The branch, master has been updated
via 0027cd2 s3-pdb: Make ADS-type backends updates secrets.tdb.
via e6c39a2 s3-pdb: Break SECRETS3 dependency on PDB.
from c543ce1 libcli/smb: fix smbXcli_negprot(..., PROTOCOL_NT1,
PROTOCOL_SMB2_02)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 0027cd2409492a250fb825927596a2dd9b08d75d
Author: Simo Sorce <[email protected]>
Date: Thu Jan 26 15:33:02 2012 -0500
s3-pdb: Make ADS-type backends updates secrets.tdb.
Make the backends that have ADS capability the only ones that can change the
SID and GUID in secrets.tdb at initialization time.
Signed-off-by: Andreas Schneider <[email protected]>
Autobuild-User: Andreas Schneider <[email protected]>
Autobuild-Date: Fri Jan 27 19:42:17 CET 2012 on sn-devel-104
commit e6c39a292c7aa17792f09222d17733ecc9207849
Author: Simo Sorce <[email protected]>
Date: Thu Jan 26 15:27:54 2012 -0500
s3-pdb: Break SECRETS3 dependency on PDB.
This is causing circular depdnendcies that bring libpdb in all code and
this is
BAD.
This change 'protects' the sid and guid of the domain by adding a special
key
that makes them effectively read only.
Limit this temporarily to the samba 4 build, once it gets some good testing
the
samba4 ifdefs can be dropped.
fix pdb dependencies
Signed-off-by: Andreas Schneider <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
source3/auth/wscript_build | 2 +-
source3/include/secrets.h | 5 ++
source3/passdb/machine_account_secrets.c | 99 +++++++++++++++---------------
source3/passdb/pdb_ads.c | 42 +++++++++++++
source3/passdb/pdb_ipa.c | 42 +++++++++++++
source3/passdb/pdb_samba4.c | 43 +++++++++++++
source3/wscript_build | 22 ++++---
7 files changed, 195 insertions(+), 60 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/wscript_build b/source3/auth/wscript_build
index 4f04772..0dba13f 100644
--- a/source3/auth/wscript_build
+++ b/source3/auth/wscript_build
@@ -16,7 +16,7 @@ AUTH_SRC = '''auth.c
bld.SAMBA3_SUBSYSTEM('TOKEN_UTIL',
source='token_util.c',
- deps='samba-util',
+ deps='samba-util pdb',
vars=locals())
bld.SAMBA3_SUBSYSTEM('USER_UTIL',
diff --git a/source3/include/secrets.h b/source3/include/secrets.h
index 705a329..6cb2e04 100644
--- a/source3/include/secrets.h
+++ b/source3/include/secrets.h
@@ -39,6 +39,7 @@
really secret. */
#define SECRETS_DOMAIN_SID "SECRETS/SID"
#define SECRETS_SAM_SID "SAM/SID"
+#define SECRETS_PROTECT_IDS "SECRETS/PROTECT/IDS"
/* The domain GUID and server GUID (NOT the same) are also not secret */
#define SECRETS_DOMAIN_GUID "SECRETS/DOMGUID"
@@ -88,6 +89,10 @@ void secrets_shutdown(void);
void *secrets_fetch(const char *key, size_t *size);
bool secrets_store(const char *key, const void *data, size_t size);
bool secrets_delete(const char *key);
+
+/* The following definitions come from passdb/machine_account_secrets.c */
+bool secrets_mark_domain_protected(const char *domain);
+bool secrets_clear_domain_protection(const char *domain);
bool secrets_store_domain_sid(const char *domain, const struct dom_sid *sid);
bool secrets_fetch_domain_sid(const char *domain, struct dom_sid *sid);
bool secrets_store_domain_guid(const char *domain, struct GUID *guid);
diff --git a/source3/passdb/machine_account_secrets.c
b/source3/passdb/machine_account_secrets.c
index 565c7c4..a2bd8be 100644
--- a/source3/passdb/machine_account_secrets.c
+++ b/source3/passdb/machine_account_secrets.c
@@ -53,18 +53,52 @@ static const char *domain_sid_keystr(const char *domain)
return keystr;
}
+static const char *protect_ids_keystr(const char *domain)
+{
