The branch, master has been updated via d1538ad... s3-nss_info: only include nss_info.h where needed. via 04641ab... s3-libads: move ldap posix schema defines to their own header file. via 3f453f7... s3-libads: move spnego defines to their appropriate header file. via dff7be8... s3-libads: only include libds flags where needed. via 6d810ef... s3-libads: move keytab macros out of ads.h. via 56538be... s3-libads: move ads_dns out of main includes. via e64df82... s3-libads: move ads_status to a separate header file. via 6b25d47... s3-libads: move ads_protos.h to ads_ldap_protos.h. from 568a54f... s3-waf: fix the build after smbd/change_trust_pw.c removal.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d1538add736ae3ac7ca3c728e2bd1696d588b374 Author: Günther Deschner <g...@samba.org> Date: Thu Jul 1 00:44:15 2010 +0200 s3-nss_info: only include nss_info.h where needed. Guenther commit 04641abb33a06486327088105b578865ed727a23 Author: Günther Deschner <g...@samba.org> Date: Wed Jun 30 23:48:34 2010 +0200 s3-libads: move ldap posix schema defines to their own header file. Guenther commit 3f453f73a80c98cc98b6b61698c547339817285c Author: Günther Deschner <g...@samba.org> Date: Wed Jun 30 23:47:03 2010 +0200 s3-libads: move spnego defines to their appropriate header file. Guenther commit dff7be8ccb9538cfe8468884aa2eecd129c631cb Author: Günther Deschner <g...@samba.org> Date: Wed Jun 30 23:38:57 2010 +0200 s3-libads: only include libds flags where needed. Guenther commit 6d810eff81f6a0abb371b2661cb0711e46e1bf1d Author: Günther Deschner <g...@samba.org> Date: Wed Jun 30 23:20:22 2010 +0200 s3-libads: move keytab macros out of ads.h. Guenther commit 56538be6af9d4d76bffe5f142ba6a62e978561da Author: Günther Deschner <g...@samba.org> Date: Wed Jun 30 22:36:40 2010 +0200 s3-libads: move ads_dns out of main includes. Guenther commit e64df82146cf62ae6e13b8e4c1adcc8b49b2fd6d Author: Günther Deschner <g...@samba.org> Date: Mon May 31 12:51:58 2010 +0200 s3-libads: move ads_status to a separate header file. Guenther commit 6b25d47fea231fad2009a1e0971ccfa1acf68176 Author: Günther Deschner <g...@samba.org> Date: Mon May 31 12:51:29 2010 +0200 s3-libads: move ads_protos.h to ads_ldap_protos.h. Guenther ----------------------------------------------------------------------- Summary of changes: libcli/auth/spnego.h | 6 ++ source3/include/ads.h | 107 -------------------------- source3/include/ads_dns.h | 61 --------------- source3/include/ads_protos.h | 123 ------------------------------ source3/include/includes.h | 5 +- source3/include/proto.h | 58 -------------- source3/include/smb.h | 12 +++ source3/include/smb_macros.h | 9 ++ source3/lib/netapi/user.c | 1 + source3/libads/ads_ldap_protos.h | 123 ++++++++++++++++++++++++++++++ source3/libads/ads_status.h | 42 ++++++++++ source3/libads/disp_sec.c | 1 + source3/libads/dns.c | 1 + source3/libads/dns.h | 90 ++++++++++++++++++++++ source3/libads/ldap.c | 2 + source3/libads/ldap_schema.c | 1 + source3/libads/ldap_schema.h | 62 +++++++++++++++ source3/libads/ldap_user.c | 1 + source3/libnet/libnet_join.c | 2 + source3/libsmb/dsgetdcname.c | 1 + source3/libsmb/namequery.c | 1 + source3/passdb/pdb_ads.c | 1 + source3/utils/net_ads.c | 2 + source3/utils/net_ads_gpo.c | 1 + source3/utils/net_lookup.c | 1 + source3/winbindd/idmap_ad.c | 3 + source3/winbindd/idmap_adex/cell_util.c | 1 + source3/winbindd/idmap_adex/idmap_adex.c | 1 + source3/winbindd/idmap_hash/idmap_hash.c | 1 + source3/winbindd/winbindd_ads.c | 1 + source3/winbindd/winbindd_cache.c | 1 + 31 files changed, 370 insertions(+), 352 deletions(-) delete mode 100644 source3/include/ads_dns.h delete mode 100644 source3/include/ads_protos.h create mode 100644 source3/libads/ads_ldap_protos.h create mode 100644 source3/libads/ads_status.h create mode 100644 source3/libads/dns.h create mode 100644 source3/libads/ldap_schema.h Changeset truncated at 500 lines: diff --git a/libcli/auth/spnego.h b/libcli/auth/spnego.h index 4b60f22..6aed765 100644 --- a/libcli/auth/spnego.h +++ b/libcli/auth/spnego.h @@ -33,6 +33,12 @@ #define SPNEGO_CONF_FLAG 0x20 #define SPNEGO_INTEG_FLAG 0x40 +#define TOK_ID_KRB_AP_REQ ((const uint8_t *)"\x01\x00") +#define TOK_ID_KRB_AP_REP ((const uint8_t *)"\x02\x00") +#define TOK_ID_KRB_ERROR ((const uint8_t *)"\x03\x00") +#define TOK_ID_GSS_GETMIC ((const uint8_t *)"\x01\x01") +#define TOK_ID_GSS_WRAP ((const uint8_t *)"\x02\x01") + enum spnego_negResult { SPNEGO_ACCEPT_COMPLETED = 0, SPNEGO_ACCEPT_INCOMPLETE = 1, diff --git a/source3/include/ads.h b/source3/include/ads.h index 132586f..0637cc8 100644 --- a/source3/include/ads.h +++ b/source3/include/ads.h @@ -6,56 +6,6 @@ basically this is a wrapper around ldap */ -#include "../libds/common/flags.h" - -/* - * This should be under the HAVE_KRB5 flag but since they're used - * in lp_kerberos_method(), they ned to be always available - */ -#define KERBEROS_VERIFY_SECRETS 0 -#define KERBEROS_VERIFY_SYSTEM_KEYTAB 1 -#define KERBEROS_VERIFY_DEDICATED_KEYTAB 2 -#define KERBEROS_VERIFY_SECRETS_AND_KEYTAB 3 - -/* - * If you add any entries to the above, please modify the below expressions - * so they remain accurate. - */ -#define USE_KERBEROS_KEYTAB (KERBEROS_VERIFY_SECRETS != lp_kerberos_method()) -#define USE_SYSTEM_KEYTAB \ - ((KERBEROS_VERIFY_SECRETS_AND_KEYTAB == lp_kerberos_method()) || \ - (KERBEROS_VERIFY_SYSTEM_KEYTAB == lp_kerberos_method())) - -#define TOK_ID_KRB_AP_REQ ((const uint8_t *)"\x01\x00") -#define TOK_ID_KRB_AP_REP ((const uint8_t *)"\x02\x00") -#define TOK_ID_KRB_ERROR ((const uint8_t *)"\x03\x00") -#define TOK_ID_GSS_GETMIC ((const uint8_t *)"\x01\x01") -#define TOK_ID_GSS_WRAP ((const uint8_t *)"\x02\x01") - -enum wb_posix_mapping { - WB_POSIX_MAP_UNKNOWN = -1, - WB_POSIX_MAP_TEMPLATE = 0, - WB_POSIX_MAP_SFU = 1, - WB_POSIX_MAP_SFU20 = 2, - WB_POSIX_MAP_RFC2307 = 3, - WB_POSIX_MAP_UNIXINFO = 4 -}; - -/* there are 5 possible types of errors the ads subsystem can produce */ -enum ads_error_type {ENUM_ADS_ERROR_KRB5, ENUM_ADS_ERROR_GSS, - ENUM_ADS_ERROR_LDAP, ENUM_ADS_ERROR_SYSTEM, ENUM_ADS_ERROR_NT}; - -typedef struct { - enum ads_error_type error_type; - union err_state{ - int rc; - NTSTATUS nt_status; - } err; - /* For error_type = ENUM_ADS_ERROR_GSS minor_status describe GSS API error */ - /* Where rc represents major_status of GSS API error */ - int minor_status; -} ADS_STATUS; - struct ads_struct; struct ads_saslwrap_ops { @@ -149,44 +99,12 @@ typedef struct ads_struct { #endif /* HAVE_LDAP */ } ADS_STRUCT; -/* used to remember the names of the posix attributes in AD */ -/* see the rfc2307 & sfu nss backends */ - -struct posix_schema { - char *posix_homedir_attr; - char *posix_shell_attr; - char *posix_uidnumber_attr; - char *posix_gidnumber_attr; - char *posix_gecos_attr; - char *posix_uid_attr; -}; - - - #ifdef HAVE_ADS typedef LDAPMod **ADS_MODLIST; #else typedef void **ADS_MODLIST; #endif -/* macros to simplify error returning */ -#define ADS_ERROR(rc) ADS_ERROR_LDAP(rc) -#define ADS_ERROR_LDAP(rc) ads_build_error(ENUM_ADS_ERROR_LDAP, rc, 0) -#define ADS_ERROR_SYSTEM(rc) ads_build_error(ENUM_ADS_ERROR_SYSTEM, rc?rc:EINVAL, 0) -#define ADS_ERROR_KRB5(rc) ads_build_error(ENUM_ADS_ERROR_KRB5, rc, 0) -#define ADS_ERROR_GSS(rc, minor) ads_build_error(ENUM_ADS_ERROR_GSS, rc, minor) -#define ADS_ERROR_NT(rc) ads_build_nt_error(ENUM_ADS_ERROR_NT,rc) - -#define ADS_ERR_OK(status) ((status.error_type == ENUM_ADS_ERROR_NT) ? NT_STATUS_IS_OK(status.err.nt_status):(status.err.rc == 0)) -#define ADS_SUCCESS ADS_ERROR(0) - -#define ADS_ERROR_HAVE_NO_MEMORY(x) do { \ - if (!(x)) {\ - return ADS_ERROR(LDAP_NO_MEMORY);\ - }\ -} while (0) - - /* time between reconnect attempts */ #define ADS_RECONNECT_TIME 5 @@ -199,31 +117,6 @@ typedef void **ADS_MODLIST; #define ADS_EXTENDED_DN_OID "1.2.840.113556.1.4.529" #define ADS_SD_FLAGS_OID "1.2.840.113556.1.4.801" -/* ldap attribute oids (Services for Unix 3.0, 3.5) */ -#define ADS_ATTR_SFU_UIDNUMBER_OID "1.2.840.113556.1.6.18.1.310" -#define ADS_ATTR_SFU_GIDNUMBER_OID "1.2.840.113556.1.6.18.1.311" -#define ADS_ATTR_SFU_HOMEDIR_OID "1.2.840.113556.1.6.18.1.344" -#define ADS_ATTR_SFU_SHELL_OID "1.2.840.113556.1.6.18.1.312" -#define ADS_ATTR_SFU_GECOS_OID "1.2.840.113556.1.6.18.1.337" -#define ADS_ATTR_SFU_UID_OID "1.2.840.113556.1.6.18.1.309" - -/* ldap attribute oids (Services for Unix 2.0) */ -#define ADS_ATTR_SFU20_UIDNUMBER_OID "1.2.840.113556.1.4.7000.187.70" -#define ADS_ATTR_SFU20_GIDNUMBER_OID "1.2.840.113556.1.4.7000.187.71" -#define ADS_ATTR_SFU20_HOMEDIR_OID "1.2.840.113556.1.4.7000.187.106" -#define ADS_ATTR_SFU20_SHELL_OID "1.2.840.113556.1.4.7000.187.72" -#define ADS_ATTR_SFU20_GECOS_OID "1.2.840.113556.1.4.7000.187.97" -#define ADS_ATTR_SFU20_UID_OID "1.2.840.113556.1.4.7000.187.102" - - -/* ldap attribute oids (RFC2307) */ -#define ADS_ATTR_RFC2307_UIDNUMBER_OID "1.3.6.1.1.1.1.0" -#define ADS_ATTR_RFC2307_GIDNUMBER_OID "1.3.6.1.1.1.1.1" -#define ADS_ATTR_RFC2307_HOMEDIR_OID "1.3.6.1.1.1.1.3" -#define ADS_ATTR_RFC2307_SHELL_OID "1.3.6.1.1.1.1.4" -#define ADS_ATTR_RFC2307_GECOS_OID "1.3.6.1.1.1.1.2" -#define ADS_ATTR_RFC2307_UID_OID "0.9.2342.19200300.100.1.1" - /* ldap bitwise searches */ #define ADS_LDAP_MATCHING_RULE_BIT_AND "1.2.840.113556.1.4.803" #define ADS_LDAP_MATCHING_RULE_BIT_OR "1.2.840.113556.1.4.804" diff --git a/source3/include/ads_dns.h b/source3/include/ads_dns.h deleted file mode 100644 index 24805f8..0000000 --- a/source3/include/ads_dns.h +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * Internal DNS query structures - * Copyright (C) Gerald Carter 2006. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see <http://www.gnu.org/licenses/>. - */ - -#ifndef _ADS_DNS_H -#define _ADS_DNS_H - -/* DNS query section in replies */ - -struct dns_query { - const char *hostname; - uint16 type; - uint16 in_class; -}; - -/* DNS RR record in reply */ - -struct dns_rr { - const char *hostname; - uint16 type; - uint16 in_class; - uint32 ttl; - uint16 rdatalen; - uint8 *rdata; -}; - -/* SRV records */ - -struct dns_rr_srv { - const char *hostname; - uint16 priority; - uint16 weight; - uint16 port; - size_t num_ips; - struct sockaddr_storage *ss_s; /* support multi-homed hosts */ -}; - -/* NS records */ - -struct dns_rr_ns { - const char *hostname; - struct