summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules/update_keytab.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules/update_keytab.c')
-rw-r--r--source4/dsdb/samdb/ldb_modules/update_keytab.c81
1 files changed, 53 insertions, 28 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/update_keytab.c b/source4/dsdb/samdb/ldb_modules/update_keytab.c
index 7b82763403..8920afee71 100644
--- a/source4/dsdb/samdb/ldb_modules/update_keytab.c
+++ b/source4/dsdb/samdb/ldb_modules/update_keytab.c
@@ -28,7 +28,7 @@
*/
#include "includes.h"
-#include "ldb/include/ldb_includes.h"
+#include "ldb_module.h"
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "system/kerberos.h"
@@ -47,7 +47,7 @@ struct update_kt_ctx {
struct ldb_request *req;
struct ldb_dn *dn;
- bool delete;
+ bool do_delete;
struct ldb_reply *op_reply;
bool found;
@@ -60,7 +60,7 @@ static struct update_kt_ctx *update_kt_ctx_init(struct ldb_module *module,
ac = talloc_zero(req, struct update_kt_ctx);
if (ac == NULL) {
- ldb_oom(module->ldb);
+ ldb_oom(ldb_module_get_ctx(module));
return NULL;
}
@@ -75,8 +75,9 @@ static struct update_kt_ctx *update_kt_ctx_init(struct ldb_module *module,
* Just hope we are lucky and nothing breaks (using the tdb backend masks a lot
* of async issues). -SSS
*/
-static int add_modified(struct ldb_module *module, struct ldb_dn *dn, bool delete) {
- struct update_kt_private *data = talloc_get_type(module->private_data, struct update_kt_private);
+static int add_modified(struct ldb_module *module, struct ldb_dn *dn, bool do_delete) {
+ struct ldb_context *ldb = ldb_module_get_ctx(module);
+ struct update_kt_private *data = talloc_get_type(ldb_module_get_private(module), struct update_kt_private);
struct dn_list *item;
char *filter;
struct ldb_result *res;
@@ -87,11 +88,11 @@ static int add_modified(struct ldb_module *module, struct ldb_dn *dn, bool delet
filter = talloc_asprintf(data, "(&(dn=%s)(&(objectClass=kerberosSecret)(privateKeytab=*)))",
ldb_dn_get_linearized(dn));
if (!filter) {
- ldb_oom(module->ldb);
+ ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
- ret = ldb_search(module->ldb, data, &res,
+ ret = ldb_search(ldb, data, &res,
dn, LDB_SCOPE_BASE, attrs, "%s", filter);
if (ret != LDB_SUCCESS) {
talloc_free(filter);
@@ -109,7 +110,7 @@ static int add_modified(struct ldb_module *module, struct ldb_dn *dn, bool delet
item = talloc(data->changed_dns? (void *)data->changed_dns: (void *)data, struct dn_list);
if (!item) {
talloc_free(filter);
- ldb_oom(module->ldb);
+ ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
@@ -117,15 +118,15 @@ static int add_modified(struct ldb_module *module, struct ldb_dn *dn, bool delet
if (!item->creds) {
DEBUG(1, ("cli_credentials_init failed!"));
talloc_free(filter);
- ldb_oom(module->ldb);
+ ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
- cli_credentials_set_conf(item->creds, ldb_get_opaque(module->ldb, "loadparm"));
- status = cli_credentials_set_secrets(item->creds, ldb_get_event_context(module->ldb), ldb_get_opaque(module->ldb, "loadparm"), module->ldb, NULL, filter);
+ cli_credentials_set_conf(item->creds, ldb_get_opaque(ldb, "loadparm"));
+ status = cli_credentials_set_secrets(item->creds, ldb_get_event_context(ldb), ldb_get_opaque(ldb, "loadparm"), ldb, NULL, filter);
talloc_free(filter);
if (NT_STATUS_IS_OK(status)) {
