensec_security *gensec_security)
diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c
index 0c7c509954..0f7c4ca11d 100644
--- a/source4/auth/gensec/schannel_state.c
+++ b/source4/auth/gensec/schannel_state.c
@@ -32,7 +32,8 @@
 /**
   connect to the schannel ldb
 */
-struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct event_context *ev_ctx,
+					struct loadparm_context *lp_ctx)
 {
 	char *path;
 	struct ldb_context *ldb;
@@ -49,7 +50,7 @@ struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_con
 
 	existed = file_exist(path);
 	
-	ldb = ldb_wrap_connect(mem_ctx, lp_ctx, path, 
+	ldb = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx, path, 
 			       system_session(mem_ctx, lp_ctx), 
 			       NULL, LDB_FLG_NOSYNC, NULL);
 	talloc_free(path);
@@ -137,6 +138,7 @@ NTSTATUS schannel_store_session_key_ldb(TALLOC_CTX *mem_ctx,
 }
 
 NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
+				    struct event_context *ev_ctx,
 				    struct loadparm_context *lp_ctx,
 				    struct creds_CredentialState *creds)
 {
@@ -144,7 +146,7 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
 	NTSTATUS nt_status;
 	int ret;
 		
-	ldb = schannel_db_connect(mem_ctx, lp_ctx);
+	ldb = schannel_db_connect(mem_ctx, ev_ctx, lp_ctx);
 	if (!ldb) {
 		return NT_STATUS_ACCESS_DENIED;
 	}
@@ -268,6 +270,7 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx,
 }
 
 NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
+				    struct event_context *ev_ctx,
 				    struct loadparm_context *lp_ctx,
 					const char *computer_name, 
 					const char *domain, 
@@ -276,7 +279,7 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
 	NTSTATUS nt_status;
 	struct ldb_context *ldb;
 
-	ldb = schannel_db_connect(mem_ctx, lp_ctx);
+	ldb = schannel_db_connect(mem_ctx, ev_ctx, lp_ctx);
 	if (!ldb) {
 		return NT_STATUS_ACCESS_DENIED;
 	}
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 12802b7e79..d8ef2a20b8 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -725,7 +725,7 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security,
 	NTSTATUS nt_status;
 	struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
 
-	nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->lp_ctx, gensec_ntlmssp_state->server_info, session_info);
+	nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->lp_ctx, gensec_ntlmssp_state->server_info, session_info);
 	NT_STATUS_NOT_OK_RETURN(nt_status);
 
 	(*session_info)->session_key = data_blob_talloc(*session_info, 
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index ed44754993..a2090afcdc 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -428,6 +428,7 @@ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
 				   
 /* Used in the gensec_gssapi and gensec_krb5 server-side code, where the PAC isn't available */
 NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx, 
+				       struct event_context *event_ctx,
 				       struct loadparm_context *lp_ctx,
 				       const char *principal,
 				       struct auth_serversupplied_info **server_info)
@@ -445,7 +446,7 @@ NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	sam_ctx = samdb_connect(tmp_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx));
+	sam_ctx = samdb_connect(tmp_ctx, event_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx));
 	if (sam_ctx == NULL) {
 		talloc_free(tmp_ctx);
 		return NT_STATUS_INVALID_SYSTEM_SERVICE;
diff --git a/source4/auth/session.c b/source4/auth/session.c
index 112eac95d8..8f5e8d6c56 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -31,11 +31,12 @@
 #include "auth/session_proto.h"
 
 _PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx, 
+					    struct event_context *event_ctx, 
 					    struct loadparm_context *lp_ctx) 
 {
 	NTSTATUS nt_status;
 	struct auth_session_info *session_info = NULL;
-	nt_status = auth_anonymous_session_info(mem_ctx, lp_ctx, &session_info);
+	nt_status = auth_anonymous_session_info(mem_ctx, event_ctx, lp_ctx, &session_info);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		return NULL;
 	}
@@ -43,6 +44,7 @@ _PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
 }
 
 _PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, 
+				     struct event_context *event_ctx, 
 				     struct loadparm_context *lp_ctx,
 				     struct auth_session_info **_session_info) 
 {
@@ -60,7 +62,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
 	}
 
 	/* references the server_info into the session_info */
-	nt_status = auth_generate_session_info(parent_ctx, lp_ctx, server_info, &session_info);
+	nt_status = auth_generate_session_info(parent_ctx, event_ctx, lp_ctx, server_info, &session_info);
 	talloc_free(mem_ctx);
 
 	NT_STATUS_NOT_OK_RETURN(nt_status);
@@ -151,6 +153,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
 }
 
 _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, 
+				    struct event_context *event_ctx, 
 				    struct loadparm_context *lp_ctx,
 				    struct auth_serversupplied_info *server_info, 
 				    struct auth_session_info **_session_info) 
@@ -168,6 +171,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
 	session_info->session_key = server_info->user_session_key;
 
 	nt_status = security_token_create(session_info,
+					  event_ctx,
 					  lp_ctx,
 					  server_info->account_sid,
 					  server_info->primary_group_sid,
diff --git a/source4/auth/session.h b/source4/auth/session.h
index 87fc47791a..9b5fba7f39 100644
--- a/source4/auth/session.h
+++ b/source4/auth/session.h
@@ -36,6 +36,7 @@ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
 				    const char *netbios_name,
 				    struct auth_serversupplied_info **_server_info) ;
 NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, 
+				    struct event_context *event_ctx,
 				    struct loadparm_context *lp_ctx,
 				    struct auth_serversupplied_info *server_info, 
 				    struct auth_session_info **_session_info) ;
@@ -46,10 +47,12 @@ NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
 					      union netr_Validation *validation,
 					      struct auth_serversupplied_info **_server_info);
 NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, 
+				     struct event_context *ev_ctx,
 				     struct loadparm_context *lp_ctx,
 				     struct auth_session_info **_session_info);
 
 struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx, 
+					    struct event_context *event_ctx,
 					    struct loadparm_context *lp_ctx);
author	Andrew Tridgell <tridge@samba.org>	2008-04-17 15:21:08 +0200
committer	Andrew Tridgell <tridge@samba.org>	2008-04-17 15:21:08 +0200
commit	dc74e0fad683cb0ef9ee5996aedadd4c377a0f00 (patch)
tree	e33375abeb4ec70f646e420adfe9221e1bb87a2d /source4/auth
parent	11703b298685c9984a6a3c3a64eddb8a1a516b90 (diff)
parent	ef457187b4372f039f84fbb4f6e4f0fcffd67b5b (diff)
download	samba-dc74e0fad683cb0ef9ee5996aedadd4c377a0f00.tar.gz samba-dc74e0fad683cb0ef9ee5996aedadd4c377a0f00.tar.bz2 samba-dc74e0fad683cb0ef9ee5996aedadd4c377a0f00.zip