diff options
Diffstat (limited to 'source4')
32 files changed, 159 insertions, 124 deletions
diff --git a/source4/auth/auth.i b/source4/auth/auth.i index 05c9aa3944..491157a88d 100644 --- a/source4/auth/auth.i +++ b/source4/auth/auth.i @@ -35,12 +35,12 @@ %import "../lib/talloc/talloc.i" %typemap(default) struct auth_session_info * { - $1 = system_session_anon(NULL); + $1 = system_session_anon(NULL, global_loadparm); } %typemap(freearg) struct auth_session_info * { talloc_free($1); } -struct auth_session_info *system_session(TALLOC_CTX *mem_ctx); -struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx); +struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx); +struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx); diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index 812c80f4d0..86acb580b7 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -286,7 +286,7 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx return NT_STATUS_NO_MEMORY; } - sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx)); + sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx)); if (sam_ctx == NULL) { talloc_free(tmp_ctx); return NT_STATUS_INVALID_SYSTEM_SERVICE; @@ -305,7 +305,8 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx return nt_status; } - nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, msgs[0], domain_ref_msgs[0], + nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, lp_netbios_name(ctx->auth_ctx->lp_ctx), + msgs[0], domain_ref_msgs[0], user_sess_key, lm_sess_key, server_info); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source4/auth/auth_wrap.c b/source4/auth/auth_wrap.c index 84afaacf6e..4a6b509fda 100644 --- a/source4/auth/auth_wrap.c +++ b/source4/auth/auth_wrap.c @@ -2460,15 +2460,16 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags) #define SWIGTYPE_p_auth_session_info swig_types[1] #define SWIGTYPE_p_char swig_types[2] #define SWIGTYPE_p_int swig_types[3] -#define SWIGTYPE_p_long_long swig_types[4] -#define SWIGTYPE_p_short swig_types[5] -#define SWIGTYPE_p_signed_char swig_types[6] -#define SWIGTYPE_p_unsigned_char swig_types[7] -#define SWIGTYPE_p_unsigned_int swig_types[8] -#define SWIGTYPE_p_unsigned_long_long swig_types[9] -#define SWIGTYPE_p_unsigned_short swig_types[10] -static swig_type_info *swig_types[12]; -static swig_module_info swig_module = {swig_types, 11, 0, 0, 0, 0}; +#define SWIGTYPE_p_loadparm_context swig_types[4] +#define SWIGTYPE_p_long_long swig_types[5] +#define SWIGTYPE_p_short swig_types[6] +#define SWIGTYPE_p_signed_char swig_types[7] +#define SWIGTYPE_p_unsigned_char swig_types[8] +#define SWIGTYPE_p_unsigned_int swig_types[9] +#define SWIGTYPE_p_unsigned_long_long swig_types[10] +#define SWIGTYPE_p_unsigned_short swig_types[11] +static swig_type_info *swig_types[13]; +static swig_module_info swig_module = {swig_types, 12, 0, 0, 0, 0}; #define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name) #define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name) @@ -2510,16 +2511,28 @@ static swig_module_info swig_module = {swig_types, 11, 0, 0, 0, 0}; #ifdef __cplusplus extern "C" { #endif -SWIGINTERN PyObject *_wrap_system_session(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { +SWIGINTERN PyObject *_wrap_system_session(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { PyObject *resultobj = 0; TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ; + struct loadparm_context *arg2 = (struct loadparm_context *) 0 ; struct auth_session_info *result = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + char * kwnames[] = { + (char *) "lp_ctx", NULL + }; { arg1 = NULL; } - if (!PyArg_ParseTuple(args,(char *)":system_session")) SWIG_fail; - result = (struct auth_session_info *)system_session(arg1); + if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:system_session",kwnames,&obj0)) SWIG_fail; + res2 = SWIG_ConvertPtr(obj0, &argp2,SWIGTYPE_p_loadparm_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "system_session" "', argument " "2"" of type '" "struct loadparm_context *""'"); + } + arg2 = (struct loadparm_context *)(argp2); + result = (struct auth_session_info *)system_session(arg1,arg2); resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_auth_session_info, 0 | 0 ); return resultobj; fail: @@ -2527,16 +2540,28 @@ fail: } -SWIGINTERN PyObject *_wrap_system_session_anon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) { +SWIGINTERN PyObject *_wrap_system_session_anon(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { PyObject *resultobj = 0; TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ; + struct loadparm_context *arg2 = (struct loadparm_context *) 0 ; struct auth_session_info *result = 0 ; + void *argp2 = 0 ; + int res2 = 0 ; + PyObject * obj0 = 0 ; + char * kwnames[] = { + (char *) "lp_ctx", NULL + }; { arg1 = NULL; } - if (!PyArg_ParseTuple(args,(char *)":system_session_anon")) SWIG_fail; - result = (struct auth_session_info *)system_session_anon(arg1); + if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:system_session_anon",kwnames,&obj0)) SWIG_fail; + res2 = SWIG_ConvertPtr(obj0, &argp2,SWIGTYPE_p_loadparm_context, 0 | 0 ); + if (!SWIG_IsOK(res2)) { + SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "system_session_anon" "', argument " "2"" of type '" "struct loadparm_context *""'"); + } + arg2 = (struct loadparm_context *)(argp2); + result = (struct auth_session_info *)system_session_anon(arg1,arg2); resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_auth_session_info, 0 | 0 ); return resultobj; fail: @@ -2545,8 +2570,8 @@ fail: static PyMethodDef SwigMethods[] = { - { (char *)"system_session", _wrap_system_session, METH_VARARGS, NULL}, - { (char *)"system_session_anon", _wrap_system_session_anon, METH_VARARGS, NULL}, + { (char *)"system_session", (PyCFunction) _wrap_system_session, METH_VARARGS | METH_KEYWORDS, NULL}, + { (char *)"system_session_anon", (PyCFunction) _wrap_system_session_anon, METH_VARARGS | METH_KEYWORDS, NULL}, { NULL, NULL, 0, NULL } }; @@ -2557,6 +2582,7 @@ static swig_type_info _swigt__p_TALLOC_CTX = {"_p_TALLOC_CTX", "TALLOC_CTX *", 0 static swig_type_info _swigt__p_auth_session_info = {"_p_auth_session_info", "struct auth_session_info *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_int = {"_p_int", "intptr_t *|int *|int_least32_t *|int_fast32_t *|int32_t *|int_fast16_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_loadparm_context = {"_p_loadparm_context", "struct loadparm_context *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_long_long = {"_p_long_long", "int_least64_t *|int_fast64_t *|int64_t *|long long *|intmax_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_short = {"_p_short", "short *|int_least16_t *|int16_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_signed_char = {"_p_signed_char", "signed char *|int_least8_t *|int_fast8_t *|int8_t *", 0, 0, (void*)0, 0}; @@ -2570,6 +2596,7 @@ static swig_type_info *swig_type_initial[] = { &_swigt__p_auth_session_info, &_swigt__p_char, &_swigt__p_int, + &_swigt__p_loadparm_context, &_swigt__p_long_long, &_swigt__p_short, &_swigt__p_signed_char, @@ -2583,6 +2610,7 @@ static swig_cast_info _swigc__p_TALLOC_CTX[] = { {&_swigt__p_TALLOC_CTX, 0, 0, static swig_cast_info _swigc__p_auth_session_info[] = { {&_swigt__p_auth_session_info, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_char[] = { {&_swigt__p_char, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_int[] = { {&_swigt__p_int, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_loadparm_context[] = { {&_swigt__p_loadparm_context, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_long_long[] = { {&_swigt__p_long_long, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_short[] = { {&_swigt__p_short, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_signed_char[] = { {&_swigt__p_signed_char, 0, 0, 0},{0, 0, 0, 0}}; @@ -2596,6 +2624,7 @@ static swig_cast_info *swig_cast_initial[] = { _swigc__p_auth_session_info, _swigc__p_char, _swigc__p_int, + _swigc__p_loadparm_context, _swigc__p_long_long, _swigc__p_short, _swigc__p_signed_char, diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c index fd6ca1a336..b3e5352410 100644 --- a/source4/auth/gensec/gensec_gssapi.c +++ b/source4/auth/gensec/gensec_gssapi.c @@ -1322,7 +1322,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi } else if (!lp_parm_bool(global_loadparm, NULL, "gensec", "require_pac", false)) { DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n", gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid))); - nt_status = sam_get_server_info_principal(mem_ctx, principal_string, + nt_status = sam_get_server_info_principal(mem_ctx, global_loadparm, principal_string, &server_info); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c index 391d231f97..eb8c74533b 100644 --- a/source4/auth/gensec/gensec_krb5.c +++ b/source4/auth/gensec/gensec_krb5.c @@ -595,7 +595,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security DEBUG(5, ("krb5_ticket_get_authorization_data_type failed to find PAC: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); - nt_status = sam_get_server_info_principal(mem_ctx, principal_string, + nt_status = sam_get_server_info_principal(mem_ctx, global_loadparm, principal_string, &server_info); krb5_free_principal(context, client_principal); free(principal_string); diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c index 66358d7830..0c7c509954 100644 --- a/source4/auth/gensec/schannel_state.c +++ b/source4/auth/gensec/schannel_state.c @@ -50,7 +50,7 @@ struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_con existed = file_exist(path); ldb = ldb_wrap_connect(mem_ctx, lp_ctx, path, - system_session(mem_ctx), + system_session(mem_ctx, lp_ctx), NULL, LDB_FLG_NOSYNC, NULL); talloc_free(path); if (!ldb) { diff --git a/source4/auth/sam.c b/source4/auth/sam.c index 47d0910650..fdd7de7c71 100644 --- a/source4/auth/sam.c +++ b/source4/auth/sam.c @@ -442,7 +442,7 @@ NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - sam_ctx = samdb_connect(tmp_ctx, lp_ctx, system_session(tmp_ctx)); + sam_ctx = samdb_connect(tmp_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx)); if (sam_ctx == NULL) { talloc_free(tmp_ctx); return NT_STATUS_INVALID_SYSTEM_SERVICE; diff --git a/source4/auth/system_session.c b/source4/auth/system_session.c index b50ce1f1bd..7c1e97b74f 100644 --- a/source4/auth/system_session.c +++ b/source4/auth/system_session.c @@ -150,11 +150,12 @@ static NTSTATUS generate_session_info(TALLOC_CTX *mem_ctx, /** Create a system session, with machine account credentials */ -_PUBLIC_ struct auth_session_info *system_session(TALLOC_CTX *mem_ctx) +_PUBLIC_ struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx) { NTSTATUS nt_status; struct auth_session_info *session_info = NULL; nt_status = auth_system_session_info(mem_ctx, + lp_ctx, &session_info); if (!NT_STATUS_IS_OK(nt_status)) { return NULL; @@ -205,11 +206,11 @@ static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx, /* Create a system session, but with anonymous credentials (so we do not need to open secrets.ldb) */ -_PUBLIC_ struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx) +_PUBLIC_ struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx) { NTSTATUS nt_status; struct auth_session_info *session_info = NULL; - nt_status = _auth_system_session_info(mem_ctx, global_loadparm, false, &session_info); + nt_status = _auth_system_session_info(mem_ctx, lp_ctx, false, &session_info); if (!NT_STATUS_IS_OK(nt_status)) { return NULL; } @@ -219,11 +220,12 @@ _PUBLIC_ struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx) _PUBLIC_ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, + struct loadparm_context *lp_ctx, struct auth_session_info **_session_info) { return _auth_system_session_info(parent_ctx, - global_loadparm, - lp_parm_bool(global_loadparm, NULL, "system", "anonymous", false), + lp_ctx, + lp_parm_bool(lp_ctx, NULL, "system", "anonymous", false), _session_info); } diff --git a/source4/dsdb/common/sidmap.c b/source4/dsdb/common/sidmap.c index 97e5fb2b19..caf7c3ae4f 100644 --- a/source4/dsdb/common/sidmap.c +++ b/source4/dsdb/common/sidmap.c @@ -55,7 +55,7 @@ _PUBLIC_ struct sidmap_context *sidmap_open(TALLOC_CTX *mem_ctx, struct loadparm if (sidmap == NULL) { return NULL; } - sidmap->samctx = samdb_connect(sidmap, lp_ctx, system_session(sidmap)); + sidmap->samctx = samdb_connect(sidmap, lp_ctx, system_session(sidmap, lp_ctx)); if (sidmap->samctx == NULL) { talloc_free(sidmap); return NULL; diff --git a/source4/dsdb/repl/drepl_service.c b/source4/dsdb/repl/drepl_service.c index 96db445f3d..fe24314c11 100644 --- a/source4/dsdb/repl/drepl_service.c +++ b/source4/dsdb/repl/drepl_service.c @@ -37,7 +37,7 @@ static WERROR dreplsrv_init_creds(struct dreplsrv_service *service) { NTSTATUS status; - status = auth_system_session_info(service, &service->system_session_info); + status = auth_system_session_info(service, global_loadparm, &service->system_session_info); if (!NT_STATUS_IS_OK(status)) { return ntstatus_to_werror(status); } diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c index d842f42ba3..dea00f7ab1 100644 --- a/source4/dsdb/samdb/cracknames.c +++ b/source4/dsdb/samdb/cracknames.c @@ -1213,7 +1213,7 @@ NTSTATUS crack_name_to_nt4_name(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } - ldb = samdb_connect(mem_ctx, lp_ctx, system_session(mem_ctx)); + ldb = samdb_connect(mem_ctx, lp_ctx, system_session(mem_ctx, lp_ctx)); if (ldb == NULL) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } diff --git a/source4/dsdb/samdb/samdb_privilege.c b/source4/dsdb/samdb/samdb_privilege.c index f81a6502ab..0baa7ee794 100644 --- a/source4/dsdb/samdb/samdb_privilege.c +++ b/source4/dsdb/samdb/samdb_privilege.c @@ -97,7 +97,7 @@ _PUBLIC_ NTSTATUS samdb_privilege_setup(struct loadparm_context *lp_ctx, struct } mem_ctx = talloc_new(token); - samctx = samdb_connect(mem_ctx, lp_ctx, system_session(mem_ctx)); + samctx = samdb_connect(mem_ctx, lp_ctx, system_session(mem_ctx, lp_ctx)); if (samctx == NULL) { talloc_free(mem_ctx); return NT_STATUS_INTERNAL_DB_CORRUPTION; diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c index a7c5e4b3fb..672086a786 100644 --- a/source4/kdc/hdb-ldb.c +++ b/source4/kdc/hdb-ldb.c @@ -1116,7 +1116,7 @@ NTSTATUS kdc_hdb_ldb_create(TALLOC_CTX *mem_ctx, (*db)->hdb_master_key_set = 0; (*db)->hdb_db = NULL; - nt_status = auth_system_session_info(*db, &session_info); + nt_status = auth_system_session_info(*db, global_loadparm, &session_info); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c index 35697bef4e..300fb478a8 100644 --- a/source4/kdc/kpasswdd.c +++ b/source4/kdc/kpasswdd.c @@ -180,7 +180,7 @@ static bool kpasswdd_change_password(struct kdc_server *kdc, struct samr_DomInfo1 *dominfo; struct ldb_context *samdb; - samdb = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx)); + samdb = samdb_connect(mem_ctx, kdc->task->lp_ctx, system_session(mem_ctx, kdc->task->lp_ctx)); if (!samdb) { return kpasswdd_make_error_reply(kdc, mem_ctx, KRB5_KPASSWD_HARDERROR, @@ -310,7 +310,7 @@ static bool kpasswd_process_request(struct kdc_server *kdc, krb5_free_principal(context, principal); - samdb = samdb_connect(mem_ctx, global_loadparm, session_info); + samdb = samdb_connect(mem_ctx, kdc->task->lp_ctx, session_info); if (!samdb) { return kpasswdd_make_error_reply(kdc, mem_ctx, KRB5_KPASSWD_HARDERROR, @@ -473,7 +473,7 @@ bool kpasswdd_process(struct kdc_server *kdc, /* We want the credentials subsystem to use the krb5 context * we already have, rather than a new context */ cli_credentials_set_krb5_context(server_credentials, kdc->smb_krb5_context); - cli_credentials_set_conf(server_credentials, global_loadparm); + cli_credentials_set_conf(server_credentials, kdc->task->lp_ctx); nt_status = cli_credentials_set_stored_principal(server_credentials, "kadmin/changepw"); if (!NT_STATUS_IS_OK(nt_status)) { ret = kpasswdd_make_unauth_error_reply(kdc, mem_ctx, diff --git a/source4/kdc/pac-glue.c b/source4/kdc/pac-glue.c index d82718dda2..4ba1023785 100644 --- a/source4/kdc/pac-glue.c +++ b/source4/kdc/pac-glue.c @@ -28,6 +28,7 @@ #include "librpc/gen_ndr/krb5pac.h" #include "auth/auth.h" #include "auth/auth_sam.h" +#include "param/param.h" struct krb5_dh_moduli; struct _krb5_krb_auth_data; @@ -124,6 +125,7 @@ krb5_error_code samba_kdc_get_pac(void *priv, } nt_status = authsam_make_server_info(mem_ctx, private->samdb, + lp_netbios_name(global_loadparm), private->msg, private->realm_ref_msg, data_blob(NULL, 0), diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c index fc22b34b2d..9d6de732cf 100644 --- a/source4/ldap_server/ldap_server.c +++ b/source4/ldap_server/ldap_server.c @@ -471,7 +471,7 @@ static NTSTATUS add_socket(struct event_context *event_context, } /* Load LDAP database */ - ldb = samdb_connect(ldap_service, lp_ctx, system_session(ldap_service)); + ldb = samdb_connect(ldap_service, lp_ctx, system_session(ldap_service, lp_ctx)); if (!ldb) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } diff --git a/source4/lib/ldb/tools/cmdline.c b/source4/lib/ldb/tools/cmdline.c index 1f8c7ce684..e2df0a1b66 100644 --- a/source4/lib/ldb/tools/cmdline.c +++ b/source4/lib/ldb/tools/cmdline.c @@ -211,7 +211,7 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const /* Must be after we have processed command line options */ gensec_init(global_loadparm); - if (ldb_set_opaque(ldb, "sessionInfo", system_session(ldb))) { + if (ldb_set_opaque(ldb, "sessionInfo", system_session(ldb, global_loadparm))) { goto failed; } if (ldb_set_opaque(ldb, "credentials", cmdline_credentials)) { diff --git a/source4/ntptr/simple_ldb/ntptr_simple_ldb.c b/source4/ntptr/simple_ldb/ntptr_simple_ldb.c index 2a163943ad..f4437b389d 100644 --- a/source4/ntptr/simple_ldb/ntptr_simple_ldb.c +++ b/source4/ntptr/simple_ldb/ntptr_simple_ldb.c @@ -42,9 +42,9 @@ connect to the SPOOLSS database return a ldb_context pointer on success, or NULL on failure */ -static struct ldb_context *sptr_db_connect(TALLOC_CTX *mem_ctx) +static struct ldb_context *sptr_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx) { - return ldb_wrap_connect(mem_ctx, global_loadparm, lp_spoolss_url(global_loadparm), system_session(mem_ctx), + return ldb_wrap_connect(mem_ctx, lp_ctx, lp_spoolss_url(lp_ctx), system_session(mem_ctx, lp_ctx), NULL, 0, NULL); } @@ -87,7 +87,7 @@ static int sptr_db_search(struct ldb_context *ldb, static NTSTATUS sptr_init_context(struct ntptr_context *ntptr) { - struct ldb_context *sptr_db = sptr_db_connect(ntptr); + struct ldb_context *sptr_db = sptr_db_connect(ntptr, global_loadparm); NT_STATUS_HAVE_NO_MEMORY(sptr_db); ntptr->private_data = sptr_db; diff --git a/source4/param/share_ldb.c b/source4/param/share_ldb.c index ece9c0544b..487359eff6 100644 --- a/source4/param/share_ldb.c +++ b/source4/param/share_ldb.c @@ -39,7 +39,7 @@ static NTSTATUS sldb_init(TALLOC_CTX *mem_ctx, const struct share_ops *ops, stru sdb = ldb_wrap_connect(*ctx, global_loadparm, private_path(*ctx, global_loadparm, "share.ldb"), - system_session(*ctx), + system_session(*ctx, global_loadparm), NULL, 0, NULL); if (!sdb) { diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index fd590c8c7d..0aa39ea7bd 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -92,7 +92,7 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca return NT_STATUS_ACCESS_DENIED; } - sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx)); + sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx, global_loadparm)); if (sam_ctx == NULL) { return NT_STATUS_INVALID_SYSTEM_SERVICE; } @@ -301,7 +301,7 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet(struct dcesrv_call_state *dce_call &creds); NT_STATUS_NOT_OK_RETURN(nt_status); - sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx)); + sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx, global_loadparm)); if (sam_ctx == NULL) { return NT_STATUS_INVALID_SYSTEM_SERVICE; } @@ -339,7 +339,7 @@ static NTSTATUS dcesrv_netr_ServerPasswordSet2(struct dcesrv_call_state *dce_cal &creds); NT_STATUS_NOT_OK_RETURN(nt_status); - sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx)); + sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx, global_loadparm)); if (sam_ctx == NULL) { return NT_STATUS_INVALID_SYSTEM_SERVICE; } diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index 736b85d7ee..97ccf30679 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -65,7 +65,7 @@ NTSTATUS dcesrv_samr_ChangePasswordUser(struct dcesrv_call_state *dce_call, TALL } /* To change a password we need to open as system */ - sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx)); + sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx, global_loadparm)); if (sam_ctx == NULL) { return NT_STATUS_INVALID_SYSTEM_SERVICE; } @@ -204,7 +204,7 @@ NTSTATUS dcesrv_samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call, } /* To change a password we need to open as system */ - sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx)); + sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx, global_loadparm)); if (sam_ctx == NULL) { return NT_STATUS_INVALID_SYSTEM_SERVICE; } @@ -342,7 +342,7 @@ NTSTATUS dcesrv_samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, } /* To change a password we need to open as system */ - sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx)); + sam_ctx = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx, global_loadparm)); if (sam_ctx == NULL) { return NT_STATUS_INVALID_SYSTEM_SERVICE; } diff --git a/source4/scripting/ejs/smbcalls_auth.c b/source4/scripting/ejs/smbcalls_auth.c index 39e84d7f2c..236edbd64d 100644 --- a/source4/scripting/ejs/smbcalls_auth.c +++ b/source4/scripting/ejs/smbcalls_auth.c @@ -221,7 +221,7 @@ static int ejs_userAuth(MprVarHandle eid, int argc, struct MprVar **argv) static int ejs_system_session(MprVarHandle eid, int argc, struct MprVar **argv) { struct MprVar *obj = mprInitObject(eid, "session_info", argc, argv); - struct auth_session_info *session_info = system_session(mprMemCtx()); + struct auth_session_info *session_info = system_session(mprMemCtx(), global_loadparm); if (session_info == NULL) { return -1; diff --git a/source4/torture/auth/pac.c b/source4/torture/auth/pac.c index 5342e5ec39..b579b9e360 100644 --- a/source4/torture/auth/pac.c +++ b/source4/torture/auth/pac.c @@ -89,7 +89,7 @@ static bool torture_pac_self_check(struct torture_context *tctx) } /* We need an input, and this one requires no underlying database */ - nt_status = auth_anonymous_server_info(mem_ctx, &server_info); + nt_status = auth_anonymous_server_info(mem_ctx, lp_netbios_name(tctx->lp_ctx), &server_info); if (!NT_STATUS_IS_OK(nt_status)) { krb5_free_keyblock_contents(smb_krb5_context->krb5_context, diff --git a/source4/torture/libnet/libnet_BecomeDC.c b/source4/torture/libnet/libnet_BecomeDC.c index 22decc474d..9f05380b48 100644 --- a/source4/torture/libnet/libnet_BecomeDC.c +++ b/source4/torture/libnet/libnet_BecomeDC.c @@ -257,7 +257,7 @@ static NTSTATUS test_become_dc_prepare_db(void *private_data, DEBUG(0,("Open the SAM LDB with system credentials: %s\n", s->path.samdb_ldb)); s->ldb = ldb_wrap_connect(s, global_loadparm, s->path.samdb_ldb, - system_session(s), + system_session(s, global_loadparm), NULL, 0, NULL); if (!s->ldb) { DEBUG(0,("Failed to open '%s'\n", @@ -485,7 +485,7 @@ static NTSTATUS test_apply_schema(struct test_become_dc_state *s, DEBUG(0,("Reopen the SAM LDB with system credentials and a already stored schema: %s\n", s->path.samdb_ldb)); s->ldb = ldb_wrap_connect(s, global_loadparm, s->path.samdb_ldb, - system_session(s), + system_session(s, global_loadparm), NULL, 0, NULL); if (!s->ldb) { DEBUG(0,("Failed to open '%s'\n", @@ -818,7 +818,7 @@ bool torture_net_become_dc(struct torture_context *torture) DEBUG(0,("Reopen the SAM LDB with system credentials and all replicated data: %s\n", s->path.samdb_ldb)); s->ldb = ldb_wrap_connect(s, torture->lp_ctx, s->path.samdb_ldb, - system_session(s), + system_session(s, torture->lp_ctx), NULL, 0, NULL); if (!s->ldb) { DEBUG(0,("Failed to open '%s'\n", diff --git a/source4/torture/nbt/dgram.c b/source4/torture/nbt/dgram.c index e0d7abdc35..82d0617696 100644 --- a/source4/torture/nbt/dgram.c +++ b/source4/torture/nbt/dgram.c @@ -295,7 +295,7 @@ static bool nbt_test_ntlogon(struct torture_context *tctx) socket_listen(dgmsock->sock, socket_address, 0, 0); } - join_ctx = torture_join_domain(TEST_NAME, + join_ctx = torture_join_domain(tctx, TEST_NAME, ACB_WSTRUST, &machine_credentials); torture_assert(tctx, join_ctx != NULL, talloc_asprintf(tctx, "Failed to join domain %s as %s\n", diff --git a/source4/torture/rpc/join.c b/source4/torture/rpc/join.c index d0ad97110a..d973d2d083 100644 --- a/source4/torture/rpc/join.c +++ b/source4/torture/rpc/join.c @@ -17,7 +17,8 @@ bool torture_rpc_join(struct torture_context *torture) const char *host = torture_setting_string(torture, "host", NULL); /* Join domain as a member server. */ - tj = torture_join_domain(TORTURE_NETBIOS_NAME, + tj = torture_join_domain(torture, + TORTURE_NETBIOS_NAME, ACB_WSTRUST, &machine_account); @@ -42,7 +43,7 @@ bool torture_rpc_join(struct torture_context *torture) torture_leave_domain(tj); /* Join domain as a domain controller. */ - tj = torture_join_domain(TORTURE_NETBIOS_NAME, + tj = torture_join_domain(torture, TORTURE_NETBIOS_NAME, ACB_SVRTRUST, &machine_account); if (!tj) { diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c index a4486815dc..c0c75ab21a 100644 --- a/source4/torture/rpc/rpc.c +++ b/source4/torture/rpc/rpc.c @@ -137,7 +137,7 @@ static bool torture_rpc_setup_machine(struct torture_context *tctx, *data = tcase_data = talloc_zero(tctx, struct torture_rpc_tcase_data); tcase_data->credentials = cmdline_credentials; - tcase_data->join_ctx = torture_join_domain(tcase->machine_name, + tcase_data->join_ctx = torture_join_domain(tctx, tcase->machine_name, ACB_SVRTRUST, &tcase_data->credentials); if (tcase_data->join_ctx == NULL) diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c index de13b84392..9da43c9392 100644 --- a/source4/torture/rpc/samlogon.c +++ b/source4/torture/rpc/samlogon.c @@ -1505,7 +1505,7 @@ bool torture_rpc_samlogon(struct torture_context *torture) /* We only need to join as a workstation here, and in future, * if we wish to test against trusted domains, we must be a * workstation here */ - join_ctx = torture_join_domain(TEST_MACHINE_NAME, ACB_WSTRUST, + join_ctx = torture_join_domain(torture, TEST_MACHINE_NAME, ACB_WSTRUST, &machine_credentials); if (!join_ctx) { d_printf("Failed to join as Workstation\n"); diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 6a8ff58fb0..f8d5b7030c 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -135,7 +135,8 @@ static bool test_SetDsrmPassword(struct dcerpc_pipe *p, struct torture_context * } -static bool test_QuerySecurity(struct dcerpc_pipe *p, struct torture_context *tctx, +static bool test_QuerySecurity(struct dcerpc_pipe *p, + struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -799,7 +800,7 @@ static bool test_SetUserPass_25(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } -static bool test_SetAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_SetAliasInfo(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -818,14 +819,14 @@ static bool test_SetAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.alias_handle = handle; r.in.level = levels[i]; - r.in.info = talloc(mem_ctx, union samr_AliasInfo); + r.in.info = talloc(tctx, union samr_AliasInfo); switch (r.in.level) { case ALIASINFONAME: init_lsa_String(&r.in.info->name,TEST_ALIASNAME); break; case ALIASINFODESCRIPTION: init_lsa_String(&r.in.info->description, "Test Description, should test I18N as well"); break; } - status = dcerpc_samr_SetAliasInfo(p, mem_ctx, &r); + status = dcerpc_samr_SetAliasInfo(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("SetAliasInfo level %u failed - %s\n", levels[i], nt_errstr(status)); @@ -835,7 +836,7 @@ static bool test_SetAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, q.in.alias_handle = handle; q.in.level = levels[i]; - status = dcerpc_samr_QueryAliasInfo(p, mem_ctx, &q); + status = dcerpc_samr_QueryAliasInfo(p, tctx, &q); if (!NT_STATUS_IS_OK(status)) { printf("QueryAliasInfo level %u failed - %s\n", levels[i], nt_errstr(status)); @@ -846,7 +847,7 @@ static bool