2 Unix SMB/CIFS implementation.
4 Database Glue between Samba and the KDC
6 Copyright (C) Guenther Deschner <gd@samba.org> 2014
7 Copyright (C) Andreas Schneider <asn@samba.org> 2014
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
28 #include "lib/krb5_wrap/krb5_samba.h"
29 #include "kdc/samba_kdc.h"
31 static void sdb_flags_to_hdb_flags(const struct SDBFlags
*s
,
34 SMB_ASSERT(sizeof(struct SDBFlags
) == sizeof(HDBFlags
));
36 h
->initial
= s
->initial
;
37 h
->forwardable
= s
->forwardable
;
38 h
->proxiable
= s
->proxiable
;
39 h
->renewable
= s
->renewable
;
40 h
->postdate
= s
->postdate
;
41 h
->server
= s
->server
;
42 h
->client
= s
->client
;
43 h
->invalid
= s
->invalid
;
44 h
->require_preauth
= s
->require_preauth
;
45 h
->change_pw
= s
->change_pw
;
46 h
->require_hwauth
= s
->require_hwauth
;
47 h
->ok_as_delegate
= s
->ok_as_delegate
;
48 h
->user_to_user
= s
->user_to_user
;
49 h
->immutable
= s
->immutable
;
50 h
->trusted_for_delegation
= s
->trusted_for_delegation
;
51 h
->allow_kerberos4
= s
->allow_kerberos4
;
52 h
->allow_digest
= s
->allow_digest
;
53 h
->locked_out
= s
->locked_out
;
54 h
->_unused18
= s
->_unused18
;
55 h
->_unused19
= s
->_unused19
;
56 h
->_unused20
= s
->_unused20
;
57 h
->_unused21
= s
->_unused21
;
58 h
->_unused22
= s
->_unused22
;
59 h
->_unused23
= s
->_unused23
;
60 h
->_unused24
= s
->_unused24
;
61 h
->_unused25
= s
->_unused25
;
62 h
->_unused26
= s
->_unused26
;
63 h
->_unused27
= s
->_unused27
;
64 h
->_unused28
= s
->_unused28
;
65 h
->_unused29
= s
->_unused29
;
66 h
->_unused30
= s
->_unused30
;
67 h
->do_not_store
= s
->do_not_store
;
70 static int sdb_salt_to_Salt(const struct sdb_salt
*s
, Salt
*h
)
75 ret
= smb_krb5_copy_data_contents(&h
->salt
, s
->salt
.data
, s
->salt
.length
);
85 static int sdb_key_to_Key(const struct sdb_key
*s
, Key
*h
)
89 if (s
->mkvno
!= NULL
) {
90 h
->mkvno
= malloc(sizeof(unsigned int));
91 if (h
->mkvno
== NULL
) {
94 *h
->mkvno
= *s
->mkvno
;
99 h
->key
.keytype
= s
->key
.keytype
;
100 rc
= smb_krb5_copy_data_contents(&h
->key
.keyvalue
,
101 s
->key
.keyvalue
.data
,
102 s
->key
.keyvalue
.length
);
107 if (s
->salt
!= NULL
) {
108 h
->salt
= malloc(sizeof(Salt
));
109 if (h
->salt
== NULL
) {
113 rc
= sdb_salt_to_Salt(s
->salt
,
129 static int sdb_keys_to_Keys(const struct sdb_keys
*s
, Keys
*h
)
134 if (s
->val
!= NULL
) {
135 h
->val
= malloc(h
->len
* sizeof(Key
));
136 if (h
->val
== NULL
) {
139 for (i
= 0; i
< h
->len
; i
++) {
140 ret
= sdb_key_to_Key(&s
->val
[i
],
154 static int sdb_event_to_Event(krb5_context context
,
155 const struct sdb_event
*s
, Event
*h
)
159 if (s
->principal
!= NULL
) {
160 ret
= krb5_copy_principal(context
,
176 static int sdb_entry_to_hdb_entry(krb5_context context