- if (delete) {
+ if (do_delete) {
/* Ensure we don't helpfully keep an old keytab entry */
cli_credentials_set_kvno(item->creds, cli_credentials_get_kvno(item->creds)+2);
/* Wipe passwords */
@@ -142,10 +143,12 @@ static int ukt_search_modified(struct update_kt_ctx *ac);
static int update_kt_op_callback(struct ldb_request *req,
struct ldb_reply *ares)
{
+ struct ldb_context *ldb;
struct update_kt_ctx *ac;
int ret;
ac = talloc_get_type(req->context, struct update_kt_ctx);
+ ldb = ldb_module_get_ctx(ac->module);
if (!ares) {
return ldb_module_done(ac->req, NULL, NULL,
@@ -157,12 +160,12 @@ static int update_kt_op_callback(struct ldb_request *req,
}
if (ares->type != LDB_REPLY_DONE) {
- ldb_set_errstring(ac->module->ldb, "Invalid request type!\n");
+ ldb_set_errstring(ldb, "Invalid request type!\n");
return ldb_module_done(ac->req, NULL, NULL,
LDB_ERR_OPERATIONS_ERROR);
}
- if (ac->delete) {
+ if (ac->do_delete) {
return ldb_module_done(ac->req, ares->controls,
ares->response, LDB_SUCCESS);
}
@@ -179,10 +182,13 @@ static int update_kt_op_callback(struct ldb_request *req,
static int ukt_del_op(struct update_kt_ctx *ac)
{
+ struct ldb_context *ldb;
struct ldb_request *down_req;
int ret;
- ret = ldb_build_del_req(&down_req, ac->module->ldb, ac,
+ ldb = ldb_module_get_ctx(ac->module);
+
+ ret = ldb_build_del_req(&down_req, ldb, ac,
ac->dn,
ac->req->controls,
ac, update_kt_op_callback,
@@ -224,10 +230,10 @@ static int ukt_search_modified_callback(struct ldb_request *req,
if (ac->found) {
/* do the dirty sync job here :/ */
- ret = add_modified(ac->module, ac->dn, ac->delete);
+ ret = add_modified(ac->module, ac->dn, ac->do_delete);
}
- if (ac->delete) {
+ if (ac->do_delete) {
ret = ukt_del_op(ac);
if (ret != LDB_SUCCESS) {
return ldb_module_done(ac->req,
@@ -246,11 +252,14 @@ static int ukt_search_modified_callback(struct ldb_request *req,
static int ukt_search_modified(struct update_kt_ctx *ac)
{
+ struct ldb_context *ldb;
static const char * const attrs[] = { "distinguishedName", NULL };
struct ldb_request *search_req;
int ret;
- ret = ldb_build_search_req(&search_req, ac->module->ldb, ac,
+ ldb = ldb_module_get_ctx(ac->module);
+
+ ret = ldb_build_search_req(&search_req, ldb, ac,
ac->dn, LDB_SCOPE_BASE,
"(&(objectClass=kerberosSecret)"
"(privateKeytab=*))", attrs,
@@ -267,10 +276,13 @@ static int ukt_search_modified(struct update_kt_ctx *ac)
/* add */
static int update_kt_add(struct ldb_module *module, struct ldb_request *req)
{
+ struct ldb_context *ldb;
struct update_kt_ctx *ac;
struct ldb_request *down_req;
int ret;
+ ldb = ldb_module_get_ctx(module);
+
ac = update_kt_ctx_init(module, req);
if (ac == NULL) {
return LDB_ERR_OPERATIONS_ERROR;
@@ -278,7 +290,7 @@ static int update_kt_add(struct ldb_module *module, struct ldb_request *req)
ac->dn = req->op.add.message->dn;
- ret = ldb_build_add_req(&down_req, module->ldb, ac,
+ ret = ldb_build_add_req(&down_req, ldb, ac,
req->op.add.message,
req->controls,
ac, update_kt_op_callback,
@@ -293,10 +305,13 @@ static int update_kt_add(struct ldb_module *module, struct ldb_request *req)
/* modify */
static int update_kt_modify(struct ldb_module *module, struct ldb_request *req)
{
+ struct ldb_context *ldb;
struct update_kt_ctx *ac;
struct ldb_request *down_req;
int ret;
+ ldb = ldb_module_get_ctx(module);
+
ac = update_kt_ctx_init(module, req);
