summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libcli/auth/schannel_proto.h4
-rw-r--r--libcli/auth/schannel_state_tdb.c70
-rwxr-xr-xlibcli/auth/wscript_build2
3 files changed, 37 insertions, 39 deletions
diff --git a/libcli/auth/schannel_proto.h b/libcli/auth/schannel_proto.h
index 7ee4c1c079..0414218614 100644
--- a/libcli/auth/schannel_proto.h
+++ b/libcli/auth/schannel_proto.h
@@ -25,8 +25,8 @@
struct schannel_state;
-struct tdb_wrap *open_schannel_session_store(TALLOC_CTX *mem_ctx,
- struct loadparm_context *lp_ctx);
+struct db_context *open_schannel_session_store(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx);
NTSTATUS netsec_incoming_packet(struct schannel_state *state,
bool do_unseal,
diff --git a/libcli/auth/schannel_state_tdb.c b/libcli/auth/schannel_state_tdb.c
index eecd00edb2..e9435c0501 100644
--- a/libcli/auth/schannel_state_tdb.c
+++ b/libcli/auth/schannel_state_tdb.c
@@ -28,7 +28,7 @@
#include "../lib/param/param.h"
#include "../libcli/auth/schannel.h"
#include "../librpc/gen_ndr/ndr_schannel.h"
-#include "lib/tdb_wrap/tdb_wrap.h"
+#include "lib/dbwrap/dbwrap.h"
#define SECRETS_SCHANNEL_STATE "SECRETS/SCHANNEL"
@@ -37,19 +37,21 @@
be called from parent processes to corectly handle TDB_CLEAR_IF_FIRST
*******************************************************************************/
-struct tdb_wrap *open_schannel_session_store(TALLOC_CTX *mem_ctx,
- struct loadparm_context *lp_ctx)
+struct db_context *open_schannel_session_store(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx)
{
- struct tdb_wrap *tdb_sc = NULL;
+ struct db_context *db_sc = NULL;
char *fname = lpcfg_private_path(mem_ctx, lp_ctx, "schannel_store.tdb");
if (!fname) {
return NULL;
}
- tdb_sc = tdb_wrap_open(mem_ctx, fname, 0, TDB_CLEAR_IF_FIRST|TDB_NOSYNC, O_RDWR|O_CREAT, 0600, lp_ctx);
+ db_sc = dbwrap_local_open(mem_ctx, lp_ctx, fname, 0,
+ TDB_CLEAR_IF_FIRST|TDB_NOSYNC, O_RDWR|O_CREAT,
+ 0600, 0);
- if (!tdb_sc) {
+ if (!db_sc) {
DEBUG(0,("open_schannel_session_store: Failed to open %s - %s\n",
fname, strerror(errno)));
TALLOC_FREE(fname);
@@ -58,23 +60,23 @@ struct tdb_wrap *open_schannel_session_store(TALLOC_CTX *mem_ctx,
TALLOC_FREE(fname);
- return tdb_sc;
+ return db_sc;
}
/********************************************************************
********************************************************************/
static
-NTSTATUS schannel_store_session_key_tdb(struct tdb_wrap *tdb_sc,
+NTSTATUS schannel_store_session_key_tdb(struct db_context *db_sc,
TALLOC_CTX *mem_ctx,
struct netlogon_creds_CredentialState *creds)
{
enum ndr_err_code ndr_err;
DATA_BLOB blob;
TDB_DATA value;
- int ret;
char *keystr;
char *name_upper;
+ NTSTATUS status;
name_upper = strupper_talloc(mem_ctx, creds->computer_name);
if (!name_upper) {
@@ -98,12 +100,12 @@ NTSTATUS schannel_store_session_key_tdb(struct tdb_wrap *tdb_sc,
value.dptr = blob.data;
value.dsize = blob.length;
- ret = tdb_store_bystring(tdb_sc->tdb, keystr, value, TDB_REPLACE);
- if (ret != TDB_SUCCESS) {
+ status = dbwrap_store_bystring(db_sc, keystr, value, TDB_REPLACE);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Unable to add %s to session key db - %s\n",
- keystr, tdb_errorstr(tdb_sc->tdb)));
+ keystr, nt_errstr(status)));
talloc_free(keystr);
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ return status;
}
DEBUG(3,("schannel_store_session_key_tdb: stored schannel info with key %s\n",
@@ -122,7 +124,7 @@ NTSTATUS schannel_store_session_key_tdb(struct tdb_wrap *tdb_sc,
********************************************************************/
static
-NTSTATUS schannel_fetch_session_key_tdb(struct tdb_wrap *tdb_sc,
+NTSTATUS schannel_fetch_session_key_tdb(struct db_context *db_sc,
TALLOC_CTX *mem_ctx,
const char *computer_name,
struct netlogon_creds_CredentialState **pcreds)
@@ -149,11 +151,10 @@ NTSTATUS schannel_fetch_session_key_tdb(struct tdb_wrap *tdb_sc,
return NT_STATUS_NO_MEMORY;
}
- value = tdb_fetch_bystring(tdb_sc->tdb, keystr);
- if (!value.dptr) {
