diff options
Diffstat (limited to 'source4/passdb')
-rw-r--r-- | source4/passdb/secrets.c | 132 |
1 files changed, 0 insertions, 132 deletions
diff --git a/source4/passdb/secrets.c b/source4/passdb/secrets.c index 486ccb8b11..c400caaaa4 100644 --- a/source4/passdb/secrets.c +++ b/source4/passdb/secrets.c @@ -451,138 +451,6 @@ BOOL secrets_store_ldap_pw(const char* dn, char* pw) return ret; } - -/** - * Get trusted domains info from secrets.tdb. - * - * The linked list is allocated on the supplied talloc context, caller gets to destroy - * when done. - * - * @param ctx Allocation context - * @param enum_ctx Starting index, eg. we can start fetching at third - * or sixth trusted domain entry. Zero is the first index. - * Value it is set to is the enum context for the next enumeration. - * @param num_domains Number of domain entries to fetch at one call - * @param domains Pointer to array of trusted domain structs to be filled up - * - * @return nt status code of rpc response - **/ - -NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned int max_num_domains, int *num_domains, TRUSTDOM ***domains) -{ - TDB_LIST_NODE *keys, *k; - TRUSTDOM *dom = NULL; - char *pattern; - unsigned int start_idx; - uint32 idx = 0; - size_t size; - fstring dom_name; - struct trusted_dom_pass *pass; - NTSTATUS status; - - if (!secrets_init()) return NT_STATUS_ACCESS_DENIED; - - *num_domains = 0; - start_idx = *enum_ctx; - - /* generate searching pattern */ - if (!(pattern = talloc_asprintf(ctx, "%s/*", SECRETS_DOMTRUST_ACCT_PASS))) { - DEBUG(0, ("secrets_get_trusted_domains: talloc_asprintf() failed!\n")); - return NT_STATUS_NO_MEMORY; - } - - DEBUG(5, ("secrets_get_trusted_domains: looking for %d domains, starting at index %d\n", - max_num_domains, *enum_ctx)); - - *domains = talloc_zero(ctx, sizeof(**domains)*max_num_domains); - - /* fetching trusted domains' data and collecting them in a list */ - keys = tdb_search_keys(tdb, pattern); - - /* - * if there's no keys returned ie. no trusted domain, - * return "no more entries" code - */ - status = NT_STATUS_NO_MORE_ENTRIES; - - /* searching for keys in sectrets db -- way to go ... */ - for (k = keys; k; k = k->next) { - char *secrets_key; - - /* important: ensure null-termination of the key string */ - secrets_key = strndup(k->node_key.dptr, k->node_key.dsize); - if (!secrets_key) { - DEBUG(0, ("strndup failed!\n")); - return NT_STATUS_NO_MEMORY; - } - - pass = secrets_fetch(secrets_key, &size); - - if (size != sizeof(*pass)) { - DEBUG(2, ("Secrets record %s is invalid!\n", secrets_key)); - SAFE_FREE(pass); - continue; - } - - pull_ucs2_fstring(dom_name, pass->uni_name); - DEBUG(18, ("Fetched secret record num %d.\nDomain name: %s, SID: %s\n", - idx, dom_name, sid_string_talloc(ctx, &pass->domain_sid))); - - SAFE_FREE(secrets_key); - - if (idx >= start_idx && idx < start_idx + max_num_domains) { - dom = talloc_zero(ctx, sizeof(*dom)); - if (!dom) { - /* free returned tdb record */ - SAFE_FREE(pass); - - return NT_STATUS_NO_MEMORY; - } - - /* copy domain sid */ - SMB_ASSERT(sizeof(dom->sid) == sizeof(pass->domain_sid)); - memcpy(&(dom->sid), &(pass->domain_sid), sizeof(dom->sid)); - - /* copy unicode domain name */ - dom->name = talloc_strdup_w(ctx, pass->uni_name); - - (*domains)[idx - start_idx] = dom; - - DEBUG(18, ("Secret record is in required range.\n \ - start_idx = %d, max_num_domains = %d. Added to returned array.\n", - start_idx, max_num_domains)); - - *enum_ctx = idx + 1; - (*num_domains)++; - - /* set proper status code to return */ - if (k->next) { - /* there are yet some entries to enumerate */ - status = STATUS_MORE_ENTRIES; - } else { - /* this is the last entry in the whole enumeration */ - status = NT_STATUS_OK; - } - } else { - DEBUG(18, ("Secret is outside the required range.\n \ - start_idx = %d, max_num_domains = %d. Not added to returned array\n", - start_idx, max_num_domains)); - } - - idx++; - - /* free returned tdb record */ - SAFE_FREE(pass); - } - - DEBUG(5, ("secrets_get_trusted_domains: got %d domains\n", *num_domains)); - - /* free the results of searching the keys */ - tdb_search_list_free(keys); - - return status; -} - /******************************************************************************* Lock the secrets tdb based on a string - this is used as a primitive form of mutex between smbd instances. |