diff options
Diffstat (limited to 'source4/kdc')
| -rw-r--r-- | source4/kdc/config.mk | 18 | ||||
| -rw-r--r-- | source4/kdc/hdb-samba4.h | 2 | ||||
| -rw-r--r-- | source4/kdc/kdc.c | 9 | ||||
| -rw-r--r-- | source4/kdc/kdc.h | 2 | ||||
| -rw-r--r-- | source4/kdc/pac-glue.c | 43 | ||||
| -rw-r--r-- | source4/kdc/pac-glue.h | 30 |
6 files changed, 72 insertions, 32 deletions
diff --git a/source4/kdc/config.mk b/source4/kdc/config.mk index 03fa2db295..7a99857248 100644 --- a/source4/kdc/config.mk +++ b/source4/kdc/config.mk @@ -6,7 +6,7 @@ INIT_FUNCTION = server_service_kdc_init SUBSYSTEM = service PRIVATE_DEPENDENCIES = \ - HEIMDAL_KDC HDB_SAMBA4 LIBSAMBA-HOSTCONFIG + HEIMDAL_KDC HDB_SAMBA4 PAC_GLUE LIBSAMBA-HOSTCONFIG # End SUBSYSTEM KDC ####################### @@ -22,5 +22,17 @@ PRIVATE_DEPENDENCIES = \ # End SUBSYSTEM KDC ####################### -HDB_SAMBA4_OBJ_FILES = $(addprefix $(kdcsrcdir)/, hdb-samba4.o pac-glue.o) -$(eval $(call proto_header_template,$(kdcsrcdir)/pac_glue.h,$(HDB_SAMBA4_OBJ_FILES:.o=.c))) +HDB_SAMBA4_OBJ_FILES = $(addprefix $(kdcsrcdir)/, hdb-samba4.o) + +####################### +# Start SUBSYSTEM KDC +[SUBSYSTEM::PAC_GLUE] +CFLAGS = -Iheimdal/kdc -Iheimdal/lib/hdb +PRIVATE_DEPENDENCIES = \ + LIBLDB auth_sam auth_sam_reply CREDENTIALS \ + HEIMDAL_HDB LIBSAMBA-HOSTCONFIG +# End SUBSYSTEM KDC +####################### + +PAC_GLUE_OBJ_FILES = $(addprefix $(kdcsrcdir)/, pac-glue.o) +$(eval $(call proto_header_template,$(kdcsrcdir)/pac-glue_proto.h,$(HDB_SAMBA4_OBJ_FILES:.o=.c))) diff --git a/source4/kdc/hdb-samba4.h b/source4/kdc/hdb-samba4.h index 0b39fdfb10..fc2f9c1310 100644 --- a/source4/kdc/hdb-samba4.h +++ b/source4/kdc/hdb-samba4.h @@ -20,8 +20,6 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -extern TALLOC_CTX *hdb_samba4_mem_ctx; - struct hdb_samba4_context { struct tevent_context *ev_ctx; struct loadparm_context *lp_ctx; diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c index 746781f02d..c861f7ae3e 100644 --- a/source4/kdc/kdc.c +++ b/source4/kdc/kdc.c @@ -550,15 +550,6 @@ static NTSTATUS kdc_startup_interfaces(struct kdc_server *kdc, struct loadparm_c return NT_STATUS_OK; } -static struct krb5plugin_windc_ftable windc_plugin_table = { - .minor_version = KRB5_WINDC_PLUGING_MINOR, - .init = samba_kdc_plugin_init, - .fini = samba_kdc_plugin_fini, - .pac_generate = samba_kdc_get_pac, - .pac_verify = samba_kdc_reget_pac, - .client_access = samba_kdc_check_client_access, -}; - static NTSTATUS kdc_check_generic_kerberos(struct irpc_message *msg, struct kdc_check_generic_kerberos *r) diff --git a/source4/kdc/kdc.h b/source4/kdc/kdc.h index e8511d95eb..fb70f95392 100644 --- a/source4/kdc/kdc.h +++ b/source4/kdc/kdc.h @@ -25,7 +25,7 @@ #include <hdb.h> #include <kdc.h> #include <krb5/windc_plugin.h> -#include "kdc/pac_glue.h" +#include "kdc/pac-glue.h" #include "kdc/hdb-samba4.h" struct kdc_server; diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index 3dcdd4d439..3d542d9a94 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -34,13 +34,13 @@ struct krb5_dh_moduli; struct _krb5_krb_auth_data; -krb5_error_code samba_kdc_plugin_init(krb5_context context, void **ptr) +static krb5_error_code samba_kdc_plugin_init(krb5_context context, void **ptr) { *ptr = NULL; return 0; } -void samba_kdc_plugin_fini(void *ptr) +static void samba_kdc_plugin_fini(void *ptr) { return; } @@ -104,10 +104,10 @@ static krb5_error_code make_pac(krb5_context context, } /* Given the right private pointer from hdb_samba4, get a PAC from the attached ldb messages */ -krb5_error_code samba_kdc_get_pac(void *priv, - krb5_context context, - struct hdb_entry_ex *client, - krb5_pac *pac) +static krb5_error_code samba_kdc_get_pac(void *priv, + krb5_context context, + struct hdb_entry_ex *client, + krb5_pac *pac) { krb5_error_code ret; NTSTATUS nt_status; @@ -149,10 +149,10 @@ krb5_error_code samba_kdc_get_pac(void *priv, /* Resign (and reform, including possibly new groups) a PAC */ -krb5_error_code samba_kdc_reget_pac(void *priv, krb5_context context, - const krb5_principal client_principal, - struct hdb_entry_ex *client, - struct hdb_entry_ex *server, krb5_pac *pac) +static krb5_error_code samba_kdc_reget_pac(void *priv, krb5_context context, + const krb5_principal client_principal, + struct hdb_entry_ex *client, + struct hdb_entry_ex *server, krb5_pac *pac) { krb5_error_code ret; @@ -230,13 +230,13 @@ static void samba_kdc_build_edata_reply(TALLOC_CTX *tmp_ctx, krb5_data *e_data, * the account_ok routine in auth/auth_sam.c for consistancy */ -krb5_error_code samba_kdc_check_client_access(void *priv, - krb5_context context, - krb5_kdc_configuration *config, - hdb_entry_ex *client_ex, const char *client_name, - hdb_entry_ex *server_ex, const char *server_name, - KDC_REQ *req, - krb5_data *e_data) +static krb5_error_code samba_kdc_check_client_access(void *priv, + krb5_context context, + krb5_kdc_configuration *config, + hdb_entry_ex *client_ex, const char *client_name, + hdb_entry_ex *server_ex, const char *server_name, + KDC_REQ *req, + krb5_data *e_data) { krb5_error_code ret; NTSTATUS nt_status; @@ -314,3 +314,12 @@ krb5_error_code samba_kdc_check_client_access(void *priv, return ret; } +struct krb5plugin_windc_ftable windc_plugin_table = { + .minor_version = KRB5_WINDC_PLUGING_MINOR, + .init = samba_kdc_plugin_init, + .fini = samba_kdc_plugin_fini, + .pac_generate = samba_kdc_get_pac, + .pac_verify = samba_kdc_reget_pac, + .client_access = samba_kdc_check_client_access, +}; + diff --git a/source4/kdc/pac-glue.h b/source4/kdc/pac-glue.h new file mode 100644 index 0000000000..1c14f7fdb6 --- /dev/null +++ b/source4/kdc/pac-glue.h @@ -0,0 +1,30 @@ +/* + Unix SMB/CIFS implementation. + + KDC Server startup + + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005-2009 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef __KDC_PAC_GLUE_H__ +#define __KDC_PAC_GLUE_H__ + +#include "kdc/pac-glue_proto.h" + +extern struct krb5plugin_windc_ftable windc_plugin_table; + +#endif /* __KDC_PAC_GLUE_H__ */ + |