diff options
| -rw-r--r-- | source3/auth/wscript_build | 2 | ||||
| -rw-r--r-- | source3/include/secrets.h | 5 | ||||
| -rw-r--r-- | source3/passdb/machine_account_secrets.c | 99 | ||||
| -rwxr-xr-x | source3/wscript_build | 22 |
4 files changed, 68 insertions, 60 deletions
diff --git a/source3/auth/wscript_build b/source3/auth/wscript_build index 4f04772b4c..0dba13f7cb 100644 --- a/source3/auth/wscript_build +++ b/source3/auth/wscript_build @@ -16,7 +16,7 @@ AUTH_SRC = '''auth.c bld.SAMBA3_SUBSYSTEM('TOKEN_UTIL', source='token_util.c', - deps='samba-util', + deps='samba-util pdb', vars=locals()) bld.SAMBA3_SUBSYSTEM('USER_UTIL', diff --git a/source3/include/secrets.h b/source3/include/secrets.h index 705a3296dc..6cb2e0473e 100644 --- a/source3/include/secrets.h +++ b/source3/include/secrets.h @@ -39,6 +39,7 @@ really secret. */ #define SECRETS_DOMAIN_SID "SECRETS/SID" #define SECRETS_SAM_SID "SAM/SID" +#define SECRETS_PROTECT_IDS "SECRETS/PROTECT/IDS" /* The domain GUID and server GUID (NOT the same) are also not secret */ #define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID" @@ -88,6 +89,10 @@ void secrets_shutdown(void); void *secrets_fetch(const char *key, size_t *size); bool secrets_store(const char *key, const void *data, size_t size); bool secrets_delete(const char *key); + +/* The following definitions come from passdb/machine_account_secrets.c */ +bool secrets_mark_domain_protected(const char *domain); +bool secrets_clear_domain_protection(const char *domain); bool secrets_store_domain_sid(const char *domain, const struct dom_sid *sid); bool secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid); bool secrets_store_domain_guid(const char *domain, struct GUID *guid); diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c index 565c7c4c20..a2bd8be493 100644 --- a/source3/passdb/machine_account_secrets.c +++ b/source3/passdb/machine_account_secrets.c @@ -53,18 +53,52 @@ static const char *domain_sid_keystr(const char *domain) return keystr; } +static const char *protect_ids_keystr(const char *domain) +{ + char *keystr; + + keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s", + SECRETS_PROTECT_IDS, domain); + SMB_ASSERT(keystr != NULL); + return keystr; +} + +/* N O T E: never use this outside of passdb modules that store the SID on their own */ +bool secrets_mark_domain_protected(const char *domain) +{ + bool ret; + + ret = secrets_store(protect_ids_keystr(domain), "TRUE", 5); + if (!ret) { + DEBUG(0, ("Failed to protect the Domain IDs\n")); + } + return ret; +} + +bool secrets_clear_domain_protection(const char *domain) +{ + bool ret; + + ret = secrets_delete(protect_ids_keystr(domain)); + if (!ret) { + DEBUG(0, ("Failed to remove Domain IDs protection\n")); + } + return ret; +} + bool secrets_store_domain_sid(const char *domain, const struct dom_sid *sid) { + char *protect_ids; bool ret; #if _SAMBA_BUILD_ == 4 - if (strequal(domain, get_global_sam_name()) && - (pdb_capabilities() & PDB_CAP_ADS)) { - /* If we have a ADS-capable passdb backend, we - * must never make up our own SID, it will - * already be in the directory */ - DEBUG(0, ("Refusing to store a Domain SID, this should be read from the directory not stored here\n")); - return false; + protect_ids = secrets_fetch(protect_ids_keystr(domain), NULL); + if (protect_ids) { + if (strncmp(protect_ids, "TRUE", 4)) { + DEBUG(0, ("Refusing to store a Domain SID, " + "it has been marked as protected!\n")); + return false; + } } #endif @@ -81,24 +115,6 @@ bool secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid) struct dom_sid *dyn_sid; size_t size = 0; -#if _SAMBA_BUILD_ == 4 - if (strequal(domain, get_global_sam_name()) && - (pdb_capabilities() & PDB_CAP_ADS)) { - struct pdb_domain_info *domain_info; - domain_info = pdb_get_domain_info(talloc_tos()); - if (!domain_info) { - /* If we have a ADS-capable passdb backend, we - * must never make up our own SID, it will - * already be in the directory */ - DEBUG(0, ("Unable to fetch a Domain SID from the directory!