if (ac == NULL) {
return LDB_ERR_OPERATIONS_ERROR;
@@ -304,7 +319,7 @@ static int update_kt_modify(struct ldb_module *module, struct ldb_request *req)
ac->dn = req->op.mod.message->dn;
- ret = ldb_build_mod_req(&down_req, module->ldb, ac,
+ ret = ldb_build_mod_req(&down_req, ldb, ac,
req->op.mod.message,
req->controls,
ac, update_kt_op_callback,
@@ -327,7 +342,7 @@ static int update_kt_delete(struct ldb_module *module, struct ldb_request *req)
}
ac->dn = req->op.del.dn;
- ac->delete = true;
+ ac->do_delete = true;
return ukt_search_modified(ac);
}
@@ -335,10 +350,13 @@ static int update_kt_delete(struct ldb_module *module, struct ldb_request *req)
/* rename */
static int update_kt_rename(struct ldb_module *module, struct ldb_request *req)
{
+ struct ldb_context *ldb;
struct update_kt_ctx *ac;
struct ldb_request *down_req;
int ret;
+ ldb = ldb_module_get_ctx(module);
+
ac = update_kt_ctx_init(module, req);
if (ac == NULL) {
return LDB_ERR_OPERATIONS_ERROR;
@@ -346,7 +364,7 @@ static int update_kt_rename(struct ldb_module *module, struct ldb_request *req)
ac->dn = req->op.rename.newdn;
- ret = ldb_build_rename_req(&down_req, module->ldb, ac,
+ ret = ldb_build_rename_req(&down_req, ldb, ac,
req->op.rename.olddn,
req->op.rename.newdn,
req->controls,
@@ -362,16 +380,19 @@ static int update_kt_rename(struct ldb_module *module, struct ldb_request *req)
/* end a transaction */
static int update_kt_end_trans(struct ldb_module *module)
{
- struct update_kt_private *data = talloc_get_type(module->private_data, struct update_kt_private);
+ struct ldb_context *ldb;
+ struct update_kt_private *data = talloc_get_type(ldb_module_get_private(module), struct update_kt_private);
struct dn_list *p;
+ ldb = ldb_module_get_ctx(module);
+
for (p=data->changed_dns; p; p = p->next) {
int kret;
- kret = cli_credentials_update_keytab(p->creds, ldb_get_event_context(module->ldb), ldb_get_opaque(module->ldb, "loadparm"));
+ kret = cli_credentials_update_keytab(p->creds, ldb_get_event_context(ldb), ldb_get_opaque(ldb, "loadparm"));
if (kret != 0) {
talloc_free(data->changed_dns);
data->changed_dns = NULL;
- ldb_asprintf_errstring(module->ldb, "Failed to update keytab: %s", error_message(kret));
+ ldb_asprintf_errstring(ldb, "Failed to update keytab: %s", error_message(kret));
return LDB_ERR_OPERATIONS_ERROR;
}
}
@@ -385,7 +406,7 @@ static int update_kt_end_trans(struct ldb_module *module)
/* end a transaction */
static int update_kt_del_trans(struct ldb_module *module)
{
- struct update_kt_private *data = talloc_get_type(module->private_data, struct update_kt_private);
+ struct update_kt_private *data = talloc_get_type(ldb_module_get_private(module), struct update_kt_private);
talloc_free(data->changed_dns);
data->changed_dns = NULL;
@@ -395,17 +416,21 @@ static int update_kt_del_trans(struct ldb_module *module)
static int update_kt_init(struct ldb_module *module)
{
+ struct ldb_context *ldb;
struct update_kt_private *data;
+ ldb = ldb_module_get_ctx(module);
+
data = talloc(module, struct update_kt_private);
if (data == NULL) {
- ldb_oom(module->ldb);
+ ldb_oom(ldb);
return LDB_ERR_OPERATIONS_ERROR;
}
- module->private_data = data;
data->changed_dns = NULL;
+ ldb_module_set_private(module, data);
+
return ldb_next_init(module);
}
generated by cgit (git 2.34.1) at 2024-11-07 23:29:52 +0000