cred->tries = 3;
cred->callback_running = false;
- cred->ev = NULL;
cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS);
cli_credentials_set_gensec_features(cred, 0);
}
if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
- cli_credentials_set_ccache(cred, lp_ctx, NULL, CRED_GUESS_FILE);
+ cli_credentials_set_ccache(cred, event_context_find(cred), lp_ctx, NULL, CRED_GUESS_FILE);
}
}
return (cred->tries > 0);
}
-
-/*
- set the common event context for this set of credentials
- */
-_PUBLIC_ void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev)
-{
- cred->ev = ev;
-}
-
-/*
- set the common event context for this set of credentials
- */
-_PUBLIC_ struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred)
-{
- if (cred->ev == NULL) {
- cred->ev = event_context_find(cred);
- }
- return cred->ev;
-}
#include "librpc/gen_ndr/misc.h"
struct ccache_container;
+struct event_context;
/* In order of priority */
enum credentials_obtained {
/* Whether any callback is currently running */
bool callback_running;
-
- /* an event context for anyone wanting to use the credentials */
- struct event_context *ev;
};
struct ldb_context;
const char *cli_credentials_get_realm(struct cli_credentials *cred);
const char *cli_credentials_get_username(struct cli_credentials *cred);
int cli_credentials_get_krb5_context(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct smb_krb5_context **smb_krb5_context);
int cli_credentials_get_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ccache_container **ccc);
int cli_credentials_get_keytab(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct keytab_container **_ktc);
const char *cli_credentials_get_domain(struct cli_credentials *cred);
struct loadparm_context *lp_ctx);
const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx);
int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc);
int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc);
-void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev);
void cli_credentials_set_kerberos_state(struct cli_credentials *creds,
enum credentials_use_kerberos use_kerberos);
-struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred);
bool cli_credentials_set_domain(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained);
NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred,
struct smb_krb5_context *smb_krb5_context);
NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *serviceprincipal);
NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
const struct samr_Password *nt_hash,
enum credentials_obtained obtained);
int cli_credentials_set_keytab_name(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *keytab_name,
enum credentials_obtained obtained);
int cli_credentials_update_keytab(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx);
void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features);
uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds);
int cli_credentials_set_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *name,
enum credentials_obtained obtained);
void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal);
enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds);
NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ldb_context *ldb,
const char *base,
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "param/param.h"
+#include "lib/events/events.h"
/**
* Read a file descriptor, and parse it for a password (eg from a file or stdin)
* @retval NTSTATUS error detailing any failure
*/
_PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ldb_context *ldb,
const char *base,
* (chewing CPU time) from the password */
keytab = ldb_msg_find_attr_as_string(msgs[0], "krb5Keytab", NULL);
if (keytab) {
- cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
+ cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED);
} else {
keytab = ldb_msg_find_attr_as_string(msgs[0], "privateKeytab", NULL);
if (keytab) {
keytab = talloc_asprintf(mem_ctx, "FILE:%s", private_path(mem_ctx, lp_ctx, keytab));
if (keytab) {
- cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
+ cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED);
}
}
}
cred->machine_account_pending = false;
filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER,
cli_credentials_get_domain(cred));
- return cli_credentials_set_secrets(cred, lp_ctx, NULL,
+ return cli_credentials_set_secrets(cred, event_context_find(cred), lp_ctx, NULL,
SECRETS_PRIMARY_DOMAIN_DN,
filter);
}
* @retval NTSTATUS error detailing any failure
*/
NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx)
{
char *filter;
filter = talloc_asprintf(cred, SECRETS_KRBTGT_SEARCH,
cli_credentials_get_realm(cred),
cli_credentials_get_domain(cred));
- return cli_credentials_set_secrets(cred, lp_ctx, NULL,
+ return cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL,
SECRETS_PRINCIPALS_DN,
filter);
}
* @retval NTSTATUS error detailing any failure
*/
_PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *serviceprincipal)
{
cli_credentials_get_realm(cred),
cli_credentials_get_domain(cred),
serviceprincipal);
- return cli_credentials_set_secrets(cred, lp_ctx, NULL,
+ return cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL,
SECRETS_PRINCIPALS_DN, filter);
}
#include "param/param.h"
_PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct smb_krb5_context **smb_krb5_context)
{
return 0;
}
- ret = smb_krb5_init_context(cred, cli_credentials_get_event_context(cred),
- lp_ctx, &cred->smb_krb5_context);
+ ret = smb_krb5_init_context(cred, event_ctx, lp_ctx, &cred->smb_krb5_context);
if (ret) {
cred->smb_krb5_context = NULL;
return ret;
}
_PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *name,
enum credentials_obtained obtained)
return ENOMEM;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx,
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx,
&ccc->smb_krb5_context);
if (ret) {
talloc_free(ccc);
static int cli_credentials_new_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ccache_container **_ccc)
{
return ENOMEM;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx,
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx,
&ccc->smb_krb5_context);
if (ret) {
talloc_free(ccc);
}
_PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct ccache_container **ccc)
{
return EINVAL;
}
- ret = cli_credentials_new_ccache(cred, lp_ctx, ccc);
+ ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, ccc);
if (ret) {
return ret;
}
}
_PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc)
{
*_gcc = cred->client_gss_creds;
return 0;
}
- ret = cli_credentials_get_ccache(cred, lp_ctx,
+ ret = cli_credentials_get_ccache(cred, event_ctx, lp_ctx,
&ccache);
if (ret) {
DEBUG(1, ("Failed to get CCACHE for GSSAPI client: %s\n", error_message(ret)));
*/
int cli_credentials_set_client_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
gss_cred_id_t gssapi_cred,
enum credentials_obtained obtained)
return ENOMEM;
}
- ret = cli_credentials_new_ccache(cred, lp_ctx, &ccc);
+ ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, &ccc);
if (ret != 0) {
return ret;
}
* it will be generated from the password.