+ char *keystr;
+
+ keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
+ SECRETS_PROTECT_IDS, domain);
+ SMB_ASSERT(keystr != NULL);
+ return keystr;
+}
+
+/* N O T E: never use this outside of passdb modules that store the SID on
their own */
+bool secrets_mark_domain_protected(const char *domain)
+{
+ bool ret;
+
+ ret = secrets_store(protect_ids_keystr(domain), "TRUE", 5);
+ if (!ret) {
+ DEBUG(0, ("Failed to protect the Domain IDs\n"));
+ }
+ return ret;
+}
+
+bool secrets_clear_domain_protection(const char *domain)
+{
+ bool ret;
+
+ ret = secrets_delete(protect_ids_keystr(domain));
+ if (!ret) {
+ DEBUG(0, ("Failed to remove Domain IDs protection\n"));
+ }
+ return ret;
+}
+
bool secrets_store_domain_sid(const char *domain, const struct dom_sid *sid)
{
+ char *protect_ids;
bool ret;
#if _SAMBA_BUILD_ == 4
- if (strequal(domain, get_global_sam_name()) &&
- (pdb_capabilities() & PDB_CAP_ADS)) {
- /* If we have a ADS-capable passdb backend, we
- * must never make up our own SID, it will
- * already be in the directory */
- DEBUG(0, ("Refusing to store a Domain SID, this should be read
from the directory not stored here\n"));
- return false;
+ protect_ids = secrets_fetch(protect_ids_keystr(domain), NULL);
+ if (protect_ids) {
+ if (strncmp(protect_ids, "TRUE", 4)) {
+ DEBUG(0, ("Refusing to store a Domain SID, "
+ "it has been marked as protected!\n"));
+ return false;
+ }
}
#endif
@@ -81,24 +115,6 @@ bool secrets_fetch_domain_sid(const char *domain, struct
dom_sid *sid)
struct dom_sid *dyn_sid;
size_t size = 0;
-#if _SAMBA_BUILD_ == 4
- if (strequal(domain, get_global_sam_name()) &&
- (pdb_capabilities() & PDB_CAP_ADS)) {
- struct pdb_domain_info *domain_info;
- domain_info = pdb_get_domain_info(talloc_tos());
- if (!domain_info) {
- /* If we have a ADS-capable passdb backend, we
- * must never make up our own SID, it will
- * already be in the directory */
- DEBUG(0, ("Unable to fetch a Domain SID from the
directory!\n"));
- return false;
- }
-
- *sid = domain_info->sid;
- return true;
- }
-#endif
-
dyn_sid = (struct dom_sid *)secrets_fetch(domain_sid_keystr(domain),
&size);
if (dyn_sid == NULL)
@@ -116,16 +132,17 @@ bool secrets_fetch_domain_sid(const char *domain, struct
dom_sid *sid)
bool secrets_store_domain_guid(const char *domain, struct GUID *guid)
{
+ char *protect_ids;
fstring key;
#if _SAMBA_BUILD_ == 4
- if (strequal(domain, get_global_sam_name()) &&
- (pdb_capabilities() & PDB_CAP_ADS)) {
- /* If we have a ADS-capable passdb backend, we
- * must never make up our own GUID, it will
- * already be in the directory */
- DEBUG(0, ("Refusing to store a Domain GUID, this should be read
from the directory not stored here\n"));
- return false;
+ protect_ids = secrets_fetch(protect_ids_keystr(domain), NULL);
+ if (protect_ids) {
+ if (strncmp(protect_ids, "TRUE", 4)) {
+ DEBUG(0, ("Refusing to store a Domain SID, "
+ "it has been marked as protected!\n"));
+ return false;
+ }
}
#endif
@@ -141,24 +158,6 @@ bool secrets_fetch_domain_guid(const char *domain, struct
GUID *guid)
size_t size = 0;
struct GUID new_guid;
-#if _SAMBA_BUILD_ == 4
- if (strequal(domain, get_global_sam_name()) &&
- (pdb_capabilities() & PDB_CAP_ADS)) {
- struct pdb_domain_info *domain_info;
- domain_info = pdb_get_domain_info(talloc_tos());
- if (!domain_info) {
- /* If we have a ADS-capable passdb backend, we
- * must never make up our own SID, it will
- * already be in the directory */
- DEBUG(0, ("Unable to fetch a Domain GUID from the
directory!\n"));
- return false;
- }
-
