Attachment 6938 Details for Bug 7465 – v3-6-test.patch

[patch] v3-6-test.patch

samba-3.5.11-joinkrb5.patch-36 (text/plain), 7.59 KB, created by Guenther Deschner on 2011-09-26 14:26:42 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Guenther Deschner

Created: 2011-09-26 14:26:42 UTC

Size: 7.59 KB

patch

obsolete

>From 40ba91ecc110dc8ae863a8786d0369c5a321e6b3 Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
>Date: Tue, 20 Sep 2011 14:13:36 +0200
>Subject: [PATCH 1/3] s3-docs: document -k switch in net manpage.
>MIME-Version: 1.0
>Content-Type: text/plain; charset=UTF-8
>Content-Transfer-Encoding: 8bit
>
>Guenther
>
>Autobuild-User: GÃ¼nther Deschner <gd@samba.org>
>Autobuild-Date: Tue Sep 20 15:47:00 CEST 2011 on sn-devel-104
>(cherry picked from commit 8dda773bd7eea1d163282b1f3c5e90cbff8a1003)
>---
> docs-xml/manpages-3/net.8.xml |    1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
>diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml
>index fac9ba6..5c16408 100644
>--- a/docs-xml/manpages-3/net.8.xml
>+++ b/docs-xml/manpages-3/net.8.xml
>@@ -61,6 +61,7 @@
> 
> 	<variablelist>
> 		&stdarg.help;
>+		&stdarg.kerberos;
> 		
> 		<varlistentry>
> 		<term>-w target-workgroup</term>
>-- 
>1.7.6.2
>
>
>From dfefd3da32f5727d75cbe430205ff8d27b86a54c Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
>Date: Wed, 21 Sep 2011 17:28:58 +0200
>Subject: [PATCH 2/3] s3-libnet: allow to use default krb5 ccache in
> libnet_Join/libnet_Unjoin.
>
>We force using a MEMORY ccache though in the wkssvc server.
>
>Guenther
>---
> source3/libnet/libnet_join.c              |   30 -----------------------------
> source3/rpc_server/wkssvc/srv_wkssvc_nt.c |    4 +++
> 2 files changed, 4 insertions(+), 30 deletions(-)
>
>diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
>index 6750120..25f1adc 100644
>--- a/source3/libnet/libnet_join.c
>+++ b/source3/libnet/libnet_join.c
>@@ -1764,17 +1764,10 @@ static WERROR libnet_join_post_processing(TALLOC_CTX *mem_ctx,
> 
> static int libnet_destroy_JoinCtx(struct libnet_JoinCtx *r)
> {
>-	const char *krb5_cc_env = NULL;
>-
> 	if (r->in.ads) {
> 		ads_destroy(&r->in.ads);
> 	}
> 
>-	krb5_cc_env = getenv(KRB5_ENV_CCNAME);
>-	if (krb5_cc_env && StrCaseCmp(krb5_cc_env, "MEMORY:libnetjoin")) {
>-		unsetenv(KRB5_ENV_CCNAME);
>-	}
>-
> 	return 0;
> }
> 
>@@ -1783,17 +1776,10 @@ static int libnet_destroy_JoinCtx(struct libnet_JoinCtx *r)
> 
> static int libnet_destroy_UnjoinCtx(struct libnet_UnjoinCtx *r)
> {
>-	const char *krb5_cc_env = NULL;
>-
> 	if (r->in.ads) {
> 		ads_destroy(&r->in.ads);
> 	}
> 
>-	krb5_cc_env = getenv(KRB5_ENV_CCNAME);
>-	if (krb5_cc_env && StrCaseCmp(krb5_cc_env, "MEMORY:libnetjoin")) {
>-		unsetenv(KRB5_ENV_CCNAME);
>-	}
>-
> 	return 0;
> }
> 
>@@ -1804,7 +1790,6 @@ WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx,
> 			   struct libnet_JoinCtx **r)
> {
> 	struct libnet_JoinCtx *ctx;
>-	const char *krb5_cc_env = NULL;
> 
> 	ctx = talloc_zero(mem_ctx, struct libnet_JoinCtx);
> 	if (!ctx) {
>@@ -1816,13 +1801,6 @@ WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx,
> 	ctx->in.machine_name = talloc_strdup(mem_ctx, global_myname());
> 	W_ERROR_HAVE_NO_MEMORY(ctx->in.machine_name);
> 
>-	krb5_cc_env = getenv(KRB5_ENV_CCNAME);
>-	if (!krb5_cc_env || (strlen(krb5_cc_env) == 0)) {
>-		krb5_cc_env = talloc_strdup(mem_ctx, "MEMORY:libnetjoin");
>-		W_ERROR_HAVE_NO_MEMORY(krb5_cc_env);
>-		setenv(KRB5_ENV_CCNAME, krb5_cc_env, 1);
>-	}
>-
> 	ctx->in.secure_channel_type = SEC_CHAN_WKSTA;
> 
> 	*r = ctx;
>@@ -1837,7 +1815,6 @@ WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx,
> 			     struct libnet_UnjoinCtx **r)
> {
> 	struct libnet_UnjoinCtx *ctx;
>-	const char *krb5_cc_env = NULL;
> 
> 	ctx = talloc_zero(mem_ctx, struct libnet_UnjoinCtx);
> 	if (!ctx) {
>@@ -1849,13 +1826,6 @@ WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx,
> 	ctx->in.machine_name = talloc_strdup(mem_ctx, global_myname());
> 	W_ERROR_HAVE_NO_MEMORY(ctx->in.machine_name);
> 
>-	krb5_cc_env = getenv(KRB5_ENV_CCNAME);
>-	if (!krb5_cc_env || (strlen(krb5_cc_env) == 0)) {
>-		krb5_cc_env = talloc_strdup(mem_ctx, "MEMORY:libnetjoin");
>-		W_ERROR_HAVE_NO_MEMORY(krb5_cc_env);