test_SetAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } -static bool test_GetGroupsForUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_GetGroupsForUser(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *user_handle) { struct samr_GetGroupsForUser r; @@ -857,7 +858,7 @@ static bool test_GetGroupsForUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.user_handle = user_handle; - status = dcerpc_samr_GetGroupsForUser(p, mem_ctx, &r); + status = dcerpc_samr_GetGroupsForUser(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetGroupsForUser failed - %s\n",nt_errstr(status)); ret = false; @@ -867,7 +868,7 @@ static bool test_GetGroupsForUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } -static bool test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_GetDomPwInfo(struct dcerpc_pipe *p, struct torture_context *tctx, struct lsa_String *domain_name) { NTSTATUS status; @@ -877,16 +878,16 @@ static bool test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.domain_name = domain_name; printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string); - status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r); + status = dcerpc_samr_GetDomPwInfo(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetDomPwInfo failed - %s\n", nt_errstr(status)); ret = false; } - r.in.domain_name->string = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p)); + r.in.domain_name->string = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string); - status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r); + status = dcerpc_samr_GetDomPwInfo(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetDomPwInfo failed - %s\n", nt_errstr(status)); ret = false; @@ -895,7 +896,7 @@ static bool test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.domain_name->string = "\\\\__NONAME__"; printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string); - status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r); + status = dcerpc_samr_GetDomPwInfo(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetDomPwInfo failed - %s\n", nt_errstr(status)); ret = false; @@ -904,7 +905,7 @@ static bool test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.domain_name->string = "\\\\Builtin"; printf("Testing GetDomPwInfo with name %s\n", r.in.domain_name->string); - status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r); + status = dcerpc_samr_GetDomPwInfo(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetDomPwInfo failed - %s\n", nt_errstr(status)); ret = false; @@ -914,7 +915,7 @@ static bool test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } -static bool test_GetUserPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_GetUserPwInfo(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle) { NTSTATUS status; @@ -925,7 +926,7 @@ static bool test_GetUserPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.user_handle = handle; - status = dcerpc_samr_GetUserPwInfo(p, mem_ctx, &r); + status = dcerpc_samr_GetUserPwInfo(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("GetUserPwInfo failed - %s\n", nt_errstr(status)); ret = false; @@ -934,7 +935,7 @@ static bool test_GetUserPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } -static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static NTSTATUS test_LookupName(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *domain_handle, const char *name, uint32_t *rid) { @@ -947,7 +948,7 @@ static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, n.in.domain_handle = domain_handle; n.in.num_names = 1; n.in.names = sname; - status = dcerpc_samr_LookupNames(p, mem_ctx, &n); + status = dcerpc_samr_LookupNames(p, tctx, &n); if (NT_STATUS_IS_OK(status)) { *rid = n.out.rids.ids[0]; } else { @@ -956,7 +957,7 @@ static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, init_lsa_String(&sname[1], "xxNONAMExx"); n.in.num_names = 2; - status = dcerpc_samr_LookupNames(p, mem_ctx, &n); + status = dcerpc_samr_LookupNames(p, tctx, &n); if (!NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) { printf("LookupNames[2] failed - %s\n", nt_errstr(status)); if (NT_STATUS_IS_OK(status)) { @@ -966,7 +967,7 @@ static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } n.in.num_names = 0; - status = dcerpc_samr_LookupNames(p, mem_ctx, &n); + status = dcerpc_samr_LookupNames(p, tctx, &n); if (!NT_STATUS_IS_OK(status)) { printf("LookupNames[0] failed - %s\n", nt_errstr(status)); return status; @@ -974,7 +975,7 @@ static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, init_lsa_String(&sname[0], "xxNONAMExx"); n.in.num_names = 1; - status = dcerpc_samr_LookupNames(p, mem_ctx, &n); + status = dcerpc_samr_LookupNames(p, tctx, &n); if (!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) { printf("LookupNames[1 bad name] failed - %s\n", nt_errstr(status)); if (NT_STATUS_IS_OK(status)) { @@ -986,7 +987,7 @@ static NTSTATUS test_LookupName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, init_lsa_String(&sname[0], "xxNONAMExx"); init_lsa_String(&sname[1], "xxNONAME2xx"); n.in.num_names = 2; - status = dcerpc_samr_LookupNames(p, mem_ctx, &n); + status = dcerpc_samr_LookupNames(p, tctx, &n); if (!NT_STATUS_EQUAL(status, NT_STATUS_NONE_MAPPED)) { printf("LookupNames[2 bad names] failed - %s\n", nt_errstr(status)); if (NT_STATUS_IS_OK(status)) { @@ -1979,13 +1980,13 @@ static bool test_TestPrivateFunctionsUser(struct dcerpc_pipe *p, TALLOC_CTX *mem } -static bool test_user_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_user_ops(struct dcerpc_pipe *p, + struct torture_context *tctx, struct policy_handle *user_handle, struct policy_handle *domain_handle, uint32_t base_acct_flags, const char *base_acct_name, enum