2 Unix SMB/CIFS implementation.
4 Database Glue between Samba and the KDC
6 Copyright (C) Guenther Deschner <gd@samba.org> 2014
7 Copyright (C) Andreas Schneider <asn@samba.org> 2014
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
28 #include "lib/krb5_wrap/krb5_samba.h"
29 #include "kdc/samba_kdc.h"
31 static void sdb_flags_to_hdb_flags(const struct SDBFlags
*s
,
34 SMB_ASSERT(sizeof(struct SDBFlags
) == sizeof(HDBFlags
));
36 h
->initial
= s
->initial
;
37 h
->forwardable
= s
->forwardable
;
38 h
->proxiable
= s
->proxiable
;
39 h
->renewable
= s
->renewable
;
40 h
->postdate
= s
->postdate
;
41 h
->server
= s
->server
;
42 h
->client
= s
->client
;
43 h
->invalid
= s
->invalid
;
44 h
->require_preauth
= s
->require_preauth
;
45 h
->change_pw
= s
->change_pw
;
46 h
->require_hwauth
= s
->require_hwauth
;
47 h
->ok_as_delegate
= s
->ok_as_delegate
;
48 h
->user_to_user
= s
->user_to_user
;
49 h
->immutable
= s
->immutable
;
50 h
->trusted_for_delegation
= s
->trusted_for_delegation
;
51 h
->allow_kerberos4
= s
->allow_kerberos4
;
52 h
->allow_digest
= s
->allow_digest
;
53 h
->locked_out
= s
->locked_out
;
54 h
->require_pwchange
= s
->require_pwchange
;
55 h
->materialize
= s
->materialize
;
56 h
->virtual_keys
= s
->virtual_keys
;
57 h
->virtual = s
->virtual;
58 h
->synthetic
= s
->synthetic
;
59 h
->no_auth_data_reqd
= s
->no_auth_data_reqd
;
60 h
->_unused24
= s
->_unused24
;
61 h
->_unused25
= s
->_unused25
;
62 h
->_unused26
= s
->_unused26
;
63 h
->_unused27
= s
->_unused27
;
64 h
->_unused28
= s
->_unused28
;
65 h
->_unused29
= s
->_unused29
;
66 h
->force_canonicalize
= s
->force_canonicalize
;
67 h
->do_not_store
= s
->do_not_store
;
70 static int sdb_salt_to_Salt(const struct sdb_salt
*s
, Salt
*h
)
75 ret
= smb_krb5_copy_data_contents(&h
->salt
, s
->salt
.data
, s
->salt
.length
);
85 static int sdb_key_to_Key(const struct sdb_key
*s
, Key
*h
)
91 h
->key
.keytype
= s
->key
.keytype
;
92 rc
= smb_krb5_copy_data_contents(&h
->key
.keyvalue
,
94 s
->key
.keyvalue
.length
);
99 if (s
->salt
!= NULL
) {
100 h
->salt
= malloc(sizeof(Salt
));
101 if (h
->salt
== NULL
) {
105 rc
= sdb_salt_to_Salt(s
->salt
,
121 static int sdb_keys_to_Keys(const struct sdb_keys
*s
, Keys
*h
)
126 if (s
->val
!= NULL
) {
127 h
->val
= malloc(h
->len
* sizeof(Key
));
128 if (h
->val
== NULL
) {
131 for (i
= 0; i
< h
->len
; i
++) {
132 ret
= sdb_key_to_Key(&s
->val
[i
],
146 static int sdb_event_to_Event(krb5_context context
,
147 const struct sdb_event
*s
, Event
*h
)
151 if (s
->principal
!= NULL
) {
152 ret
= krb5_copy_principal(context
,
168 static int sdb_entry_to_hdb_entry(krb5_context context
,
169 const struct sdb_entry
*s
,
177 rc
= krb5_copy_principal(context
,
186 rc
= sdb_keys_to_Keys(&s
->keys
, &h
->keys
);
191 rc
= sdb_event_to_Event(context
,
198 if (s
->modified_by
) {
199 h
->modified_by
= malloc(sizeof(Event
));
200 if (h
->modified_by
== NULL
) {
205 rc
= sdb_event_to_Event(context
,
212 h
->modified_by
= NULL
;
215 if (s
->valid_start
!= NULL
) {
216 h
->valid_start
= malloc(sizeof(KerberosTime
));
217 if (h
->valid_start
== NULL
) {
221 *h
->valid_start
= *s
->valid_start
;
223 h
->valid_start
= NULL
;
226 if (s
->valid_end
!= NULL
) {
227 h
->valid_end
= malloc(sizeof(KerberosTime
));
228 if (h
->valid_end
== NULL
) {
232 *h
->valid_end
= *s
->valid_end
;
237 if (s
->pw_end
!= NULL
) {
238 h
->pw_end
= malloc(sizeof(KerberosTime
));
239 if (h
->pw_end
== NULL
) {
243 *h
->pw_end
= *s
->pw_end
;
248 if (s
->max_life
!= NULL
) {
249 h
->max_life
= malloc(sizeof(unsigned int));
250 if (h
->max_life
== NULL
) {
254 *h
->max_life
= *s
->max_life
;
259 if (s
->max_renew
!= NULL
) {
260 h
->max_renew
= malloc(sizeof(unsigned int));
261 if (h
->max_renew
== NULL
) {
265 *h
->max_renew
= *s
->max_renew
;
270 sdb_flags_to_hdb_flags(&s
->flags
, &h
->flags
);
273 if (h
->keys
.val
!= NULL
) {
274 h
->etypes
= malloc(sizeof(*h
->etypes
));
275 if (h
->etypes
== NULL
) {
280 h
->etypes
->len
= s
->keys
.len
;
282 h
->etypes
->val
= calloc(h
->etypes
->len
, sizeof(int));
283 if (h
->etypes
->val
== NULL
) {
288 for (i
= 0; i
< h
->etypes
->len
; i
++) {
289 Key k
= h
->keys
.val
[i
];
291 h
->etypes
->val
[i
] = KRB5_KEY_TYPE(&(k
.key
));
301 static int samba_kdc_hdb_entry_destructor(struct samba_kdc_entry
*p
)
303 hdb_entry
*entry_ex
= p
->entry_ex
;
304 free_hdb_entry(entry_ex
);
309 int sdb_entry_ex_to_hdb_entry_ex(krb5_context context
,
310 const struct sdb_entry_ex
*s
,
315 ret
= sdb_entry_to_hdb_entry(context
, &s
->entry
, h
);
320 if (s
->ctx
!= NULL
) {
321 struct samba_kdc_entry
*skdc_entry
;
323 skdc_entry
= talloc_get_type(s
->ctx
, struct samba_kdc_entry
);
325 h
->context
= skdc_entry
;
327 talloc_set_destructor(skdc_entry
,
328 samba_kdc_hdb_entry_destructor
);