- *guid = domain_info->guid;
- return true;
- }
-#endif
-
slprintf(key, sizeof(key)-1, "%s/%s", SECRETS_DOMAIN_GUID, domain);
strupper_m(key);
dyn_guid = (struct GUID *)secrets_fetch(key, &size);
diff --git a/source3/passdb/pdb_ads.c b/source3/passdb/pdb_ads.c
index 8dc9585..cd7781a 100644
--- a/source3/passdb/pdb_ads.c
+++ b/source3/passdb/pdb_ads.c
@@ -2594,6 +2594,42 @@ done:
return status;
}
+static NTSTATUS pdb_ads_init_secrets(struct pdb_methods *m)
+{
+#if _SAMBA_BUILD_ == 4
+ struct pdb_domain_info *dom_info;
+ bool ret;
+
+ dom_info = pdb_ads_get_domain_info(m, m);
+ if (!dom_info) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ secrets_clear_domain_protection(dom_info->name);
+ ret = secrets_store_domain_sid(dom_info->name,
+ &dom_info->sid);
+ if (!ret) {
+ goto done;
+ }
+ ret = secrets_store_domain_guid(dom_info->name,
+ &dom_info->guid);
+ if (!ret) {
+ goto done;
+ }
+ ret = secrets_mark_domain_protected(dom_info->name);
+ if (!ret) {
+ goto done;
+ }
+
+done:
+ TALLOC_FREE(dom_info);
+ if (!ret) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+#endif
+ return NT_STATUS_OK;
+}
+
static NTSTATUS pdb_init_ads(struct pdb_methods **pdb_method,
const char *location)
{
@@ -2629,6 +2665,12 @@ static NTSTATUS pdb_init_ads(struct pdb_methods
**pdb_method,
goto fail;
}
+ status = pdb_ads_init_secrets(m);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("pdb_ads_init_secrets failed!\n"));
+ goto fail;
+ }
+
*pdb_method = m;
return NT_STATUS_OK;
nomem:
diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c
index 00185d4..74ac677 100644
--- a/source3/passdb/pdb_ipa.c
+++ b/source3/passdb/pdb_ipa.c
@@ -1407,6 +1407,42 @@ static NTSTATUS ipasam_create_user(struct pdb_methods
*pdb_methods,
return NT_STATUS_OK;
}
+static NTSTATUS pdb_ipa_init_secrets(struct pdb_methods *m)
+{
+#if _SAMBA_BUILD_ == 4
+ struct pdb_domain_info *dom_info;
+ bool ret;
+
+ dom_info = pdb_ipasam_get_domain_info(m, m);
+ if (!dom_info) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ secrets_clear_domain_protection(dom_info->name);
+ ret = secrets_store_domain_sid(dom_info->name,
+ &dom_info->sid);
+ if (!ret) {
+ goto done;
+ }
+ ret = secrets_store_domain_guid(dom_info->name,
+ &dom_info->guid);
+ if (!ret) {
+ goto done;
+ }
+ ret = secrets_mark_domain_protected(dom_info->name);
+ if (!ret) {
+ goto done;
+ }
+
+done:
+ TALLOC_FREE(dom_info);
+ if (!ret) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+#endif
+ return NT_STATUS_OK;
+}
+
static NTSTATUS pdb_init_IPA_ldapsam(struct pdb_methods **pdb_method, const
char *location)
{
struct ldapsam_privates *ldap_state;
@@ -1458,6 +1494,12 @@ static NTSTATUS pdb_init_IPA_ldapsam(struct pdb_methods
**pdb_method, const char
(*pdb_method)->del_trusted_domain = ipasam_del_trusted_domain;
(*pdb_method)->enum_trusted_domains = ipasam_enum_trusted_domains;
+ status = pdb_ipa_init_secrets(*pdb_method);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("pdb_ipa_init_secrets failed!\n"));
+ return status;
+ }
+
return NT_STATUS_OK;
}
diff --git a/source3/passdb/pdb_samba4.c b/source3/passdb/pdb_samba4.c
index bc3b123..9db9a9b 100644
--- a/source3/passdb/pdb_samba4.c
+++ b/source3/passdb/pdb_samba4.c
@@ -34,6 +34,7 @@
#include "source4/auth/system_session_proto.h"
#include "lib/param/param.h"
#include "source4/dsdb/common/util.h"
+#include "source3/include/secrets.h"
struct pdb_samba4_state {
struct tevent_context *ev;
@@ -2195,6 +2196,42 @@ static void free_private_data(void **vp)
return;
}
+static NTSTATUS pdb_samba4_init_secrets(struct pdb_methods *m)
