diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-11-05 11:13:22 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:45:48 -0500 |
| commit | df9af348761989a8a1f257a29e9209aed4bfb373 (patch) | |
| tree | 6bfbbd9f36002c93257c01e9d1f14f8bf83769a3 /source4 | |
| parent | 72820aaf9281acc2acec869793a95f3353c1034c (diff) | |
| download | samba-df9af348761989a8a1f257a29e9209aed4bfb373.tar.gz samba-df9af348761989a8a1f257a29e9209aed4bfb373.tar.bz2 samba-df9af348761989a8a1f257a29e9209aed4bfb373.zip | |
r11522: Add support for delegated credentials and machine account credentials
to ldb, based on the sessionInfo we now pass around.
Andrew Bartlett
(This used to be commit 84e16e4ea7240409f15efd9f64344f9e0cec8111)
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/auth/auth_util.c | 20 | ||||
| -rw-r--r-- | source4/lib/ldb/ldb_ildap/ldb_ildap.c | 10 |
2 files changed, 28 insertions, 2 deletions
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index df4e510c2f..95d1ddb2fc 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -553,6 +553,14 @@ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, NT_STATUS_NOT_OK_RETURN(nt_status); + session_info->credentials = cli_credentials_init(session_info); + if (!session_info->credentials) { + return NT_STATUS_NO_MEMORY; + } + + cli_credentials_set_conf(session_info->credentials); + cli_credentials_set_anonymous(session_info->credentials); + *_session_info = session_info; return NT_STATUS_OK; @@ -590,6 +598,18 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, NT_STATUS_NOT_OK_RETURN(nt_status); + session_info->credentials = cli_credentials_init(session_info); + if (!session_info->credentials) { + return NT_STATUS_NO_MEMORY; + } + + cli_credentials_set_conf(session_info->credentials); + if (!NT_STATUS_IS_OK(cli_credentials_set_machine_account(session_info->credentials))) { + /* perhaps no credentials, we might not be joined to a domain */ + talloc_free(session_info->credentials); + session_info->credentials = NULL; + } + *_session_info = session_info; return NT_STATUS_OK; diff --git a/source4/lib/ldb/ldb_ildap/ldb_ildap.c b/source4/lib/ldb/ldb_ildap/ldb_ildap.c index 5fc326b425..06ff79b9a0 100644 --- a/source4/lib/ldb/ldb_ildap/ldb_ildap.c +++ b/source4/lib/ldb/ldb_ildap/ldb_ildap.c @@ -36,6 +36,7 @@ #include "libcli/ldap/ldap.h" #include "libcli/ldap/ldap_client.h" #include "lib/cmdline/popt_common.h" +#include "auth/auth.h" struct ildb_private { struct ldap_connection *ldap; @@ -459,9 +460,14 @@ int ildb_connect(struct ldb_context *ldb, const char *url, ldb->modules->ops = &ildb_ops; /* caller can optionally setup credentials using the opaque token 'credentials' */ - creds = ldb_get_opaque(ldb, "credentials"); + creds = talloc_get_type(ldb_get_opaque(ldb, "credentials"), struct cli_credentials); if (creds == NULL) { - creds = cmdline_credentials; + struct auth_session_info *session_info = talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info); + if (session_info && session_info->credentials) { + creds = session_info->credentials; + } else { + creds = cmdline_credentials; + } } if (creds != NULL && cli_credentials_authentication_requested(creds)) { |