,
177 const struct sdb_entry
*s
,
185 rc
= krb5_copy_principal(context
,
194 rc
= sdb_keys_to_Keys(&s
->keys
, &h
->keys
);
199 rc
= sdb_event_to_Event(context
,
206 if (s
->modified_by
) {
207 h
->modified_by
= malloc(sizeof(Event
));
208 if (h
->modified_by
== NULL
) {
213 rc
= sdb_event_to_Event(context
,
220 h
->modified_by
= NULL
;
223 if (s
->valid_start
!= NULL
) {
224 h
->valid_start
= malloc(sizeof(KerberosTime
));
225 if (h
->valid_start
== NULL
) {
229 *h
->valid_start
= *s
->valid_start
;
231 h
->valid_start
= NULL
;
234 if (s
->valid_end
!= NULL
) {
235 h
->valid_end
= malloc(sizeof(KerberosTime
));
236 if (h
->valid_end
== NULL
) {
240 *h
->valid_end
= *s
->valid_end
;
245 if (s
->pw_end
!= NULL
) {
246 h
->pw_end
= malloc(sizeof(KerberosTime
));
247 if (h
->pw_end
== NULL
) {
251 *h
->pw_end
= *s
->pw_end
;
256 if (s
->max_life
!= NULL
) {
257 h
->max_life
= malloc(sizeof(unsigned int));
258 if (h
->max_life
== NULL
) {
262 *h
->max_life
= *s
->max_life
;
267 if (s
->max_renew
!= NULL
) {
268 h
->max_renew
= malloc(sizeof(unsigned int));
269 if (h
->max_renew
== NULL
) {
273 *h
->max_renew
= *s
->max_renew
;
278 sdb_flags_to_hdb_flags(&s
->flags
, &h
->flags
);
281 if (h
->keys
.val
!= NULL
) {
282 h
->etypes
= malloc(sizeof(*h
->etypes
));
283 if (h
->etypes
== NULL
) {
288 h
->etypes
->len
= s
->keys
.len
;
290 h
->etypes
->val
= calloc(h
->etypes
->len
, sizeof(int));
291 if (h
->etypes
->val
== NULL
) {
296 for (i
= 0; i
< h
->etypes
->len
; i
++) {
297 Key k
= h
->keys
.val
[i
];
299 h
->etypes
->val
[i
] = KRB5_KEY_TYPE(&(k
.key
));
303 h
->generation
= NULL
;
304 h
->extensions
= NULL
; /* really sure ? FIXME */
312 static int samba_kdc_hdb_entry_destructor(struct samba_kdc_entry
*p
)
314 struct hdb_entry_ex
*entry_ex
= p
->entry_ex
;
315 free_hdb_entry(&entry_ex
->entry
);
320 static void samba_kdc_free_hdb_entry(krb5_context context
,
321 struct hdb_entry_ex
*entry_ex
)
323 /* this function is called only from hdb_free_entry().
324 * Make sure we neutralize the destructor or we will
325 * get a double free later when hdb_free_entry() will
326 * try to call free_hdb_entry() */
327 talloc_set_destructor(entry_ex
->ctx
, NULL
);
329 /* now proceed to free the talloc part */
330 talloc_free(entry_ex
->ctx
);
333 int sdb_entry_ex_to_hdb_entry_ex(krb5_context context
,
334 const struct sdb_entry_ex
*s
,
335 struct hdb_entry_ex
*h
)
337 struct samba_kdc_entry
*skdc_entry
;
341 if (s
->ctx
!= NULL
) {
342 skdc_entry
= talloc_get_type(s
->ctx
, struct samba_kdc_entry
);
345 h
->free_entry
= samba_kdc_free_hdb_entry
;
347 talloc_set_destructor(skdc_entry
,
348 samba_kdc_hdb_entry_destructor
);
351 return sdb_entry_to_hdb_entry(context
, &s
->entry
, &h
->entry
);