+{
+#if _SAMBA_BUILD_ == 4
+ struct pdb_domain_info *dom_info;
+ bool ret;
+
+ dom_info = pdb_samba4_get_domain_info(m, m);
+ if (!dom_info) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
+ secrets_clear_domain_protection(dom_info->name);
+ ret = secrets_store_domain_sid(dom_info->name,
+ &dom_info->sid);
+ if (!ret) {
+ goto done;
+ }
+ ret = secrets_store_domain_guid(dom_info->name,
+ &dom_info->guid);
+ if (!ret) {
+ goto done;
+ }
+ ret = secrets_mark_domain_protected(dom_info->name);
+ if (!ret) {
+ goto done;
+ }
+
+done:
+ TALLOC_FREE(dom_info);
+ if (!ret) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+#endif
+ return NT_STATUS_OK;
+}
+
static NTSTATUS pdb_init_samba4(struct pdb_methods **pdb_method,
const char *location)
{
@@ -2253,6 +2290,12 @@ static NTSTATUS pdb_init_samba4(struct pdb_methods
**pdb_method,
goto fail;
}
+ status = pdb_samba4_init_secrets(m);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("pdb_samba4_init_secrets failed!\n"));
+ goto fail;
+ }
+
*pdb_method = m;
return NT_STATUS_OK;
nomem:
diff --git a/source3/wscript_build b/source3/wscript_build
index 6d856a5..6052470 100755
--- a/source3/wscript_build
+++ b/source3/wscript_build
@@ -692,7 +692,7 @@ bld.SAMBA3_LIBRARY('nss_wins',
bld.SAMBA3_LIBRARY('gse',
source='librpc/crypto/gse_krb5.c librpc/crypto/gse.c',
- deps='KRB5_WRAP gensec param KRBCLIENT SECRETS3',
+ deps='KRB5_WRAP gensec param KRBCLIENT secrets3',
private_library=True)
bld.SAMBA3_LIBRARY('msrpc3',
@@ -725,7 +725,7 @@ bld.SAMBA3_SUBSYSTEM('TLDAP',
bld.SAMBA3_LIBRARY('pdb',
source=PASSDB_SRC,
- deps='SECRETS3 GROUPDB SERVER_MUTEX wbclient LIBCLI_AUTH
flag_mapping',
+ deps='secrets3 GROUPDB SERVER_MUTEX wbclient LIBCLI_AUTH
flag_mapping',
private_library=True,
public_headers='''
include/passdb.h
@@ -800,7 +800,7 @@ bld.SAMBA3_LIBRARY('popt_samba3',
bld.SAMBA3_LIBRARY('util_cmdline',
source='lib/util_cmdline.c',
- deps='SECRETS3 popt',
+ deps='secrets3 popt',
private_library=True)
bld.SAMBA3_SUBSYSTEM('KRBCLIENT',
@@ -871,9 +871,13 @@ bld.SAMBA3_SUBSYSTEM('CLDAP',
deps='cli-ldap-common cli_cldap LIBTSOCKET',
vars=locals())
-bld.SAMBA3_SUBSYSTEM('SECRETS3',
+# NOTE: The secrets3 library is a low level library used by several subsystems.
+# PLEASE DO NOT make it depend on high level libraries like PDB, if you are
+# doing that your design is wrong and needs changing. -SSS
+bld.SAMBA3_LIBRARY('secrets3',
source=SECRETS_SRC,
- deps='NDR_SECRETS param samba3util dbwrap pdb',
+ deps='NDR_SECRETS param samba3util dbwrap',
+ private_library=True,
vars=locals())
bld.SAMBA3_LIBRARY('smbldap',
@@ -1010,7 +1014,7 @@ bld.SAMBA3_SUBSYSTEM('FNAME_UTIL',
bld.SAMBA3_SUBSYSTEM('LIBNET',
source=LIBNET_SRC,
- deps='NDR_LIBNET_JOIN INIT_SAMR net_keytab',
+ deps='NDR_LIBNET_JOIN INIT_SAMR net_keytab pdb',
vars=locals())
bld.SAMBA3_LIBRARY('net_keytab',
@@ -1074,7 +1078,7 @@ bld.SAMBA3_SUBSYSTEM('DCUTIL',
bld.SAMBA3_LIBRARY('trusts_util',
source='libsmb/trusts_util.c',
- deps='libcli_netlogon3 msrpc3',
+ deps='libcli_netlogon3 msrpc3 pdb',
vars=locals(),
private_library=True)
@@ -1148,7 +1152,7 @@ bld.SAMBA3_LIBRARY('libcli_netlogon3',
bld.SAMBA3_LIBRARY('cli_spoolss',
source=LIBCLI_SPOOLSS_SRC,
- deps='RPC_NDR_SPOOLSS param SECRETS3',
+ deps='RPC_NDR_SPOOLSS param secrets3',
private_library=True)
bld.SAMBA3_SUBSYSTEM('LIBCLI_WINREG',
@@ -1359,7 +1363,7 @@ bld.SAMBA3_BINARY('smbta-util',
source=SMBTA_UTIL_SRC,
deps='''
talloc
- SECRETS3
+ secrets3
param''',
vars=locals())
--
Samba Shared Repository
