-/* ads auth control flags */
-#define ADS_AUTH_DISABLE_KERBEROS 0x0001
-#define ADS_AUTH_NO_BIND 0x0002
-#define ADS_AUTH_ANON_BIND 0x0004
-#define ADS_AUTH_SIMPLE_BIND 0x0008
-#define ADS_AUTH_ALLOW_NTLMSSP 0x0010
-#define ADS_AUTH_SASL_SIGN 0x0020
-#define ADS_AUTH_SASL_SEAL 0x0040
-#define ADS_AUTH_SASL_FORCE 0x0080
-#define ADS_AUTH_USER_CREDS 0x0100
-
enum ldap_server_require_strong_auth {
LDAP_SERVER_REQUIRE_STRONG_AUTH_NO,
LDAP_SERVER_REQUIRE_STRONG_AUTH_ALLOW_SASL_OVER_TLS,
#include "libds/common/roles.h"
#include "source4/lib/tls/tls.h"
#include "auth/credentials/credentials.h"
+#include "source3/librpc/gen_ndr/ads.h"
#ifndef N_
#define N_(x) x
PyErr_SetString(PyExc_RuntimeError, "Uninitialized");
return NULL;
}
- TALLOC_FREE(self->ads_ptr->auth.user_name);
- TALLOC_FREE(self->ads_ptr->auth.password);
- TALLOC_FREE(self->ads_ptr->auth.realm);
+ ADS_TALLOC_CONST_FREE(self->ads_ptr->auth.user_name);
+ ADS_TALLOC_CONST_FREE(self->ads_ptr->auth.password);
+ ADS_TALLOC_CONST_FREE(self->ads_ptr->auth.realm);
if (self->cli_creds) {
self->ads_ptr->auth.user_name = talloc_strdup(self->ads_ptr,
cli_credentials_get_username(self->cli_creds));
#include "libads/ads_status.h"
#include "smb_ldap.h"
+#include "librpc/gen_ndr/ads.h"
struct ads_saslwrap;
void (*disconnect)(struct ads_saslwrap *);
};
-enum ads_saslwrap_type {
- ADS_SASLWRAP_TYPE_PLAIN = 1,
- ADS_SASLWRAP_TYPE_SIGN = 2,
- ADS_SASLWRAP_TYPE_SEAL = 4
-};
-
-struct ads_saslwrap {
- /* expected SASL wrapping type */
- enum ads_saslwrap_type wrap_type;
- /* SASL wrapping operations */
- const struct ads_saslwrap_ops *wrap_ops;
-#ifdef HAVE_LDAP_SASL_WRAPPING
- Sockbuf_IO_Desc *sbiod; /* lowlevel state for LDAP wrapping */
-#endif /* HAVE_LDAP_SASL_WRAPPING */
- TALLOC_CTX *mem_ctx;
- void *wrap_private_data;
- struct {
- uint32_t ofs;
- uint32_t needed;
- uint32_t left;
-#define ADS_SASL_WRAPPING_IN_MAX_WRAPPED 0x0FFFFFFF
- uint32_t max_wrapped;
- uint32_t min_wrapped;
- uint32_t size;
- uint8_t *buf;
- } in;
- struct {
- uint32_t ofs;
- uint32_t left;
-#define ADS_SASL_WRAPPING_OUT_MAX_WRAPPED 0x00A00000
- uint32_t max_unwrapped;
- uint32_t sig_size;
- uint32_t size;
- uint8_t *buf;
- } out;
-};
-
-typedef struct ads_struct {
- /* info needed to find the server */
- struct {
- char *realm;
- char *workgroup;
- char *ldap_server;
- bool gc; /* Is this a global catalog server? */
- bool no_fallback; /* Bail if the ldap_server is not available */
- } server;
-
- /* info needed to authenticate */
- struct {
- char *realm;
- char *password;
- char *user_name;
- char *kdc_server;
- unsigned flags;
- int time_offset;
- char *ccache_name;
- time_t tgt_expire;
- time_t tgs_expire;
- time_t renewable;
- } auth;
-
- /* info derived from the servers config */
- struct {
- uint32_t flags; /* cldap flags identifying the services. */
- char *realm;