>-		setenv(KRB5_ENV_CCNAME, krb5_cc_env, 1);
>-	}
>-
> 	*r = ctx;
> 
> 	return WERR_OK;
>diff --git a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
>index 0dd89ae..247f9ff 100644
>--- a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
>+++ b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c
>@@ -867,7 +867,9 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p,
> 	j->in.msg_ctx		= p->msg_ctx;
> 
> 	become_root();
>+	setenv(KRB5_ENV_CCNAME, "MEMORY:_wkssvc_NetrJoinDomain2", 1);
> 	werr = libnet_Join(p->mem_ctx, j);
>+	unsetenv(KRB5_ENV_CCNAME);
> 	unbecome_root();
> 
> 	if (!W_ERROR_IS_OK(werr)) {
>@@ -933,7 +935,9 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p,
> 	u->in.msg_ctx		= p->msg_ctx;
> 
> 	become_root();
>+	setenv(KRB5_ENV_CCNAME, "MEMORY:_wkssvc_NetrUnjoinDomain2", 1);
> 	werr = libnet_Unjoin(p->mem_ctx, u);
>+	unsetenv(KRB5_ENV_CCNAME);
> 	unbecome_root();
> 
> 	if (!W_ERROR_IS_OK(werr)) {
>-- 
>1.7.6.2
>
>
>From 86773b743993605ef3d5f4530f9cc53437481294 Mon Sep 17 00:00:00 2001
>From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd@samba.org>
>Date: Mon, 26 Sep 2011 16:25:12 +0200
>Subject: [PATCH 3/3] s3-netapi: allow to use default krb5 credential cache
> for libnetapi users.
>
>Guenther
>---
> source3/lib/netapi/netapi.c |   24 +++++++++++++++++-------
> source3/lib/netapi/netapi.h |    6 ++++++
> 2 files changed, 23 insertions(+), 7 deletions(-)
>
>diff --git a/source3/lib/netapi/netapi.c b/source3/lib/netapi/netapi.c
>index c04ca70..dc42049 100644
>--- a/source3/lib/netapi/netapi.c
>+++ b/source3/lib/netapi/netapi.c
>@@ -103,7 +103,6 @@ NET_API_STATUS libnetapi_net_init(struct libnetapi_ctx **context)
> {
> 	NET_API_STATUS status;
> 	struct libnetapi_ctx *ctx = NULL;
>-	char *krb5_cc_env = NULL;
> 
> 	frame = talloc_stackframe();
> 
>@@ -115,12 +114,6 @@ NET_API_STATUS libnetapi_net_init(struct libnetapi_ctx **context)
> 
> 	BlockSignals(True, SIGPIPE);
> 
>-	krb5_cc_env = getenv(KRB5_ENV_CCNAME);
>-	if (!krb5_cc_env || (strlen(krb5_cc_env) == 0)) {
>-		ctx->krb5_cc_env = talloc_strdup(frame, "MEMORY:libnetapi");
>-		setenv(KRB5_ENV_CCNAME, ctx->krb5_cc_env, 1);
>-	}
>-
> 	if (getenv("USER")) {
> 		ctx->username = talloc_strdup(frame, getenv("USER"));
> 	} else {
>@@ -266,6 +259,23 @@ NET_API_STATUS libnetapi_set_use_kerberos(struct libnetapi_ctx *ctx)
> 	return NET_API_STATUS_SUCCESS;
> }
> 
>+/****************************************************************
>+****************************************************************/
>+
>+NET_API_STATUS libnetapi_set_use_memory_krb5_ccache(struct libnetapi_ctx *ctx)
>+{
>+	ctx->krb5_cc_env = talloc_strdup(ctx, "MEMORY:libnetapi");
>+	if (!ctx->krb5_cc_env) {
>+		return W_ERROR_V(WERR_NOMEM);
>+	}
>+	setenv(KRB5_ENV_CCNAME, ctx->krb5_cc_env, 1);
>+	ctx->use_memory_krb5_ccache = 1;
>+	return NET_API_STATUS_SUCCESS;
>+}
>+
>+/****************************************************************
>+****************************************************************/
>+
> NET_API_STATUS libnetapi_set_use_ccache(struct libnetapi_ctx *ctx)
> {
> 	ctx->use_ccache = true;
>diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h
>index 9e1549d..a55dc5e 100644
>--- a/source3/lib/netapi/netapi.h
>+++ b/source3/lib/netapi/netapi.h
>@@ -1356,6 +1356,7 @@ struct libnetapi_ctx {
> 	char *krb5_cc_env;
> 	int use_kerberos;
> 	int use_ccache;
>+	int use_memory_krb5_ccache;
> 	int disable_policy_handle_cache;
> 
> 	void *private_data;
>@@ -1408,6 +1409,11 @@ NET_API_STATUS libnetapi_set_use_kerberos(struct libnetapi_ctx *ctx);
> /****************************************************************
> ****************************************************************/
> 
>+NET_API_STATUS libnetapi_set_use_memory_krb5_ccache(struct libnetapi_ctx *ctx);
>+
>+/****************************************************************
>+****************************************************************/
>+
> NET_API_STATUS libnetapi_set_use_ccache(struct libnetapi_ctx *ctx);
> 
> /****************************************************************
>-- 
>1.7.6.2
>

Flags:

asn: review+

Actions: View

Attachments on bug 7465: 6937 | 6938 | 6948 | 7034 | 7035