sockaddr_storage ss; -}; - - -#endif /* _ADS_DNS_H */ diff --git a/source3/include/ads_protos.h b/source3/include/ads_protos.h deleted file mode 100644 index 09eaf99..0000000 --- a/source3/include/ads_protos.h +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Prototypes for ads - */ - -void ads_msgfree(ADS_STRUCT *ads, LDAPMessage *msg); -char *ads_get_dn(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, LDAPMessage *msg); -char *ads_get_dn_canonical(ADS_STRUCT *ads, LDAPMessage *msg); - -char *ads_pull_string(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, LDAPMessage *msg, - const char *field); -char **ads_pull_strings(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - LDAPMessage *msg, const char *field, - size_t *num_values); -char **ads_pull_strings_range(ADS_STRUCT *ads, - TALLOC_CTX *mem_ctx, - LDAPMessage *msg, const char *field, - char **current_strings, - const char **next_attribute, - size_t *num_strings, - bool *more_strings); -bool ads_pull_uint32(ADS_STRUCT *ads, LDAPMessage *msg, const char *field, - uint32 *v); -bool ads_pull_guid(ADS_STRUCT *ads, LDAPMessage *msg, struct GUID *guid); -bool ads_pull_sid(ADS_STRUCT *ads, LDAPMessage *msg, const char *field, - struct dom_sid *sid); -int ads_pull_sids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - LDAPMessage *msg, const char *field, struct dom_sid **sids); -bool ads_pull_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - LDAPMessage *msg, const char *field, struct security_descriptor **sd); -char *ads_pull_username(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - LDAPMessage *msg); -int ads_pull_sids_from_extendeddn(ADS_STRUCT *ads, - TALLOC_CTX *mem_ctx, - LDAPMessage *msg, - const char *field, - enum ads_extended_dn_flags flags, - struct dom_sid **sids); - -ADS_STATUS ads_find_machine_acct(ADS_STRUCT *ads, LDAPMessage **res, - const char *machine); -ADS_STATUS ads_find_printer_on_server(ADS_STRUCT *ads, LDAPMessage **res, - const char *printer, - const char *servername); -ADS_STATUS ads_find_printers(ADS_STRUCT *ads, LDAPMessage **res); -ADS_STATUS ads_find_user_acct(ADS_STRUCT *ads, LDAPMessage **res, - const char *user); - -ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope, - const char *expr, - const char **attrs, LDAPMessage **res); -ADS_STATUS ads_search(ADS_STRUCT *ads, LDAPMessage **res, - const char *expr, const char **attrs); -ADS_STATUS ads_search_dn(ADS_STRUCT *ads, LDAPMessage **res, - const char *dn, const char **attrs); -ADS_STATUS ads_do_search_all_args(ADS_STRUCT *ads, const char *bind_path, - int scope, const char *expr, - const char **attrs, void *args, - LDAPMessage **res); -ADS_STATUS ads_do_search_all(ADS_STRUCT *ads, const char *bind_path, - int scope, const char *expr, - const char **attrs, LDAPMessage **res); -ADS_STATUS ads_do_search_retry(ADS_STRUCT *ads, const char *bind_path, - int scope, - const char *expr, - const char **attrs, LDAPMessage **res); -ADS_STATUS ads_do_search_retry_args(ADS_STRUCT *ads, const char *bind_path, - int scope, const char *expr, - const char **attrs, void *args, - LDAPMessage **res); -ADS_STATUS ads_search_retry(ADS_STRUCT *ads, LDAPMessage **res, - const char *expr, const char **attrs); -ADS_STATUS ads_search_retry_dn(ADS_STRUCT *ads, LDAPMessage **res, - const char *dn, - const char **attrs); -ADS_STATUS ads_search_retry_extended_dn(ADS_STRUCT *ads, LDAPMessage **res, - const char *dn, - const char **attrs, - enum ads_extended_dn_flags flags); -ADS_STATUS ads_search_retry_extended_dn_ranged(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - const char *dn, - const char **attrs, - enum ads_extended_dn_flags flags, - char ***strings, - size_t *num_strings); -ADS_STATUS ads_search_retry_sid(ADS_STRUCT *ads, LDAPMessage **res, - const struct dom_sid *sid, - const char **attrs); - - -LDAPMessage *ads_first_entry(ADS_STRUCT *ads, LDAPMessage *res); -LDAPMessage *ads_next_entry(ADS_STRUCT *ads, LDAPMessage *res); -LDAPMessage *ads_first_message(ADS_STRUCT *ads, LDAPMessage *res); -LDAPMessage *ads_next_message(ADS_STRUCT *ads, LDAPMessage *res); -void ads_process_results(ADS_STRUCT *ads, LDAPMessage *res, - bool (*fn)(ADS_STRUCT *,char *, void **, void *), - void *data_area); -void ads_dump(ADS_STRUCT *ads, LDAPMessage *res); - -struct GROUP_POLICY_OBJECT; -ADS_STATUS ads_parse_gpo(ADS_STRUCT *ads, - TALLOC_CTX *mem_ctx, - LDAPMessage *res, - const char *gpo_dn, - struct GROUP_POLICY_OBJECT *gpo); -ADS_STATUS ads_search_retry_dn_sd_flags(ADS_STRUCT *ads, LDAPMessage **res, - uint32 sd_flags, - const char *dn, - const char **attrs); -ADS_STATUS ads_do_search_all_sd_flags(ADS_STRUCT *ads, const char *bind_path, - int scope, const char *expr, - const char **attrs, uint32 sd_flags, - LDAPMessage **res); -ADS_STATUS ads_get_tokensids(ADS_STRUCT *ads, - TALLOC_CTX *mem_ctx, - const char *dn, - struct dom_sid *user_sid, - struct dom_sid *primary_group_sid, - struct dom_sid **sids, - size_t *num_sids); -ADS_STATUS ads_get_joinable_ous(ADS_STRUCT *ads, - TALLOC_CTX *mem_ctx, - char ***ous, - size_t *num_ous); diff --git a/source3/include/includes.h b/source3/include/includes.h index 9c97042..7ffb630 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -627,8 +627,8 @@ extern void *cmdline_lp_ctx; #include "../lib/util/asn1.h" #include "krb5_env.h" +#include "libads/ads_status.h" #include "ads.h" -#include "ads_dns.h" #include "interfaces.h" #include "trans2.h" #include "../libcli/util/error.h" @@ -705,7 +705,6 @@ enum flush_reason_enum { /* NUM_FLUSH_REASONS must remain the last value in the enumeration. */ NUM_FLUSH_REASONS}; -#include "nss_info.h" #include "modules/nfs4_acls.h" #include "nsswitch/libwbclient/wbclient.h" @@ -739,7 +738,7 @@ enum flush_reason_enum { #endif #ifdef HAVE_LDAP -#include "ads_protos.h" +#include "libads/ads_ldap_protos.h" #endif /* We need this after proto.h to reference GetTimeOfDay(). */ diff --git a/source3/include/proto.h b/source3/include/proto.h index 28feec3..135820f 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1753,16 +1753,6 @@ void wins_srv_tags_free(char **list); struct in_addr wins_srv_ip_tag(const char *tag, struct in_addr src_ip); unsigned wins_srv_count_tag(const char *tag); -/* The following definitions come from libads/ads_status.c */ - -ADS_STATUS ads_build_error(enum ads_error_type etype, - int rc, int minor_status); -ADS_STATUS ads_build_nt_error(enum ads_error_type etype, - NTSTATUS nt_status); -NTSTATUS ads_ntstatus(ADS_STATUS status); -const char *ads_errstr(ADS_STATUS status); -NTSTATUS gss_err_to_ntstatus(uint32 maj, uint32 min); - /* The following definitions come from libads/ads_struct.c */ char *ads_build_path(const char *realm, const char *sep, const char *field, int reverse); @@ -1795,37 +1785,6 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx, void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_descriptor *sd); -/* The following definitions come from libads/dns.c */ - -NTSTATUS ads_dns_lookup_ns(TALLOC_CTX *ctx, - const char *dnsdomain, - struct dns_rr_ns **nslist, - int *numns); -NTSTATUS ads_dns_query_dcs(TALLOC_CTX *ctx, - const char *realm, - const char *sitename, - struct dns_rr_srv **dclist, - int *numdcs ); -NTSTATUS ads_dns_query_gcs(TALLOC_CTX *ctx, - const char *realm, - const char *sitename, - struct dns_rr_srv **dclist, - int *numdcs ); -NTSTATUS ads_dns_query_kdcs(TALLOC_CTX *ctx, - const char *dns_forest_name, - const char *sitename, - struct dns_rr_srv **dclist, - int *numdcs ); -NTSTATUS ads_dns_query_pdc(TALLOC_CTX *ctx, - const char *dns_domain_name, - struct dns_rr_srv **dclist, - int *numdcs ); -NTSTATUS ads_dns_query_dcs_guid(TALLOC_CTX *ctx, - const char *dns_forest_name, - const struct GUID *domain_guid, - struct dns_rr_srv **dclist, - int *numdcs ); - /* The following definitions come from libads/kerberos.c */ int kerberos_kinit_password_ext(const char *principal, @@ -1979,23 +1938,6 @@ bool get_local_printer_publishing_data(TALLOC_CTX *mem_ctx, ADS_MODLIST *mods, NT_PRINTER_DATA *data); -/* The following definitions come from libads/ldap_schema.c */ - -ADS_STATUS ads_get_attrnames_by_oids(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, - const char *schema_path, - const char **OIDs, size_t num_OIDs, - char ***OIDs_out, char ***names, size_t *count); -const char *ads_get_attrname_by_guid(ADS_STRUCT *ads, - const char *schema_path, - TALLOC_CTX *mem_ctx, - const struct GUID *schema_guid); -const char *ads_get_attrname_by_oid(ADS_STRUCT *ads, const char *schema_path, TALLOC_CTX *mem_ctx, const char * OID); -ADS_STATUS ads_schema_path(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, char **schema_path); -ADS_STATUS ads_check_posix_schema_mapping(TALLOC_CTX *mem_ctx, - ADS_STRUCT *ads, - enum wb_posix_mapping map_type, - struct posix_schema **s ) ; - /* The following definitions come from libads/ldap_user.c */ ADS_STATUS ads_add_user_acct(ADS_STRUCT *ads, const char *user, diff --git a/source3/include/smb.h b/source3/include/smb.h index defecd7..b042de9 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -1551,6 +1551,18 @@ enum ldap_ssl_types {LDAP_SSL_OFF, LDAP_SSL_START_TLS}; /* LDAP PASSWD SYNC methods */ enum ldap_passwd_sync_types {LDAP_PASSWD_SYNC_ON, LDAP_PASSWD_SYNC_OFF, LDAP_PASSWD_SYNC_ONLY}; +/* + * This should be under the HAVE_KRB5 flag but since they're used + * in lp_kerberos_method(), they ned to be always available + * If you add any entries to KERBEROS_VERIFY defines, please modify USE.*KEYTAB macros + * so they remain accurate. + */ + +#define KERBEROS_VERIFY_SECRETS 0 +#define KERBEROS_VERIFY_SYSTEM_KEYTAB 1 +#define KERBEROS_VERIFY_DEDICATED_KEYTAB 2 +#define KERBEROS_VERIFY_SECRETS_AND_KEYTAB 3 + /* Remote architectures we know about. */ enum remote_arch_types {RA_UNKNOWN, RA_WFWG, RA_OS2, RA_WIN95, RA_WINNT, RA_WIN2K, RA_WINXP, RA_WIN2K3, RA_VISTA, diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 20283e7..e5af20b 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -204,6 +204,15 @@ copy an IP address from one buffer to another #define IS_DC (lp_server_role()==ROLE_DOMAIN_PDC || lp_server_role()==ROLE_DOMAIN_BDC) +/* + * If you add any entries to KERBEROS_VERIFY defines, please modify the below expressions + * so they remain accurate. + */ -- Samba Shared Repository