torture_samr_choice which_ops) { - TALLOC_CTX *user_ctx; char *password = NULL; bool ret = true; @@ -1997,42 +1998,41 @@ static bool test_user_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 0 }; - user_ctx = talloc_named(mem_ctx, 0, "test_user_ops per-user context"); switch (which_ops) { case TORTURE_SAMR_USER_ATTRIBUTES: - if (!test_QuerySecurity(p, user_ctx, user_handle)) { + if (!test_QuerySecurity(p, tctx, user_handle)) { ret = false; } - if (!test_QueryUserInfo(p, user_ctx, user_handle)) { + if (!test_QueryUserInfo(p, tctx, user_handle)) { ret = false; } - if (!test_QueryUserInfo2(p, user_ctx, user_handle)) { + if (!test_QueryUserInfo2(p, tctx, user_handle)) { ret = false; } - if (!test_SetUserInfo(p, user_ctx, user_handle, base_acct_flags, + if (!test_SetUserInfo(p, tctx, user_handle, base_acct_flags, base_acct_name)) { ret = false; } - if (!test_GetUserPwInfo(p, user_ctx, user_handle)) { + if (!test_GetUserPwInfo(p, tctx, user_handle)) { ret = false; } - if (!test_TestPrivateFunctionsUser(p, user_ctx, user_handle)) { + if (!test_TestPrivateFunctionsUser(p, tctx, user_handle)) { ret = false; } - if (!test_SetUserPass(p, user_ctx, user_handle, &password)) { + if (!test_SetUserPass(p, tctx, user_handle, &password)) { ret = false; } break; case TORTURE_SAMR_PASSWORDS: if (base_acct_flags & (ACB_WSTRUST|ACB_DOMTRUST|ACB_SVRTRUST)) { char simple_pass[9]; - char *v = generate_random_str(mem_ctx, 1); + char *v = generate_random_str(tctx, 1); ZERO_STRUCT(simple_pass); memset(simple_pass, *v, sizeof(simple_pass) - 1); @@ -2040,53 +2040,53 @@ static bool test_user_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, printf("Testing machine account password policy rules\n"); /* Workstation trust accounts don't seem to need to honour password quality policy */ - if (!test_SetUserPassEx(p, user_ctx, user_handle, true, &password)) { + if (!test_SetUserPassEx(p, tctx, user_handle, true, &password)) { ret = false; } - if (!test_ChangePasswordUser2(p, user_ctx, base_acct_name, &password, simple_pass, false)) { + if (!test_ChangePasswordUser2(p, tctx, base_acct_name, &password, simple_pass, false)) { ret = false; } /* reset again, to allow another 'user' password change */ - if (!test_SetUserPassEx(p, user_ctx, user_handle, true, &password)) { + if (!test_SetUserPassEx(p, tctx, user_handle, true, &password)) { ret = false; } /* Try a 'short' password */ - if (!test_ChangePasswordUser2(p, user_ctx, base_acct_name, &password, samr_rand_pass(mem_ctx, 4), false)) { + if (!test_ChangePasswordUser2(p, tctx, base_acct_name, &password, samr_rand_pass(tctx, 4), false)) { ret = false; } } for (i = 0; password_fields[i]; i++) { - if (!test_SetUserPass_23(p, user_ctx, user_handle, password_fields[i], &password)) { + if (!test_SetUserPass_23(p, tctx, user_handle, password_fields[i], &password)) { ret = false; } /* check it was set right */ - if (!test_ChangePasswordUser3(p, user_ctx, base_acct_name, 0, &password, NULL, 0, false)) { + if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) { ret = false; } } for (i = 0; password_fields[i]; i++) { - if (!test_SetUserPass_25(p, user_ctx, user_handle, password_fields[i], &password)) { + if (!test_SetUserPass_25(p, tctx, user_handle, password_fields[i], &password)) { ret = false; } /* check it was set right */ - if (!test_ChangePasswordUser3(p, user_ctx, base_acct_name, 0, &password, NULL, 0, false)) { + if (!test_ChangePasswordUser3(p, tctx, base_acct_name, 0, &password, NULL, 0, false)) { ret = false; } } - if (!test_SetUserPassEx(p, user_ctx, user_handle, false, &password)) { + if (!test_SetUserPassEx(p, tctx, user_handle, false, &password)) { ret = false; } - if (!test_ChangePassword(p, user_ctx, base_acct_name, domain_handle, &password)) { + if (!test_ChangePassword(p, tctx, base_acct_name, domain_handle, &password)) { ret = false; } @@ -2095,7 +2095,6 @@ static bool test_user_ops(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, /* We just need the account to exist */ break; } - talloc_free(user_ctx); return ret; } @@ -2487,7 +2486,7 @@ static bool test_ChangePassword(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, return ret; } -static bool test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_CreateUser(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *domain_handle, struct policy_handle *user_handle_out, enum torture_samr_choice which_ops) @@ -2507,7 +2506,7 @@ static bool test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, bool ret = true; struct policy_handle user_handle; - user_ctx = talloc_named(mem_ctx, 0, "test_CreateUser2 per-user context"); + user_ctx = talloc_named(tctx, 0, "test_CreateUser2 per-user context"); init_lsa_String(&name, TEST_ACCOUNT_NAME); r.in.domain_handle = domain_handle; @@ -2555,7 +2554,7 @@ static bool test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } } - if (!test_user_ops(p, user_ctx, &user_handle, domain_handle, + if (!test_user_ops(p, tctx, &user_handle, domain_handle, acct_flags, name.string, which_ops)) { ret = false; } @@ -2583,7 +2582,7 @@ static bool test_CreateUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } -static bool test_CreateUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_CreateUser2(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *domain_handle, enum torture_samr_choice which_ops) { NTSTATUS status; @@ -2622,7 +2621,7 @@ static bool test_CreateUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, TALLOC_CTX *user_ctx; uint32_t acct_flags = account_types[i].acct_flags; uint32_t access_granted; - user_ctx = talloc_named(mem_ctx, 0, "test_CreateUser2 per-user context"); + user_ctx = talloc_named(tctx, 0, "test_CreateUser2 per-user