- char *bind_path;
- char *ldap_server_name;
- char *server_site_name;
- char *client_site_name;
- time_t current_time;
- char *schema_path;
- char *config_path;
- int ldap_page_size;
- } config;
-
- /* info about the current LDAP connection */
-#ifdef HAVE_LDAP
- struct ads_saslwrap ldap_wrap_data;
- struct {
- LDAP *ld;
- struct sockaddr_storage ss; /* the ip of the active connection, if any */
- time_t last_attempt; /* last attempt to reconnect, monotonic clock */
- int port;
- } ldap;
-#endif /* HAVE_LDAP */
-} ADS_STRUCT;
+typedef struct ads_struct ADS_STRUCT;
#ifdef HAVE_ADS
typedef LDAPMod **ADS_MODLIST;
#include "libads/kerberos_proto.h"
+#define ADS_TALLOC_CONST_FREE(PTR) do { talloc_free(discard_const(PTR)); PTR = NULL; } while (0);
+
#endif /* _INCLUDE_ADS_H_ */
goto out;
}
- TALLOC_FREE(ads->auth.user_name);
+ ADS_TALLOC_CONST_FREE(ads->auth.user_name);
if (r->in.account) {
ads->auth.user_name = talloc_strdup(ads, r->in.account);
if (ads->auth.user_name == NULL) {
}
}
- TALLOC_FREE(ads->auth.password);
+ ADS_TALLOC_CONST_FREE(ads->auth.password);
if (r->in.password) {
ads->auth.password = talloc_strdup(ads, r->in.password);
if (ads->auth.password == NULL) {
char ***strings,
size_t *num_strings);
-/* The following definitions come from libads/ndr.c */
-
-struct ndr_print;
-void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct ads_struct *r);
-
/* The following definitions come from libads/sasl.c */
ADS_STATUS ads_sasl_bind(ADS_STRUCT *ads);
#include "../librpc/gen_ndr/netlogon.h"
#include "lib/param/loadparm.h"
#include "libsmb/namequery.h"
+#include "../librpc/gen_ndr/ndr_ads.h"
#ifdef HAVE_LDAP
bool ret = false;
char addr[INET6_ADDRSTRLEN];
ADS_STATUS status;
+ char *dn;
print_sockaddr(addr, sizeof(addr), ss);
/* Fill in the ads->config values */
- TALLOC_FREE(ads->config.realm);
- TALLOC_FREE(ads->config.bind_path);
- TALLOC_FREE(ads->config.ldap_server_name);
- TALLOC_FREE(ads->config.server_site_name);
- TALLOC_FREE(ads->config.client_site_name);
- TALLOC_FREE(ads->server.workgroup);
+ ADS_TALLOC_CONST_FREE(ads->config.realm);
+ ADS_TALLOC_CONST_FREE(ads->config.bind_path);
+ ADS_TALLOC_CONST_FREE(ads->config.ldap_server_name);
+ ADS_TALLOC_CONST_FREE(ads->config.server_site_name);
+ ADS_TALLOC_CONST_FREE(ads->config.client_site_name);
+ ADS_TALLOC_CONST_FREE(ads->server.workgroup);
if (!check_cldap_reply_required_flags(cldap_reply->server_type,
ads->config.flags)) {
goto out;
}
- status = ads_build_dn(ads->config.realm, ads, &ads->config.bind_path);
+ status = ads_build_dn(ads->config.realm, ads, &dn);
if (!ADS_ERR_OK(status)) {
DBG_DEBUG("Failed to build bind path: %s\n",
ads_errstr(status));
ret = false;
goto out;
}
+ ads->config.bind_path = dn;
if (*cldap_reply->server_site) {
ads->config.server_site_name =
+++ /dev/null
-/*
- Unix SMB/CIFS implementation.