\n")); - return false; - } - - *sid = domain_info->sid; - return true; - } -#endif - dyn_sid = (struct dom_sid *)secrets_fetch(domain_sid_keystr(domain), &size); if (dyn_sid == NULL) @@ -116,16 +132,17 @@ bool secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid) bool secrets_store_domain_guid(const char *domain, struct GUID *guid) { + char *protect_ids; fstring key; #if _SAMBA_BUILD_ == 4 - if (strequal(domain, get_global_sam_name()) && - (pdb_capabilities() & PDB_CAP_ADS)) { - /* If we have a ADS-capable passdb backend, we - * must never make up our own GUID, it will - * already be in the directory */ - DEBUG(0, ("Refusing to store a Domain GUID, this should be read from the directory not stored here\n")); - return false; + protect_ids = secrets_fetch(protect_ids_keystr(domain), NULL); + if (protect_ids) { + if (strncmp(protect_ids, "TRUE", 4)) { + DEBUG(0, ("Refusing to store a Domain SID, " + "it has been marked as protected!\n")); + return false; + } } #endif @@ -141,24 +158,6 @@ bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid) size_t size = 0; struct GUID new_guid; -#if _SAMBA_BUILD_ == 4 - if (strequal(domain, get_global_sam_name()) && - (pdb_capabilities() & PDB_CAP_ADS)) { - struct pdb_domain_info *domain_info; - domain_info = pdb_get_domain_info(talloc_tos()); - if (!domain_info) { - /* If we have a ADS-capable passdb backend, we - * must never make up our own SID, it will - * already be in the directory */ - DEBUG(0, ("Unable to fetch a Domain GUID from the directory!\n")); - return false; - } - - *guid = domain_info->guid; - return true; - } -#endif - slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain); strupper_m(key); dyn_guid = (struct GUID *)secrets_fetch(key, &size); diff --git a/source3/wscript_build b/source3/wscript_build index 6d856a544f..60524709a7 100755 --- a/source3/wscript_build +++ b/source3/wscript_build @@ -692,7 +692,7 @@ bld.SAMBA3_LIBRARY('nss_wins', bld.SAMBA3_LIBRARY('gse', source='librpc/crypto/gse_krb5.c librpc/crypto/gse.c', - deps='KRB5_WRAP gensec param KRBCLIENT SECRETS3', + deps='KRB5_WRAP gensec param KRBCLIENT secrets3', private_library=True) bld.SAMBA3_LIBRARY('msrpc3', @@ -725,7 +725,7 @@ bld.SAMBA3_SUBSYSTEM('TLDAP', bld.SAMBA3_LIBRARY('pdb', source=PASSDB_SRC, - deps='SECRETS3 GROUPDB SERVER_MUTEX wbclient LIBCLI_AUTH flag_mapping', + deps='secrets3 GROUPDB SERVER_MUTEX wbclient LIBCLI_AUTH flag_mapping', private_library=True, public_headers=''' include/passdb.h @@ -800,7 +800,7 @@ bld.SAMBA3_LIBRARY('popt_samba3', bld.SAMBA3_LIBRARY('util_cmdline', source='lib/util_cmdline.c', - deps='SECRETS3 popt', + deps='secrets3 popt', private_library=True) bld.SAMBA3_SUBSYSTEM('KRBCLIENT', @@ -871,9 +871,13 @@ bld.SAMBA3_SUBSYSTEM('CLDAP', deps='cli-ldap-common cli_cldap LIBTSOCKET', vars=locals()) -bld.SAMBA3_SUBSYSTEM('SECRETS3', +# NOTE: The secrets3 library is a low level library used by several subsystems. +# PLEASE DO NOT make it depend on high level libraries like PDB, if you are +# doing that your design is wrong and needs changing. -SSS +bld.SAMBA3_LIBRARY('secrets3', source=SECRETS_SRC, - deps='NDR_SECRETS param samba3util dbwrap pdb', + deps='NDR_SECRETS param samba3util dbwrap', + private_library=True, vars=locals()) bld.SAMBA3_LIBRARY('smbldap', @@ -1010,7 +1014,7 @@ bld.SAMBA3_SUBSYSTEM('FNAME_UTIL', bld.SAMBA3_SUBSYSTEM('LIBNET', source=LIBNET_SRC, - deps='NDR_LIBNET_JOIN INIT_SAMR net_keytab', + deps='NDR_LIBNET_JOIN INIT_SAMR net_keytab pdb', vars=locals()) bld.SAMBA3_LIBRARY('net_keytab', @@ -1074,7 +1078,7 @@ bld.SAMBA3_SUBSYSTEM('DCUTIL', bld.SAMBA3_LIBRARY('trusts_util', source='libsmb/trusts_util.c', - deps='libcli_netlogon3 msrpc3', + deps='libcli_netlogon3 msrpc3 pdb', vars=locals(), private_library=True) @@ -1148,7 +1152,7 @@ bld.SAMBA3_LIBRARY('libcli_netlogon3', bld.SAMBA3_LIBRARY('cli_spoolss', source=LIBCLI_SPOOLSS_SRC, - deps='RPC_NDR_SPOOLSS param SECRETS3', + deps='RPC_NDR_SPOOLSS param secrets3', private_library=True) bld.SAMBA3_SUBSYSTEM('LIBCLI_WINREG', @@ -1359,7 +1363,7 @@ bld.SAMBA3_BINARY('smbta-util', source=SMBTA_UTIL_SRC, deps=''' talloc - SECRETS3 + secrets3 param''', vars=locals()) |