From 142fbfb3c1f9f8cda7f0edaa801f8345f23d805f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 28 Mar 2008 21:57:15 +1100 Subject: Fix and test python scripts and kerberos This fixes up the python credentials interface in a number of areas, with the aim of supporting '-k yes' as a command line option. (This enables the use of kerberos). As such, I've had to change the get_credentials call to take a loadparm context, so that the credentials can be initialised correctly. The test_kinit script has been modified to prove that this continues to work, as well as to provide greater code coverage of the kerberos paths. Andrew Bartlett (This used to be commit 727ef40c2b56910028ef3c1092b8eab1bfa6ce63) --- source4/auth/credentials/credentials.i | 13 +++- source4/auth/credentials/credentials.py | 5 ++ source4/auth/credentials/credentials_wrap.c | 106 ++++++++++++++++++++++++---- source4/auth/credentials/tests/bindings.py | 2 + 4 files changed, 111 insertions(+), 15 deletions(-) (limited to 'source4/auth/credentials') diff --git a/source4/auth/credentials/credentials.i b/source4/auth/credentials/credentials.i index 41ec67580e..0a604cf002 100644 --- a/source4/auth/credentials/credentials.i +++ b/source4/auth/credentials/credentials.i @@ -39,6 +39,10 @@ typedef struct cli_credentials cli_credentials; $1 = NULL; } +%constant int AUTO_USE_KERBEROS = CRED_AUTO_USE_KERBEROS; +%constant int DONT_USE_KERBEROS = CRED_DONT_USE_KERBEROS; +%constant int MUST_USE_KERBEROS = CRED_MUST_USE_KERBEROS; + %{ #include "librpc/gen_ndr/samr.h" /* for struct samr_Password */ %} @@ -52,7 +56,7 @@ typedef struct cli_credentials cli_credentials; typedef struct cli_credentials { %extend { cli_credentials(void) { - return cli_credentials_init_anon(NULL); + return cli_credentials_init(NULL); } /* username */ const char *get_username(void); @@ -74,13 +78,18 @@ typedef struct cli_credentials { bool set_realm(const char *val, enum credentials_obtained=CRED_SPECIFIED); + /* Kerberos */ + void set_kerberos_state(enum credentials_use_kerberos use_kerberos); + void parse_string(const char *text, - enum credentials_obtained=CRED_SPECIFIED); + enum credentials_obtained=CRED_SPECIFIED); /* bind dn */ const char *get_bind_dn(void); bool set_bind_dn(const char *bind_dn); + void set_anonymous(); + /* workstation name */ const char *get_workstation(void); bool set_workstation(const char *workstation, diff --git a/source4/auth/credentials/credentials.py b/source4/auth/credentials/credentials.py index 14526af910..2b40fbeead 100644 --- a/source4/auth/credentials/credentials.py +++ b/source4/auth/credentials/credentials.py @@ -58,6 +58,9 @@ def _swig_setattr_nondynamic_method(set): import param +AUTO_USE_KERBEROS = _credentials.AUTO_USE_KERBEROS +DONT_USE_KERBEROS = _credentials.DONT_USE_KERBEROS +MUST_USE_KERBEROS = _credentials.MUST_USE_KERBEROS class Credentials(object): thisown = _swig_property(lambda x: x.this.own(), lambda x, v: x.this.own(v), doc='The membership flag') __repr__ = _swig_repr @@ -72,9 +75,11 @@ Credentials.get_domain = new_instancemethod(_credentials.Credentials_get_domain, Credentials.set_domain = new_instancemethod(_credentials.Credentials_set_domain,None,Credentials) Credentials.get_realm = new_instancemethod(_credentials.Credentials_get_realm,None,Credentials) Credentials.set_realm = new_instancemethod(_credentials.Credentials_set_realm,None,Credentials) +Credentials.set_kerberos_state = new_instancemethod(_credentials.Credentials_set_kerberos_state,None,Credentials) Credentials.parse_string = new_instancemethod(_credentials.Credentials_parse_string,None,Credentials) Credentials.get_bind_dn = new_instancemethod(_credentials.Credentials_get_bind_dn,None,Credentials) Credentials.set_bind_dn = new_instancemethod(_credentials.Credentials_set_bind_dn,None,Credentials) +Credentials.set_anonymous = new_instancemethod(_credentials.Credentials_set_anonymous,None,Credentials) Credentials.get_workstation = new_instancemethod(_credentials.Credentials_get_workstation,None,Credentials) Credentials.set_workstation = new_instancemethod(_credentials.Credentials_set_workstation,None,Credentials) Credentials.guess = new_instancemethod(_credentials.Credentials_guess,None,Credentials) diff --git a/source4/auth/credentials/credentials_wrap.c b/source4/auth/credentials/credentials_wrap.c index b1b904c8a3..909233aaff 100644 --- a/source4/auth/credentials/credentials_wrap.c +++ b/source4/auth/credentials/credentials_wrap.c @@ -2462,7 +2462,7 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags) #define SWIGTYPE_p_int swig_types[3] #define SWIGTYPE_p_loadparm_context swig_types[4] #define SWIGTYPE_p_loadparm_service swig_types[5] -#define SWIGTYPE_p_long_long swig_types[6] +#define SWIGTYPE_p_long swig_types[6] #define SWIGTYPE_p_param_context swig_types[7] #define SWIGTYPE_p_param_opt swig_types[8] #define SWIGTYPE_p_param_section swig_types[9] @@ -2470,7 +2470,7 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags) #define SWIGTYPE_p_signed_char swig_types[11] #define SWIGTYPE_p_unsigned_char swig_types[12] #define SWIGTYPE_p_unsigned_int swig_types[13] -#define SWIGTYPE_p_unsigned_long_long swig_types[14] +#define SWIGTYPE_p_unsigned_long swig_types[14] #define SWIGTYPE_p_unsigned_short swig_types[15] static swig_type_info *swig_types[17]; static swig_module_info swig_module = {swig_types, 16, 0, 0, 0, 0}; @@ -2525,10 +2525,20 @@ static swig_module_info swig_module = {swig_types, 16, 0, 0, 0, 0}; typedef struct cli_credentials cli_credentials; + #define SWIG_From_long PyInt_FromLong + + +SWIGINTERNINLINE PyObject * +SWIG_From_int (int value) +{ + return SWIG_From_long (value); +} + + #include "librpc/gen_ndr/samr.h" /* for struct samr_Password */ SWIGINTERN cli_credentials *new_cli_credentials(){ - return cli_credentials_init_anon(NULL); + return cli_credentials_init(NULL); } SWIGINTERN swig_type_info* @@ -3131,6 +3141,44 @@ fail: } +SWIGINTERN PyObject *_wrap_Credentials_set_kerberos_state(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { + PyObject *resultobj = 0; + cli_credentials *arg1 = (cli_credentials *) 0 ; + enum credentials_use_kerberos arg2 ; + void *argp1 = 0 ; + int res1 = 0 ; + int val2 ; + int ecode2 = 0 ; + PyObject * obj0 = 0 ; + PyObject * obj1 = 0 ; + char * kwnames[] = { + (char *) "self",(char *) "use_kerberos", NULL + }; + + arg1 = NULL; + if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"|OO:Credentials_set_kerberos_state",kwnames,&obj0,&obj1)) SWIG_fail; + if (obj0) { + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_cli_credentials, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "Credentials_set_kerberos_state" "', argument " "1"" of type '" "cli_credentials *""'"); + } + arg1 = (cli_credentials *)(argp1); + } + if (obj1) { + ecode2 = SWIG_AsVal_int(obj1, &val2); + if (!SWIG_IsOK(ecode2)) { + SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "Credentials_set_kerberos_state" "', argument " "2"" of type '" "enum credentials_use_kerberos""'"); + } + arg2 = (enum credentials_use_kerberos)(val2); + } + cli_credentials_set_kerberos_state(arg1,arg2); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + SWIGINTERN PyObject *_wrap_Credentials_parse_string(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { PyObject *resultobj = 0; cli_credentials *arg1 = (cli_credentials *) 0 ; @@ -3253,6 +3301,33 @@ fail: } +SWIGINTERN PyObject *_wrap_Credentials_set_anonymous(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { + PyObject *resultobj = 0; + cli_credentials *arg1 = (cli_credentials *) 0 ; + void *argp1 = 0 ; + int res1 = 0 ; + PyObject * obj0 = 0 ; + char * kwnames[] = { + (char *) "self", NULL + }; + + arg1 = NULL; + if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"|O:Credentials_set_anonymous",kwnames,&obj0)) SWIG_fail; + if (obj0) { + res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_cli_credentials, 0 | 0 ); + if (!SWIG_IsOK(res1)) { + SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "Credentials_set_anonymous" "', argument " "1"" of type '" "cli_credentials *""'"); + } + arg1 = (cli_credentials *)(argp1); + } + cli_credentials_set_anonymous(arg1); + resultobj = SWIG_Py_Void(); + return resultobj; +fail: + return NULL; +} + + SWIGINTERN PyObject *_wrap_Credentials_get_workstation(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) { PyObject *resultobj = 0; cli_credentials *arg1 = (cli_credentials *) 0 ; @@ -3564,9 +3639,11 @@ static PyMethodDef SwigMethods[] = { { (char *)"Credentials_set_domain", (PyCFunction) _wrap_Credentials_set_domain, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"Credentials_get_realm", (PyCFunction) _wrap_Credentials_get_realm, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"Credentials_set_realm", (PyCFunction) _wrap_Credentials_set_realm, METH_VARARGS | METH_KEYWORDS, NULL}, + { (char *)"Credentials_set_kerberos_state", (PyCFunction) _wrap_Credentials_set_kerberos_state, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"Credentials_parse_string", (PyCFunction) _wrap_Credentials_parse_string, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"Credentials_get_bind_dn", (PyCFunction) _wrap_Credentials_get_bind_dn, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"Credentials_set_bind_dn", (PyCFunction) _wrap_Credentials_set_bind_dn, METH_VARARGS | METH_KEYWORDS, NULL}, + { (char *)"Credentials_set_anonymous", (PyCFunction) _wrap_Credentials_set_anonymous, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"Credentials_get_workstation", (PyCFunction) _wrap_Credentials_get_workstation, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"Credentials_set_workstation", (PyCFunction) _wrap_Credentials_set_workstation, METH_VARARGS | METH_KEYWORDS, NULL}, { (char *)"Credentials_guess", (PyCFunction) _wrap_Credentials_guess, METH_VARARGS | METH_KEYWORDS, NULL}, @@ -3587,18 +3664,18 @@ static PyMethodDef SwigMethods[] = { static swig_type_info _swigt__p_TALLOC_CTX = {"_p_TALLOC_CTX", "TALLOC_CTX *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_cli_credentials = {"_p_cli_credentials", "struct cli_credentials *|cli_credentials *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_int = {"_p_int", "intptr_t *|int *|int_least32_t *|int_fast32_t *|int32_t *|int_fast16_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_int = {"_p_int", "int *|int_least32_t *|int32_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_loadparm_context = {"_p_loadparm_context", "struct loadparm_context *|loadparm_context *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_loadparm_service = {"_p_loadparm_service", "struct loadparm_service *|loadparm_service *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_long_long = {"_p_long_long", "int_least64_t *|int_fast64_t *|int64_t *|long long *|intmax_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_long = {"_p_long", "intptr_t *|int_least64_t *|int_fast32_t *|int_fast64_t *|int64_t *|long *|int_fast16_t *|intmax_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_param_context = {"_p_param_context", "struct param_context *|param *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_param_opt = {"_p_param_opt", "struct param_opt *|param_opt *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_param_section = {"_p_param_section", "struct param_section *|param_section *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_short = {"_p_short", "short *|int_least16_t *|int16_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_signed_char = {"_p_signed_char", "signed char *|int_least8_t *|int_fast8_t *|int8_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_unsigned_char = {"_p_unsigned_char", "unsigned char *|uint_least8_t *|uint_fast8_t *|uint8_t *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "uintptr_t *|uint_least32_t *|uint_fast32_t *|uint32_t *|unsigned int *|uint_fast16_t *", 0, 0, (void*)0, 0}; -static swig_type_info _swigt__p_unsigned_long_long = {"_p_unsigned_long_long", "uint_least64_t *|uint_fast64_t *|uint64_t *|unsigned long long *|uintmax_t *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "uint_least32_t *|uint32_t *|unsigned int *", 0, 0, (void*)0, 0}; +static swig_type_info _swigt__p_unsigned_long = {"_p_unsigned_long", "uintptr_t *|uint_least64_t *|uint_fast32_t *|uint_fast64_t *|uint64_t *|unsigned long *|uint_fast16_t *|uintmax_t *", 0, 0, (void*)0, 0}; static swig_type_info _swigt__p_unsigned_short = {"_p_unsigned_short", "unsigned short *|uint_least16_t *|uint16_t *", 0, 0, (void*)0, 0}; static swig_type_info *swig_type_initial[] = { @@ -3608,7 +3685,7 @@ static swig_type_info *swig_type_initial[] = { &_swigt__p_int, &_swigt__p_loadparm_context, &_swigt__p_loadparm_service, - &_swigt__p_long_long, + &_swigt__p_long, &_swigt__p_param_context, &_swigt__p_param_opt, &_swigt__p_param_section, @@ -3616,7 +3693,7 @@ static swig_type_info *swig_type_initial[] = { &_swigt__p_signed_char, &_swigt__p_unsigned_char, &_swigt__p_unsigned_int, - &_swigt__p_unsigned_long_long, + &_swigt__p_unsigned_long, &_swigt__p_unsigned_short, }; @@ -3626,7 +3703,7 @@ static swig_cast_info _swigc__p_cli_credentials[] = { {&_swigt__p_cli_credentia static swig_cast_info _swigc__p_int[] = { {&_swigt__p_int, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_loadparm_context[] = { {&_swigt__p_loadparm_context, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_loadparm_service[] = { {&_swigt__p_loadparm_service, 0, 0, 0},{0, 0, 0, 0}}; -static swig_cast_info _swigc__p_long_long[] = { {&_swigt__p_long_long, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_long[] = { {&_swigt__p_long, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_param_context[] = { {&_swigt__p_param_context, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_param_opt[] = { {&_swigt__p_param_opt, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_param_section[] = { {&_swigt__p_param_section, 0, 0, 0},{0, 0, 0, 0}}; @@ -3634,7 +3711,7 @@ static swig_cast_info _swigc__p_short[] = { {&_swigt__p_short, 0, 0, 0},{0, 0, static swig_cast_info _swigc__p_signed_char[] = { {&_swigt__p_signed_char, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_unsigned_char[] = { {&_swigt__p_unsigned_char, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_unsigned_int[] = { {&_swigt__p_unsigned_int, 0, 0, 0},{0, 0, 0, 0}}; -static swig_cast_info _swigc__p_unsigned_long_long[] = { {&_swigt__p_unsigned_long_long, 0, 0, 0},{0, 0, 0, 0}}; +static swig_cast_info _swigc__p_unsigned_long[] = { {&_swigt__p_unsigned_long, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info _swigc__p_unsigned_short[] = { {&_swigt__p_unsigned_short, 0, 0, 0},{0, 0, 0, 0}}; static swig_cast_info *swig_cast_initial[] = { @@ -3644,7 +3721,7 @@ static swig_cast_info *swig_cast_initial[] = { _swigc__p_int, _swigc__p_loadparm_context, _swigc__p_loadparm_service, - _swigc__p_long_long, + _swigc__p_long, _swigc__p_param_context, _swigc__p_param_opt, _swigc__p_param_section, @@ -3652,7 +3729,7 @@ static swig_cast_info *swig_cast_initial[] = { _swigc__p_signed_char, _swigc__p_unsigned_char, _swigc__p_unsigned_int, - _swigc__p_unsigned_long_long, + _swigc__p_unsigned_long, _swigc__p_unsigned_short, }; @@ -4174,5 +4251,8 @@ SWIGEXPORT void SWIG_init(void) { SWIG_InstallConstants(d,swig_const_table); + SWIG_Python_SetConstant(d, "AUTO_USE_KERBEROS",SWIG_From_int((int)(CRED_AUTO_USE_KERBEROS))); + SWIG_Python_SetConstant(d, "DONT_USE_KERBEROS",SWIG_From_int((int)(CRED_DONT_USE_KERBEROS))); + SWIG_Python_SetConstant(d, "MUST_USE_KERBEROS",SWIG_From_int((int)(CRED_MUST_USE_KERBEROS))); } diff --git a/source4/auth/credentials/tests/bindings.py b/source4/auth/credentials/tests/bindings.py index d2ca68d115..d0a99502c1 100644 --- a/source4/auth/credentials/tests/bindings.py +++ b/source4/auth/credentials/tests/bindings.py @@ -67,6 +67,8 @@ class CredentialsTests(unittest.TestCase): self.assertTrue(self.creds.is_anonymous()) self.creds.set_username("somebody") self.assertFalse(self.creds.is_anonymous()) + self.creds.set_anonymous() + self.assertTrue(self.creds.is_anonymous()) def test_workstation(self): # FIXME: This is uninitialised, it should be None -- cgit From afe3e8172ddaa5e4aa811faceecda4f943d6e2ef Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 2 Apr 2008 04:53:27 +0200 Subject: Install public header files again and include required prototypes. (This used to be commit 47ffbbf67435904754469544390b67d34c958343) --- source4/auth/credentials/credentials.c | 70 ++++++++--------- source4/auth/credentials/credentials.h | 113 ++++++++++++++++++++++++++- source4/auth/credentials/credentials_files.c | 14 ++-- source4/auth/credentials/credentials_krb5.c | 27 ++++--- source4/auth/credentials/credentials_ntlm.c | 4 +- 5 files changed, 170 insertions(+), 58 deletions(-) (limited to 'source4/auth/credentials') diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c index 6d5c1210c9..89dddc9e05 100644 --- a/source4/auth/credentials/credentials.c +++ b/source4/auth/credentials/credentials.c @@ -33,7 +33,7 @@ * Create a new credentials structure * @param mem_ctx TALLOC_CTX parent for credentials structure */ -struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) +_PUBLIC_ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) { struct cli_credentials *cred = talloc(mem_ctx, struct cli_credentials); if (!cred) { @@ -77,7 +77,7 @@ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) * Create a new anonymous credential * @param mem_ctx TALLOC_CTX parent for credentials structure */ -struct cli_credentials *cli_credentials_init_anon(TALLOC_CTX *mem_ctx) +_PUBLIC_ struct cli_credentials *cli_credentials_init_anon(TALLOC_CTX *mem_ctx) { struct cli_credentials *anon_credentials; @@ -87,23 +87,23 @@ struct cli_credentials *cli_credentials_init_anon(TALLOC_CTX *mem_ctx) return anon_credentials; } -void cli_credentials_set_kerberos_state(struct cli_credentials *creds, +_PUBLIC_ void cli_credentials_set_kerberos_state(struct cli_credentials *creds, enum credentials_use_kerberos use_kerberos) { creds->use_kerberos = use_kerberos; } -enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds) +_PUBLIC_ enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds) { return creds->use_kerberos; } -void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features) +_PUBLIC_ void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features) { creds->gensec_features = gensec_features; } -uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds) +_PUBLIC_ uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds) { return creds->gensec_features; } @@ -115,7 +115,7 @@ uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds) * @retval The username set on this context. * @note Return value will never be NULL except by programmer error. */ -const char *cli_credentials_get_username(struct cli_credentials *cred) +_PUBLIC_ const char *cli_credentials_get_username(struct cli_credentials *cred) { if (cred->machine_account_pending) { cli_credentials_set_machine_account(cred, @@ -134,7 +134,7 @@ const char *cli_credentials_get_username(struct cli_credentials *cred) return cred->username; } -bool cli_credentials_set_username(struct cli_credentials *cred, +_PUBLIC_ bool cli_credentials_set_username(struct cli_credentials *cred, const char *val, enum credentials_obtained obtained) { if (obtained >= cred->username_obtained) { @@ -159,7 +159,7 @@ bool cli_credentials_set_username_callback(struct cli_credentials *cred, return false; } -bool cli_credentials_set_bind_dn(struct cli_credentials *cred, +_PUBLIC_ bool cli_credentials_set_bind_dn(struct cli_credentials *cred, const char *bind_dn) { cred->bind_dn = talloc_strdup(cred, bind_dn); @@ -172,7 +172,7 @@ bool cli_credentials_set_bind_dn(struct cli_credentials *cred, * @retval The username set on this context. * @note Return value will be NULL if not specified explictly */ -const char *cli_credentials_get_bind_dn(struct cli_credentials *cred) +_PUBLIC_ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred) { return cred->bind_dn; } @@ -184,7 +184,7 @@ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred) * @retval The username set on this context. * @note Return value will never be NULL except by programmer error. */ -const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx) +_PUBLIC_ const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx) { if (cred->machine_account_pending) { cli_credentials_set_machine_account(cred, @@ -246,7 +246,7 @@ bool cli_credentials_set_principal_callback(struct cli_credentials *cred, * function to determine if authentication has been explicitly * requested */ -bool cli_credentials_authentication_requested(struct cli_credentials *cred) +_PUBLIC_ bool cli_credentials_authentication_requested(struct cli_credentials *cred) { if (cred->bind_dn) { return true; @@ -275,7 +275,7 @@ bool cli_credentials_authentication_requested(struct cli_credentials *cred) * @param cred credentials context * @retval If set, the cleartext password, otherwise NULL */ -const char *cli_credentials_get_password(struct cli_credentials *cred) +_PUBLIC_ const char *cli_credentials_get_password(struct cli_credentials *cred) { if (cred->machine_account_pending) { cli_credentials_set_machine_account(cred, @@ -297,7 +297,7 @@ const char *cli_credentials_get_password(struct cli_credentials *cred) /* Set a password on the credentials context, including an indication * of 'how' the password was obtained */ -bool cli_credentials_set_password(struct cli_credentials *cred, +_PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred, const char *val, enum credentials_obtained obtained) { @@ -313,7 +313,7 @@ bool cli_credentials_set_password(struct cli_credentials *cred, return false; } -bool cli_credentials_set_password_callback(struct cli_credentials *cred, +_PUBLIC_ bool cli_credentials_set_password_callback(struct cli_credentials *cred, const char *(*password_cb) (struct cli_credentials *)) { if (cred->password_obtained < CRED_CALLBACK) { @@ -358,7 +358,7 @@ bool cli_credentials_set_old_password(struct cli_credentials *cred, * @param cred credentials context * @retval If set, the cleartext password, otherwise NULL */ -const struct samr_Password *cli_credentials_get_nt_hash(struct cli_credentials *cred, +_PUBLIC_ const struct