-
- debug print helpers
-
- Copyright (C) Guenther Deschner 2008
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "ads.h"
-#include "../librpc/gen_ndr/ndr_netlogon.h"
-#include "../librpc/ndr/libndr.h"
-#include "lib/param/loadparm.h"
-
-static void ndr_print_ads_auth_flags(struct ndr_print *ndr, const char *name, uint32_t r)
-{
- ndr_print_uint32(ndr, name, r);
- ndr->depth++;
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_DISABLE_KERBEROS", ADS_AUTH_DISABLE_KERBEROS, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_NO_BIND", ADS_AUTH_NO_BIND, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_ANON_BIND", ADS_AUTH_ANON_BIND, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_SIMPLE_BIND", ADS_AUTH_SIMPLE_BIND, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_ALLOW_NTLMSSP", ADS_AUTH_ALLOW_NTLMSSP, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_SASL_SIGN", ADS_AUTH_SASL_SIGN, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_SASL_SEAL", ADS_AUTH_SASL_SEAL, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_SASL_FORCE", ADS_AUTH_SASL_FORCE, r);
- ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "ADS_AUTH_USER_CREDS", ADS_AUTH_USER_CREDS, r);
- ndr->depth--;
-}
-
-void ndr_print_ads_struct(struct ndr_print *ndr, const char *name, const struct ads_struct *r)
-{
- ndr_print_struct(ndr, name, "ads_struct");
- ndr->depth++;
- ndr_print_struct(ndr, name, "server");
- ndr->depth++;
- ndr_print_string(ndr, "realm", r->server.realm);
- ndr_print_string(ndr, "workgroup", r->server.workgroup);
- ndr_print_string(ndr, "ldap_server", r->server.ldap_server);
- ndr_print_bool(ndr, "gc", r->server.gc);
- ndr_print_bool(ndr, "no_fallback", r->server.no_fallback);
- ndr->depth--;
- ndr_print_struct(ndr, name, "auth");
- ndr->depth++;
- ndr_print_string(ndr, "realm", r->auth.realm);
-#ifdef DEBUG_PASSWORD
- ndr_print_string(ndr, "password", r->auth.password);
-#else
- ndr_print_string(ndr, "password", "(PASSWORD omitted)");
-#endif
- ndr_print_string(ndr, "user_name", r->auth.user_name);
- ndr_print_string(ndr, "kdc_server", r->auth.kdc_server);
- ndr_print_ads_auth_flags(ndr, "flags", r->auth.flags);
- ndr_print_uint32(ndr, "time_offset", r->auth.time_offset);
- ndr_print_string(ndr, "ccache_name", r->auth.ccache_name);
- ndr_print_time_t(ndr, "tgt_expire", r->auth.tgt_expire);
- ndr_print_time_t(ndr, "tgs_expire", r->auth.tgs_expire);
- ndr_print_time_t(ndr, "renewable", r->auth.renewable);
- ndr->depth--;
- ndr_print_struct(ndr, name, "config");
- ndr->depth++;
- ndr_print_netr_DsR_DcFlags(ndr, "flags", r->config.flags);
- ndr_print_string(ndr, "realm", r->config.realm);
- ndr_print_string(ndr, "bind_path", r->config.bind_path);
- ndr_print_string(ndr, "ldap_server_name", r->config.ldap_server_name);
- ndr_print_string(ndr, "server_site_name", r->config.server_site_name);
- ndr_print_string(ndr, "client_site_name", r->config.client_site_name);