+ status = dbwrap_fetch_bystring(db_sc, keystr, keystr, &value);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(10,("schannel_fetch_session_key_tdb: Failed to find entry with key %s\n",
keystr ));
- status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
goto done;
}
@@ -184,7 +185,6 @@ NTSTATUS schannel_fetch_session_key_tdb(struct tdb_wrap *tdb_sc,
done:
talloc_free(keystr);
- SAFE_FREE(value.dptr);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(creds);
@@ -207,7 +207,7 @@ NTSTATUS schannel_get_creds_state(TALLOC_CTX *mem_ctx,
struct netlogon_creds_CredentialState **_creds)
{
TALLOC_CTX *tmpctx;
- struct tdb_wrap *tdb_sc;
+ struct db_context *db_sc;
struct netlogon_creds_CredentialState *creds;
NTSTATUS status;
@@ -216,12 +216,12 @@ NTSTATUS schannel_get_creds_state(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- tdb_sc = open_schannel_session_store(tmpctx, lp_ctx);
- if (!tdb_sc) {
+ db_sc = open_schannel_session_store(tmpctx, lp_ctx);
+ if (!db_sc) {
return NT_STATUS_ACCESS_DENIED;
}
- status = schannel_fetch_session_key_tdb(tdb_sc, tmpctx,
+ status = schannel_fetch_session_key_tdb(db_sc, tmpctx,
computer_name, &creds);
if (NT_STATUS_IS_OK(status)) {
*_creds = talloc_steal(mem_ctx, creds);
@@ -244,7 +244,7 @@ NTSTATUS schannel_save_creds_state(TALLOC_CTX *mem_ctx,
struct netlogon_creds_CredentialState *creds)
{
TALLOC_CTX *tmpctx;
- struct tdb_wrap *tdb_sc;
+ struct db_context *db_sc;
NTSTATUS status;
tmpctx = talloc_named(mem_ctx, 0, "schannel_save_creds_state");
@@ -252,12 +252,12 @@ NTSTATUS schannel_save_creds_state(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- tdb_sc = open_schannel_session_store(tmpctx, lp_ctx);
- if (!tdb_sc) {
+ db_sc = open_schannel_session_store(tmpctx, lp_ctx);
+ if (!db_sc) {
return NT_STATUS_ACCESS_DENIED;
}
- status = schannel_store_session_key_tdb(tdb_sc, tmpctx, creds);
+ status = schannel_store_session_key_tdb(db_sc, tmpctx, creds);
talloc_free(tmpctx);
return status;
@@ -281,12 +281,13 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
struct netlogon_creds_CredentialState **creds_out)
{
TALLOC_CTX *tmpctx;
- struct tdb_wrap *tdb_sc;
+ struct db_context *db_sc;
struct netlogon_creds_CredentialState *creds;
NTSTATUS status;
int ret;
char *name_upper = NULL;
char *keystr = NULL;
+ struct db_record *record;
TDB_DATA key;
if (creds_out != NULL) {
@@ -313,14 +314,14 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
key = string_term_tdb_data(keystr);
- tdb_sc = open_schannel_session_store(tmpctx, lp_ctx);
- if (!tdb_sc) {
+ db_sc = open_schannel_session_store(tmpctx, lp_ctx);
+ if (!db_sc) {
status = NT_STATUS_ACCESS_DENIED;
goto done;
}
- ret = tdb_chainlock(tdb_sc->tdb, key);
- if (ret != 0) {
+ record = dbwrap_fetch_locked(db_sc, tmpctx, key);
+ if (!record) {
status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto done;
}
@@ -329,10 +330,9 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
* disconnects) we must update the database every time we
* update the structure */
- status = schannel_fetch_session_key_tdb(tdb_sc, tmpctx,
+ status = schannel_fetch_session_key_tdb(db_sc, tmpctx,
computer_name, &creds);
if (!NT_STATUS_IS_OK(status)) {
- tdb_chainunlock(tdb_sc->tdb, key);
goto done;
}
@@ -340,12 +340,10 @@ NTSTATUS schannel_check_creds_state(TALLOC_CTX *mem_ctx,
received_authenticator,
return_authenticator);
if (!NT_STATUS_IS_OK(status)) {
- tdb_chainunlock(tdb_sc->tdb, key);
goto done;
}
- status = schannel_store_session_key_tdb(tdb_sc, tmpctx, creds);
- tdb_chainunlock(tdb_sc->tdb, key);
+ status = schannel_store_session_key_tdb(db_sc, tmpctx, creds);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
diff --git a/libcli/auth/wscript_build b/libcli/auth/wscript_build
index 092d5e4b13..df23058f6e 100755
--- a/libcli/auth/wscript_build
+++ b/libcli/auth/wscript_build
@@ -25,7 +25,7 @@ bld.SAMBA_SUBSYSTEM('LIBCLI_AUTH',
bld.SAMBA_SUBSYSTEM('COMMON_SCHANNEL',
source='schannel_state_tdb.c schannel_sign.c',
- deps='tdb-wrap util_tdb samba-hostconfig NDR_NETLOGON'
+ deps='dbwrap util_tdb samba-hostconfig NDR_NETLOGON'
)