context"); init_lsa_String(&name, account_types[i].account_name); r.in.domain_handle = domain_handle; @@ -2698,7 +2697,7 @@ static bool test_CreateUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } } - if (!test_user_ops(p, user_ctx, &user_handle, domain_handle, + if (!test_user_ops(p, tctx, &user_handle, domain_handle, acct_flags, name.string, which_ops)) { ret = false; } @@ -4296,7 +4295,7 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, return ret; } -static bool test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_LookupDomain(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle, const char *domain, enum torture_samr_choice which_ops) { @@ -4313,7 +4312,7 @@ static bool test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.domain_name = &n2; n2.string = NULL; - status = dcerpc_samr_LookupDomain(p, mem_ctx, &r); + status = dcerpc_samr_LookupDomain(p, tctx, &r); if (!NT_STATUS_EQUAL(NT_STATUS_INVALID_PARAMETER, status)) { printf("failed: LookupDomain expected NT_STATUS_INVALID_PARAMETER - %s\n", nt_errstr(status)); ret = false; @@ -4321,7 +4320,7 @@ static bool test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, init_lsa_String(&n2, "xxNODOMAINxx"); - status = dcerpc_samr_LookupDomain(p, mem_ctx, &r); + status = dcerpc_samr_LookupDomain(p, tctx, &r); if (!NT_STATUS_EQUAL(NT_STATUS_NO_SUCH_DOMAIN, status)) { printf("failed: LookupDomain expected NT_STATUS_NO_SUCH_DOMAIN - %s\n", nt_errstr(status)); ret = false; @@ -4332,17 +4331,17 @@ static bool test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, init_lsa_String(&n1, domain); r.in.domain_name = &n1; - status = dcerpc_samr_LookupDomain(p, mem_ctx, &r); + status = dcerpc_samr_LookupDomain(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("LookupDomain failed - %s\n", nt_errstr(status)); ret = false; } - if (!test_GetDomPwInfo(p, mem_ctx, &n1)) { + if (!test_GetDomPwInfo(p, tctx, &n1)) { ret = false; } - if (!test_OpenDomain(p, mem_ctx, handle, r.out.sid, which_ops)) { + if (!test_OpenDomain(p, tctx, handle, r.out.sid, which_ops)) { ret = false; } @@ -4350,7 +4349,7 @@ static bool test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } -static bool test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, +static bool test_EnumDomains(struct dcerpc_pipe *p, struct torture_context *tctx, struct policy_handle *handle, enum torture_samr_choice which_ops) { NTSTATUS status; @@ -4364,7 +4363,7 @@ static bool test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, r.in.buf_size = (uint32_t)-1; r.out.resume_handle = &resume_handle; - status = dcerpc_samr_EnumDomains(p, mem_ctx, &r); + status = dcerpc_samr_EnumDomains(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("EnumDomains failed - %s\n", nt_errstr(status)); return false; @@ -4375,13 +4374,13 @@ static bool test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, } for (i=0;i<r.out.sam->count;i++) { - if (!test_LookupDomain(p, mem_ctx, handle, + if (!test_LookupDomain(p, tctx, handle, r.out.sam->entries[i].name.string, which_ops)) { ret = false; } } - status = dcerpc_samr_EnumDomains(p, mem_ctx, &r); + status = dcerpc_samr_EnumDomains(p, tctx, &r); if (!NT_STATUS_IS_OK(status)) { printf("EnumDomains failed - %s\n", nt_errstr(status)); return false; diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c index f7c9806faa..39cffc8e2a 100644 --- a/source4/torture/rpc/schannel.c +++ b/source4/torture/rpc/schannel.c @@ -244,7 +244,7 @@ static bool test_schannel(struct torture_context *tctx, struct creds_CredentialState *creds; struct cli_credentials *credentials; - join_ctx = torture_join_domain(talloc_asprintf(tctx, "%s%d", TEST_MACHINE_NAME, i), + join_ctx = torture_join_domain(tctx, talloc_asprintf(tctx, "%s%d", TEST_MACHINE_NAME, i), acct_flags, &credentials); torture_assert(tctx, join_ctx != NULL, "Failed to join domain"); @@ -430,7 +430,7 @@ bool torture_rpc_schannel2(struct torture_context *torture) struct cli_credentials *credentials1, *credentials2; uint32_t dcerpc_flags = DCERPC_SCHANNEL | DCERPC_SIGN; - join_ctx = torture_join_domain(talloc_asprintf(torture, "%s2", TEST_MACHINE_NAME), + join_ctx = torture_join_domain(torture, talloc_asprintf(torture, "%s2", TEST_MACHINE_NAME), ACB_WSTRUST, &credentials1); torture_assert(torture, join_ctx != NULL, "Failed to join domain with acct_flags=ACB_WSTRUST"); diff --git a/source4/utils/net/net_vampire.c b/source4/utils/net/net_vampire.c index 86c7c0115a..dc11917fa4 100644 --- a/source4/utils/net/net_vampire.c +++ b/source4/utils/net/net_vampire.c @@ -24,6 +24,7 @@ #include "libnet/libnet.h" #include "librpc/gen_ndr/samr.h" #include "auth/auth.h" +#include "param/param.h" static int net_samdump_keytab_usage(struct net_context *ctx, int argc, const char **argv) { @@ -151,7 +152,7 @@ int net_samsync_ldb(struct net_context *ctx, int argc, const char **argv) r.in.binding_string = NULL; /* Needed to override the ACLs on ldb */ - r.in.session_info = system_session(libnetctx); + r.in.session_info = system_session(libnetctx, global_loadparm); status = libnet_samsync_ldb(libnetctx, libnetctx, &r); if (!NT_STATUS_IS_OK(status)) { diff --git a/source4/wrepl_server/wrepl_server.c b/source4/wrepl_server/wrepl_server.c index fbbd8e26d9..7700a6ded7 100644 --- a/source4/wrepl_server/wrepl_server.c +++ b/source4/wrepl_server/wrepl_server.c @@ -38,7 +38,7 @@ static struct ldb_context *wins_config_db_connect(TALLOC_CTX *mem_ctx, { return ldb_wrap_connect(mem_ctx, lp_ctx, private_path(mem_ctx, lp_ctx, lp_wins_config_url(lp_ctx)), - system_session(mem_ctx), NULL, 0, NULL); + system_session(mem_ctx, lp_ctx), NULL, 0, NULL); } static uint64_t wins_config_db_get_seqnumber(struct ldb_context *ldb) |