- ndr_print_time_t(ndr, "current_time", r->config.current_time);
- ndr_print_string(ndr, "schema_path", r->config.schema_path);
- ndr_print_string(ndr, "config_path", r->config.config_path);
- ndr->depth--;
-#ifdef HAVE_LDAP
- ndr_print_struct(ndr, name, "ldap");
- ndr->depth++;
- ndr_print_ptr(ndr, "ld", r->ldap.ld);
- ndr_print_sockaddr_storage(ndr, "ss", &r->ldap.ss);
- ndr_print_time_t(ndr, "last_attempt", r->ldap.last_attempt);
- ndr_print_uint32(ndr, "port", r->ldap.port);
- ndr_print_ads_saslwrap_struct(ndr, "saslwrap", &(r->ldap_wrap_data));
- ndr->depth--;
- ndr->depth--;
-#endif /* HAVE_LDAP */
- ndr->depth--;
-}
{
struct ads_saslwrap *wrap = (struct ads_saslwrap *)arg;
- wrap->sbiod = sbiod;
+ wrap->sbiod = (struct Sockbuf_IO_Desc *)sbiod;
sbiod->sbiod_pvt = wrap;
return status;
}
- wrap->wrap_ops = ops;
+ wrap->wrap_ops = discard_const(ops);
wrap->wrap_private_data = private_data;
return ADS_SUCCESS;
}
if (user_name) {
- TALLOC_FREE(my_ads->auth.user_name);
+ ADS_TALLOC_CONST_FREE(my_ads->auth.user_name);
my_ads->auth.user_name = talloc_strdup(my_ads, user_name);
if (my_ads->auth.user_name == NULL) {
status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
if ((cp = strchr_m(my_ads->auth.user_name, '@'))!=0) {
*cp++ = '\0';
- TALLOC_FREE(my_ads->auth.realm);
+ ADS_TALLOC_CONST_FREE(my_ads->auth.realm);
my_ads->auth.realm = talloc_asprintf_strupper_m(my_ads, "%s", cp);
if (my_ads->auth.realm == NULL) {
status = ADS_ERROR_LDAP(LDAP_NO_MEMORY);
}
if (password) {
- TALLOC_FREE(my_ads->auth.password);
+ ADS_TALLOC_CONST_FREE(my_ads->auth.password);
my_ads->auth.password = talloc_strdup(my_ads, password);
if (my_ads->auth.password == NULL) {
status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
}
if (ccname != NULL) {
- TALLOC_FREE(my_ads->auth.ccache_name);
+ ADS_TALLOC_CONST_FREE(my_ads->auth.ccache_name);
my_ads->auth.ccache_name = talloc_strdup(my_ads, ccname);
if (my_ads->auth.ccache_name == NULL) {
status = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
if (r->in.ads->auth.ccache_name != NULL) {
ads_kdestroy(r->in.ads->auth.ccache_name);
- TALLOC_FREE(r->in.ads->auth.ccache_name);
+ ADS_TALLOC_CONST_FREE(r->in.ads->auth.ccache_name);
}
TALLOC_FREE(r->in.ads);
--- /dev/null
+#include "idl_types.h"
+#include "config.h"
+
+/*
+ ads interface definition
+*/
+
+cpp_quote("#include <system/network.h>")
+
+[
+ pointer_default(unique)
+]
+interface ads
+{
+ typedef [public] enum {
+ ADS_SASLWRAP_TYPE_PLAIN = 1,
+ ADS_SASLWRAP_TYPE_SIGN = 2,
+ ADS_SASLWRAP_TYPE_SEAL = 4
+ } ads_saslwrap_type;
+
+ /* ads auth control flags */
+ typedef [public] bitmap {
+ ADS_AUTH_DISABLE_KERBEROS = 0x0001,
+ ADS_AUTH_NO_BIND = 0x0002,
+ ADS_AUTH_ANON_BIND = 0x0004,
+ ADS_AUTH_SIMPLE_BIND = 0x0008,
+ ADS_AUTH_ALLOW_NTLMSSP = 0x0010,
+ ADS_AUTH_SASL_SIGN = 0x0020,
+ ADS_AUTH_SASL_SEAL = 0x0040,
+ ADS_AUTH_SASL_FORCE = 0x0080,
+ ADS_AUTH_USER_CREDS = 0x0100
+ } ads_auth_flags;
+
+ const int ADS_SASL_WRAPPING_IN_MAX_WRAPPED = 0x0FFFFFFF;