samr_Password *cli_credentials_get_nt_hash(struct cli_credentials *cred, TALLOC_CTX *mem_ctx) { const char *password = cli_credentials_get_password(cred); @@ -377,7 +377,7 @@ const struct samr_Password *cli_credentials_get_nt_hash(struct cli_credentials * } } -bool cli_credentials_set_nt_hash(struct cli_credentials *cred, +_PUBLIC_ bool cli_credentials_set_nt_hash(struct cli_credentials *cred, const struct samr_Password *nt_hash, enum credentials_obtained obtained) { @@ -401,7 +401,7 @@ bool cli_credentials_set_nt_hash(struct cli_credentials *cred, * @retval The domain set on this context. * @note Return value will never be NULL except by programmer error. */ -const char *cli_credentials_get_domain(struct cli_credentials *cred) +_PUBLIC_ const char *cli_credentials_get_domain(struct cli_credentials *cred) { if (cred->machine_account_pending) { cli_credentials_set_machine_account(cred, @@ -421,7 +421,7 @@ const char *cli_credentials_get_domain(struct cli_credentials *cred) } -bool cli_credentials_set_domain(struct cli_credentials *cred, +_PUBLIC_ bool cli_credentials_set_domain(struct cli_credentials *cred, const char *val, enum credentials_obtained obtained) { @@ -456,7 +456,7 @@ bool cli_credentials_set_domain_callback(struct cli_credentials *cred, * @retval The realm set on this context. * @note Return value will never be NULL except by programmer error. */ -const char *cli_credentials_get_realm(struct cli_credentials *cred) +_PUBLIC_ const char *cli_credentials_get_realm(struct cli_credentials *cred) { if (cred->machine_account_pending) { cli_credentials_set_machine_account(cred, @@ -479,7 +479,7 @@ const char *cli_credentials_get_realm(struct cli_credentials *cred) * Set the realm for this credentials context, and force it to * uppercase for the sainity of our local kerberos libraries */ -bool cli_credentials_set_realm(struct cli_credentials *cred, +_PUBLIC_ bool cli_credentials_set_realm(struct cli_credentials *cred, const char *val, enum credentials_obtained obtained) { @@ -512,7 +512,7 @@ bool cli_credentials_set_realm_callback(struct cli_credentials *cred, * @retval The workstation name set on this context. * @note Return value will never be NULL except by programmer error. */ -const char *cli_credentials_get_workstation(struct cli_credentials *cred) +_PUBLIC_ const char *cli_credentials_get_workstation(struct cli_credentials *cred) { if (cred->workstation_obtained == CRED_CALLBACK && !cred->callback_running) { @@ -525,7 +525,7 @@ const char *cli_credentials_get_workstation(struct cli_credentials *cred) return cred->workstation; } -bool cli_credentials_set_workstation(struct cli_credentials *cred, +_PUBLIC_ bool cli_credentials_set_workstation(struct cli_credentials *cred, const char *val, enum credentials_obtained obtained) { @@ -560,7 +560,7 @@ bool cli_credentials_set_workstation_callback(struct cli_credentials *cred, * @param obtained This enum describes how 'specified' this password is */ -void cli_credentials_parse_string(struct cli_credentials *credentials, const char *data, enum credentials_obtained obtained) +_PUBLIC_ void cli_credentials_parse_string(struct cli_credentials *credentials, const char *data, enum credentials_obtained obtained) { char *uname, *p; @@ -597,7 +597,7 @@ void cli_credentials_parse_string(struct cli_credentials *credentials, const cha * @param mem_ctx The memory context to place the result on */ -const char *cli_credentials_get_unparsed_name(struct cli_credentials *credentials, TALLOC_CTX *mem_ctx) +_PUBLIC_ const char *cli_credentials_get_unparsed_name(struct cli_credentials *credentials, TALLOC_CTX *mem_ctx) { const char *bind_dn = cli_credentials_get_bind_dn(credentials); const char *domain; @@ -625,7 +625,7 @@ const char *cli_credentials_get_unparsed_name(struct cli_credentials *credential * * @param cred Credentials structure to fill in */ -void cli_credentials_set_conf(struct cli_credentials *cred, +_PUBLIC_ void cli_credentials_set_conf(struct cli_credentials *cred, struct loadparm_context *lp_ctx) { cli_credentials_set_username(cred, "", CRED_UNINITIALISED); @@ -640,7 +640,7 @@ void cli_credentials_set_conf(struct cli_credentials *cred, * * @param cred Credentials structure to fill in */ -void cli_credentials_guess(struct cli_credentials *cred, +_PUBLIC_ void cli_credentials_guess(struct cli_credentials *cred, struct loadparm_context *lp_ctx) { char *p; @@ -683,7 +683,7 @@ void cli_credentials_guess(struct cli_credentials *cred, * Attach NETLOGON credentials for use with SCHANNEL */ -void cli_credentials_set_netlogon_creds(struct cli_credentials *cred, +_PUBLIC_ void cli_credentials_set_netlogon_creds(struct cli_credentials *cred, struct creds_CredentialState *netlogon_creds) { cred->netlogon_creds = talloc_reference(cred, netlogon_creds); @@ -702,7 +702,7 @@ struct creds_CredentialState *cli_credentials_get_netlogon_creds(struct cli_cred * Set NETLOGON secure channel type */ -void cli_credentials_set_secure_channel_type(struct cli_credentials *cred, +_PUBLIC_ void cli_credentials_set_secure_channel_type(struct cli_credentials *cred, enum netr_SchannelType secure_channel_type) { cred->secure_channel_type = secure_channel_type; @@ -712,7 +712,7 @@ void cli_credentials_set_secure_channel_type(struct cli_credentials *cred, * Return NETLOGON secure chanel type */ -enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred) +_PUBLIC_ enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred) { return cred->secure_channel_type; } @@ -720,7 +720,7 @@ enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_creden /** * Fill in a credentials structure as the anonymous user */ -void cli_credentials_set_anonymous(struct cli_credentials *cred) +_PUBLIC_ void cli_credentials_set_anonymous(struct cli_credentials *cred) { cli_credentials_set_username(cred, "", CRED_SPECIFIED); cli_credentials_set_domain(cred, "", CRED_SPECIFIED); @@ -734,7 +734,7 @@ void cli_credentials_set_anonymous(struct cli_credentials *cred) * @retval true if anonymous, false if a username is specified */ -bool cli_credentials_is_anonymous(struct cli_credentials *cred) +_PUBLIC_ bool cli_credentials_is_anonymous(struct cli_credentials *cred) { const char *username; @@ -763,7 +763,7 @@ bool cli_credentials_is_anonymous(struct cli_credentials *cred) * * @retval whether the credentials struct is finished */ -bool cli_credentials_wrong_password(struct cli_credentials *cred) +_PUBLIC_ bool cli_credentials_wrong_password(struct cli_credentials *cred) { if (cred->password_obtained != CRED_CALLBACK_RESULT) { return false; @@ -779,7 +779,7 @@ bool cli_credentials_wrong_password(struct cli_credentials *cred) /* set the common event context for this set of credentials */ -void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev) +_PUBLIC_ void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev) { cred->ev = ev; } @@ -787,7 +787,7 @@ void cli_credentials_set_event_context(struct cli_credentials *cred, struct even /* set the common event context for this set of credentials */ -struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred) +_PUBLIC_ struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred) { if (cred->ev == NULL) { cred->ev = event_context_find(cred); diff --git a/source4/auth/credentials/credentials.h b/source4/auth/credentials/credentials.h index 1b205c61ce..afcb300638 100644 --- a/source4/auth/credentials/credentials.h +++ b/source4/auth/credentials/credentials.h @@ -132,6 +132,117 @@ struct ccache_container; struct gssapi_creds_container; -#include "auth/credentials/credentials_proto.h" +const char *cli_credentials_get_workstation(struct cli_credentials *cred); +bool cli_credentials_set_workstation(struct cli_credentials *cred, + const char *val, + enum credentials_obtained obtained); +bool cli_credentials_is_anonymous(struct cli_credentials *cred); +struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx); +void cli_credentials_set_anonymous(struct cli_credentials *cred); +bool cli_credentials_wrong_password(struct cli_credentials *cred); +const char *cli_credentials_get_password(struct cli_credentials *cred); +void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, + const char **username, + const char **domain); +NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, + int *flags, + DATA_BLOB challenge, DATA_BLOB target_info, + DATA_BLOB *_lm_response, DATA_BLOB *_nt_response, + DATA_BLOB *_lm_session_key, DATA_BLOB *_session_key); +const char *cli_credentials_get_realm(struct cli_credentials *cred); +const char *cli_credentials_get_username(struct cli_credentials *cred); +int cli_credentials_get_krb5_context(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + struct smb_krb5_context **smb_krb5_context); +int cli_credentials_get_ccache(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + struct ccache_container **ccc); +int cli_credentials_get_keytab(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + struct keytab_container **_ktc); +const char *cli_credentials_get_domain(struct cli_credentials *cred); +struct creds_CredentialState *cli_credentials_get_netlogon_creds(struct cli_credentials *cred); +void cli_credentials_set_machine_account_pending(struct cli_credentials *cred, + struct loadparm_context *lp_ctx); +void cli_credentials_set_conf(struct cli_credentials *cred, + struct loadparm_context *lp_ctx); +const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx); +int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + struct gssapi_creds_container **_gcc); +int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + struct gssapi_creds_container **_gcc); +void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev); +void cli_credentials_set_kerberos_state(struct cli_credentials *creds, + enum credentials_use_kerberos use_kerberos); +struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred); +bool cli_credentials_set_domain(struct cli_credentials *cred, + const char *val, + enum credentials_obtained obtained); +bool cli_credentials_set_username(struct cli_credentials *cred, + const char *val, enum credentials_obtained obtained); +bool cli_credentials_set_password(struct cli_credentials *cred, + const char *val, + enum credentials_obtained obtained); +struct cli_credentials *cli_credentials_init_anon(TALLOC_CTX *mem_ctx); +void cli_credentials_parse_string(struct cli_credentials *credentials, const char *data, enum credentials_obtained obtained); +const struct samr_Password *cli_credentials_get_nt_hash(struct cli_credentials *cred, + TALLOC_CTX *mem_ctx); +bool cli_credentials_set_realm(struct cli_credentials *cred, + const char *val, + enum credentials_obtained obtained); +void cli_credentials_set_secure_channel_type(struct cli_credentials *cred, + enum netr_SchannelType secure_channel_type); +void cli_credentials_set_netlogon_creds(struct cli_credentials *cred, + struct creds_CredentialState *netlogon_creds); +NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred, + struct smb_krb5_context *smb_krb5_context); +NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + const char *serviceprincipal); +NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred, + struct