+ const int ADS_SASL_WRAPPING_OUT_MAX_WRAPPED = 0x00A00000;
+
+ typedef [nopull,nopush] struct {
+ string realm;
+ string workgroup;
+ string ldap_server;
+ boolean8 gc; /* Is this a global catalog server? */
+ boolean8 no_fallback; /* Bail if the ldap_server is not available */
+ } ads_server;
+
+ typedef [nopull,nopush] struct {
+ string realm;
+ string password;
+ string user_name;
+ string kdc_server;
+ ads_auth_flags flags;
+ int time_offset;
+ string ccache_name;
+ time_t tgt_expire;
+ time_t tgs_expire;
+ time_t renewable;
+ } ads_auth;
+
+ typedef [nopull,nopush] struct {
+ uint32 flags; /* cldap flags identifying the services. */
+ string realm;
+ string bind_path;
+ string ldap_server_name;
+ string server_site_name;
+ string client_site_name;
+ time_t current_time;
+ string schema_path;
+ string config_path;
+ int ldap_page_size;
+ } ads_config;
+
+ typedef [nopull,nopush] struct {
+ uint32 ofs;
+ uint32 needed;
+ uint32 left;
+ uint32 max_wrapped;
+ uint32 min_wrapped;
+ uint32 size;
+ uint8 *buf;
+ } ads_ldap_buf_in;
+
+ typedef [nopull,nopush] struct {
+ uint32 ofs;
+ uint32 left;
+ uint32 max_unwrapped;
+ uint32 sig_size;
+ uint32 size;
+ uint8 *buf;
+ } ads_ldap_buf_out;
+
+ typedef [nopull,nopush] struct {
+ ads_saslwrap_type wrap_type;
+ [ignore] ads_saslwrap_ops *wrap_ops;
+#ifdef HAVE_LDAP_SASL_WRAPPING
+ [ignore] Sockbuf_IO_Desc *sbiod; /* lowlevel state for LDAP wrapping */
+#endif /* HAVE_LDAP_SASL_WRAPPING */
+ [ignore] TALLOC_CTX *mem_ctx;
+ [ignore] void *wrap_private_data;
+ ads_ldap_buf_in in;
+ ads_ldap_buf_out out;
+ } ads_saslwrap;
+
+ typedef [nopull,nopush] struct {
+ [ignore] ldap *ld;
+ sockaddr_storage ss; /* the ip of the active connection, if any */
+ time_t last_attempt; /* last attempt to reconnect, monotonic clock */
+ int port;
+ } ads_ldap;
+
+ typedef [public,nopull,nopush] struct {
+ /* info needed to find the server */
+ ads_server server;
+
+ /* info needed to authenticate */
+ ads_auth auth;
+
+ /* info derived from the servers config */
+ ads_config config;
+
+#ifdef HAVE_LDAP
+ ads_saslwrap ldap_wrap_data;
+ /* info about the current LDAP connection */
+ ads_ldap ldap;
+#endif /* HAVE_LDAP */
+
+ } ads_struct;
+}
+
+
#include "idl_types.h"
-import "wkssvc.idl", "security.idl", "misc.idl", "netlogon.idl", "ODJ.idl";
+import "wkssvc.idl", "security.idl", "misc.idl", "netlogon.idl", "ODJ.idl", "ads.idl";
/*
libnetjoin interface definition
*/
[
- pointer_default(unique),
- helper("ads.h")
+ pointer_default(unique)
]
interface libnetjoin
{
options='--includedir=%s --header --ndr-parser' % topinclude,
output_dir='../gen_ndr',
generate_tables=False)
+
+absinclude=os.path.join(bld.srcnode.abspath(), 'bin/default/include')
+
+bld.SAMBA_PIDL_LIST('PIDL',
+ '''
+ ads.idl
+ ''',
+ options='--includedir=%s --includedir=%s --header --ndr-parser' % (topinclude, absinclude),
+ output_dir='../gen_ndr')
--- /dev/null
+/*
+ Unix SMB/CIFS implementation.
+
+ routines for marshalling/unmarshalling ads structures
+
+ Copyright (C) Guenther Deschner 2020
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "librpc/gen_ndr/ndr_ads.h"
+
+enum ndr_err_code ndr_pull_ads_struct(struct ndr_pull *ndr, int ndr_flags, struct ads_struct *r)
+{
+ return NDR_ERR_SUCCESS;
+}
+enum ndr_err_code ndr_push_ads_struct(struct ndr_push *ndr, int ndr_flags, const struct ads_struct *r)
+{
+ return NDR_ERR_SUCCESS;
+}
bld.SAMBA3_SUBSYSTEM('NDR_LIBNET_JOIN',
source='gen_ndr/ndr_libnet_join.c',
- public_deps='ndr krb5samba NDR_ODJ'
+ public_deps='ndr krb5samba NDR_ODJ NDR_ADS'
)
bld.SAMBA3_SUBSYSTEM("NDR_RPC_HOST",
public_deps='ndr'
)
+bld.SAMBA3_SUBSYSTEM('NDR_ADS',
+ source='gen_ndr/ndr_ads.c ndr/ndr_ads.c',
+ public_deps='ndr'
+ )
+
#include "lib/util/string_wrappers.h"
#include "auth/credentials/credentials.h"
#include "source3/lib/substitute.h"
+#include "source3/librpc/gen_ndr/ads.h"
#ifdef HAVE_SYS_SYSCTL_H
#include <sys/sysctl.h>
old_krb5ccname = getenv(KRB5_ENV_CCNAME);
setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
- TALLOC_FREE(ads->auth.password);
+ ADS_TALLOC_CONST_FREE(ads->auth.password);
machine_password = secrets_fetch_machine_password(lp_workgroup(),
NULL, NULL);
if (machine_password != NULL) {
}
old_krb5ccname = getenv(KRB5_ENV_CCNAME);
setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
- TALLOC_FREE(ads->auth.password);
+ ADS_TALLOC_CONST_FREE(ads->auth.password);
machine_password = secrets_fetch_machine_password(lp_workgroup(),
NULL, NULL);
if (machine_password != NULL) {
}
old_krb5ccname = getenv(KRB5_ENV_CCNAME);
setenv(KRB5_ENV_CCNAME, "MEMORY:prtpub_cache", 1);
- TALLOC_FREE(ads->auth.password);
+ ADS_TALLOC_CONST_FREE(ads->auth.password);
machine_password = secrets_fetch_machine_password(lp_workgroup(),
NULL, NULL);
if (machine_password != NULL) {
if (c->opt_password) {
use_in_memory_ccache();
- TALLOC_FREE(ads->auth.password);
+ ADS_TALLOC_CONST_FREE(ads->auth.password);
ads->auth.password = talloc_strdup(ads, c->opt_password);
if (ads->auth.password == NULL) {
TALLOC_FREE(ads);
}
}
- TALLOC_FREE(ads->auth.user_name);
+ ADS_TALLOC_CONST_FREE(ads->auth.user_name);
ads->auth.user_name = talloc_strdup(ads, c->opt_user_name);
if (ads->auth.user_name == NULL) {
TALLOC_FREE(ads);
*/
if ((cp = strchr_m(ads->auth.user_name, '@'))!=0) {
*cp++ = '\0';
- TALLOC_FREE(ads->auth.realm);
+ ADS_TALLOC_CONST_FREE(ads->auth.realm);
ads->auth.realm = talloc_asprintf_strupper_m(ads, "%s", cp);
if (ads->auth.realm == NULL) {
TALLOC_FREE(ads);
#include "libcli/security/dom_sid.h"
#include "source3/libads/sitename_cache.h"
#include "source3/libads/kerberos_proto.h"
+#include "source3/librpc/gen_ndr/ads.h"
struct idmap_ad_schema_names;
goto out;
}
- TALLOC_FREE(ads->auth.password);
- TALLOC_FREE(ads->auth.realm);
+ ADS_TALLOC_CONST_FREE(ads->auth.password);
+ ADS_TALLOC_CONST_FREE(ads->auth.realm);
ads->auth.renewable = renewable;
ads->auth.password = talloc_strdup(ads, password);
libads/ldap_utils.c
libads/ldap_schema.c
libads/util.c
- libads/ndr.c
libads/net_ads_setspn.c
''',
deps='''
DCUTIL
smbldap
trusts_util
+ NDR_ADS
''',
private_library=True)
#include "lib/stream/packet.h"
#include "param/param.h"
#include "param/loadparm.h"
+#include "librpc/gen_ndr/ads.h"
struct ldap_simple_creds {
const char *dn;
NDR_SECRETS
NDR_LEASES_DB
NDR_ODJ
+ NDR_ADS
''',
depends_on='GEN_NDR_TABLES'
)