loadparm_context *lp_ctx); +bool cli_credentials_authentication_requested(struct cli_credentials *cred); +void cli_credentials_guess(struct cli_credentials *cred, + struct loadparm_context *lp_ctx); +bool cli_credentials_set_bind_dn(struct cli_credentials *cred, + const char *bind_dn); +const char *cli_credentials_get_bind_dn(struct cli_credentials *cred); +bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file, enum credentials_obtained obtained); +const char *cli_credentials_get_unparsed_name(struct cli_credentials *credentials, TALLOC_CTX *mem_ctx); +bool cli_credentials_set_password_callback(struct cli_credentials *cred, + const char *(*password_cb) (struct cli_credentials *)); +enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred); +void cli_credentials_set_kvno(struct cli_credentials *cred, + int kvno); +bool cli_credentials_set_nt_hash(struct cli_credentials *cred, + const struct samr_Password *nt_hash, + enum credentials_obtained obtained); +int cli_credentials_set_keytab_name(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + const char *keytab_name, + enum credentials_obtained obtained); +int cli_credentials_update_keytab(struct cli_credentials *cred, + struct loadparm_context *lp_ctx); +void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features); +uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds); +int cli_credentials_set_ccache(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + const char *name, + enum credentials_obtained obtained); +bool cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained); +bool cli_credentials_parse_password_fd(struct cli_credentials *credentials, + int fd, enum credentials_obtained obtained); +void cli_credentials_invalidate_ccache(struct cli_credentials *cred, + enum credentials_obtained obtained); +void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal); +enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds); +NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, + struct loadparm_context *lp_ctx, + struct ldb_context *ldb, + const char *base, + const char *filter); + int cli_credentials_get_kvno(struct cli_credentials *cred); #endif /* __CREDENTIALS_H__ */ diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c index c1001c9622..8bcbc65575 100644 --- a/source4/auth/credentials/credentials_files.c +++ b/source4/auth/credentials/credentials_files.c @@ -39,7 +39,7 @@ * @param obtained This enum describes how 'specified' this password is */ -bool cli_credentials_parse_password_fd(struct cli_credentials *credentials, +_PUBLIC_ bool cli_credentials_parse_password_fd(struct cli_credentials *credentials, int fd, enum credentials_obtained obtained) { char *p; @@ -83,7 +83,7 @@ bool cli_credentials_parse_password_fd(struct cli_credentials *credentials, * @param obtained This enum describes how 'specified' this password is */ -bool cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained) +_PUBLIC_ bool cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained) { int fd = open(file, O_RDONLY, 0); bool ret; @@ -109,7 +109,7 @@ bool cli_credentials_parse_password_file(struct cli_credentials *credentials, co * @param obtained This enum describes how 'specified' this password is */ -bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file, enum credentials_obtained obtained) +_PUBLIC_ bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file, enum credentials_obtained obtained) { uint16_t len = 0; char *ptr, *val, *param; @@ -168,7 +168,7 @@ bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file, * @param cred Credentials structure to fill in * @retval NTSTATUS error detailing any failure */ -NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, +_PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, struct loadparm_context *lp_ctx, struct ldb_context *ldb, const char *base, @@ -326,7 +326,7 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, * @param cred Credentials structure to fill in * @retval NTSTATUS error detailing any failure */ -NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred, +_PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred, struct loadparm_context *lp_ctx) { char *filter; @@ -369,7 +369,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred, * @param cred Credentials structure to fill in * @retval NTSTATUS error detailing any failure */ -NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred, +_PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred, struct loadparm_context *lp_ctx, const char *serviceprincipal) { @@ -395,7 +395,7 @@ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred, * than during, popt processing. * */ -void cli_credentials_set_machine_account_pending(struct cli_credentials *cred, +_PUBLIC_ void cli_credentials_set_machine_account_pending(struct cli_credentials *cred, struct loadparm_context *lp_ctx) { cred->machine_account_pending = true; diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c index 52bf9f124f..cd9285b09d 100644 --- a/source4/auth/credentials/credentials_krb5.c +++ b/source4/auth/credentials/credentials_krb5.c @@ -25,10 +25,11 @@ #include "system/kerberos.h" #include "auth/kerberos/kerberos.h" #include "auth/credentials/credentials.h" +#include "auth/credentials/credentials_proto.h" #include "auth/credentials/credentials_krb5.h" #include "param/param.h" -int cli_credentials_get_krb5_context(struct cli_credentials *cred, +_PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred, struct loadparm_context *lp_ctx, struct smb_krb5_context **smb_krb5_context) { @@ -52,7 +53,7 @@ int cli_credentials_get_krb5_context(struct cli_credentials *cred, * otherwise we might have problems with the krb5 context already * being here. */ -NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred, +_PUBLIC_ NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred, struct smb_krb5_context *smb_krb5_context) { if (!talloc_reference(cred, smb_krb5_context)) { @@ -126,7 +127,7 @@ static int free_dccache(struct ccache_container *ccc) { return 0; } -int cli_credentials_set_ccache(struct cli_credentials *cred, +_PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred, struct loadparm_context *lp_ctx, const char *name, enum credentials_obtained obtained) @@ -251,7 +252,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred, return ret; } -int cli_credentials_get_ccache(struct cli_credentials *cred, +_PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred, struct loadparm_context *lp_ctx, struct ccache_container **ccc) { @@ -315,7 +316,7 @@ void cli_credentials_invalidate_client_gss_creds(struct cli_credentials *cred, } } -void cli_credentials_invalidate_ccache(struct cli_credentials *cred, +_PUBLIC_ void cli_credentials_invalidate_ccache(struct cli_credentials *cred, enum credentials_obtained obtained) { /* If the caller just changed the username/password etc, then @@ -346,7 +347,7 @@ static int free_gssapi_creds(struct gssapi_creds_container *gcc) return 0; } -int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, +_PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, struct loadparm_context *lp_ctx, struct gssapi_creds_container **_gcc) { @@ -454,7 +455,7 @@ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, * attached to this context. If this hasn't been done or set before, * it will be generated from the password. */ -int cli_credentials_get_keytab(struct cli_credentials *cred, +_PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred, struct loadparm_context *lp_ctx, struct keytab_container **_ktc) { @@ -508,7 +509,7 @@ int cli_credentials_get_keytab(struct cli_credentials *cred, /* Given the name of a keytab (presumably in the format * FILE:/etc/krb5.keytab), open it and attach it */ -int cli_credentials_set_keytab_name(struct cli_credentials *cred, +_PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred, struct loadparm_context *lp_ctx, const char *keytab_name, enum credentials_obtained obtained) @@ -547,7 +548,7 @@ int cli_credentials_set_keytab_name(struct cli_credentials *cred, return ret; } -int cli_credentials_update_keytab(struct cli_credentials *cred, +_PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred, struct loadparm_context *lp_ctx) { krb5_error_code ret; @@ -583,7 +584,7 @@ int cli_credentials_update_keytab(struct cli_credentials *cred, /* Get server gss credentials (in gsskrb5, this means the keytab) */ -int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, +_PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, struct loadparm_context *lp_ctx, struct gssapi_creds_container **_gcc) { @@ -657,7 +658,7 @@ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, * Set Kerberos KVNO */ -void cli_credentials_set_kvno(struct cli_credentials *cred, +_PUBLIC_ void cli_credentials_set_kvno(struct cli_credentials *cred, int kvno) { cred->kvno = kvno; @@ -667,7 +668,7 @@ void cli_credentials_set_kvno(struct cli_credentials *cred, * Return Kerberos KVNO */ -int cli_credentials_get_kvno(struct cli_credentials *cred) +_PUBLIC_ int cli_credentials_get_kvno(struct cli_credentials *cred) { return cred->kvno; } @@ -693,7 +694,7 @@ const char *cli_credentials_get_salt_principal(struct cli_credentials *cred) return cred->salt_principal; } -void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal) +_PUBLIC_ void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal) { cred->salt_principal = talloc_strdup(cred, principal); } diff --git a/source4/auth/credentials/credentials_ntlm.c b/source4/auth/credentials/credentials_ntlm.c index 04f1d312e6..b88f2018df 100644 --- a/source4/auth/credentials/credentials_ntlm.c +++ b/source4/auth/credentials/credentials_ntlm.c @@ -27,7 +27,7 @@ #include "libcli/auth/libcli_auth.h" #include "auth/credentials/credentials.h" -void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, +_PUBLIC_ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, const char **username, const char **domain) { @@ -40,7 +40,7 @@ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALL } } -NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, +_PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_CTX *mem_ctx, int *flags, DATA_BLOB challenge, DATA_BLOB target_info, DATA_BLOB *_lm_response, DATA_BLOB *_nt_response, -- cgit From 236fc02913adafd80921d4e30aa6ee1e414bef44 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Wed, 2 Apr 2008 13:41:10 +0200 Subject: Reduce the number of installed headers. (This used to be commit 2243e24024f09ff9c9c7d0eb735c3b39c9d84424) --- source4/auth/credentials/config.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/auth/credentials') diff --git a/source4/auth/credentials/config.mk b/source4/auth/credentials/config.mk index ef8db50109..83f2f0db93 100644 --- a/source4/auth/credentials/config.mk +++ b/source4/auth/credentials/config.mk @@ -12,7 +12,7 @@ PUBLIC_DEPENDENCIES = \ PRIVATE_DEPENDENCIES = \ SECRETS -PUBLIC_HEADERS += $(addprefix auth/credentials/, credentials.h credentials_krb5.h) +PUBLIC_HEADERS += auth/credentials/credentials.h [PYTHON::swig_credentials] PUBLIC_DEPENDENCIES = CREDENTIALS LIBCMDLINE_CREDENTIALS -- cgit