*/
_PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct keytab_container **_ktc)
{
return EINVAL;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx,
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx,
&smb_krb5_context);
if (ret) {
return ret;
* FILE:/etc/krb5.keytab), open it and attach it */
_PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *keytab_name,
enum credentials_obtained obtained)
return 0;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
if (ret) {
return ret;
}
}
_PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx)
{
krb5_error_code ret;
return ENOMEM;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
if (ret) {
talloc_free(mem_ctx);
return ret;
enctype_strings = cli_credentials_get_enctype_strings(cred);
- ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
+ ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc);
if (ret != 0) {
talloc_free(mem_ctx);
return ret;
/* Get server gss credentials (in gsskrb5, this means the keytab) */
_PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc)
{
return 0;
}
- ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+ ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
if (ret) {
return ret;
}
- ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
+ ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc);
if (ret) {
DEBUG(1, ("Failed to get keytab for GSSAPI server: %s\n", error_message(ret)));
return ret;
/* Manually prototyped here to avoid needing gss headers in most callers */
int cli_credentials_set_client_gss_creds(struct cli_credentials *cred,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
gss_cred_id_t gssapi_cred,
enum credentials_obtained obtained);
DEBUG(3, ("No machine account credentials specified\n"));
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
} else {
- ret = cli_credentials_get_server_gss_creds(machine_account, gensec_security->lp_ctx, &gcc);
+ ret = cli_credentials_get_server_gss_creds(machine_account,
+ gensec_security->event_ctx,
+ gensec_security->lp_ctx, &gcc);
if (ret) {
DEBUG(1, ("Aquiring acceptor credentials failed: %s\n",
error_message(ret)));
return NT_STATUS_INVALID_PARAMETER;
}
- ret = cli_credentials_get_client_gss_creds(creds, gensec_security->lp_ctx, &gcc);
+ ret = cli_credentials_get_client_gss_creds(creds,
+ gensec_security->event_ctx,
+ gensec_security->lp_ctx, &gcc);
switch (ret) {
case 0:
break;
return NT_STATUS_NO_MEMORY;
}
- cli_credentials_set_event_context(session_info->credentials, gensec_security->event_ctx);
cli_credentials_set_conf(session_info->credentials, gensec_security->lp_ctx);
/* Just so we don't segfault trying to get at a username */
cli_credentials_set_anonymous(session_info->credentials);
ret = cli_credentials_set_client_gss_creds(session_info->credentials,
+ gensec_security->event_ctx,
gensec_security->lp_ctx,
gensec_gssapi_state->delegated_cred_handle,
CRED_SPECIFIED);
talloc_set_destructor(gensec_krb5_state, gensec_krb5_destroy);
- if (cli_credentials_get_krb5_context(creds, gensec_security->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
+ if (cli_credentials_get_krb5_context(creds,
+ gensec_security->event_ctx,
+ gensec_security->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
talloc_free(gensec_krb5_state);
return NT_STATUS_INTERNAL_ERROR;
}
principal = gensec_get_target_principal(gensec_security);
- ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), gensec_security->lp_ctx, &ccache_container);
+ ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security),
+ gensec_security->event_ctx,
+ gensec_security->lp_ctx, &ccache_container);
switch (ret) {
case 0:
break;
}
/* Grab the keytab, however generated */
- ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), gensec_security->lp_ctx, &keytab);
+ ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security),
+ gensec_security->event_ctx,
+ gensec_security->lp_ctx, &keytab);
if (ret) {
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
#include "includes.h"
#include "version.h"
#include "libcli/libcli.h"
+#include "lib/events/events.h"
#include "lib/cmdline/popt_common.h"
#include "librpc/gen_ndr/ndr_srvsvc_c.h"
#include "librpc/gen_ndr/ndr_lsa.h"
status = smbcli_full_connection(ctx, &ctx->cli, server, ports,
share, NULL, cred, resolve_ctx,
- cli_credentials_get_event_context(cred),
+ event_context_init(NULL),
options);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Connection to \\\\%s\\%s failed - %s\n",
}
cli_credentials_set_conf(item->creds, ldb_get_opaque(module->ldb, "loadparm"));
- status = cli_credentials_set_secrets(item->creds, ldb_get_opaque(module->ldb, "loadparm"), module->ldb, NULL, filter);
+ status = cli_credentials_set_secrets(item->creds, ldb_get_opaque(module->ldb, "event_ctx"), ldb_get_opaque(module->ldb, "loadparm"), module->ldb, NULL, filter);
talloc_free(filter);
if (NT_STATUS_IS_OK(status)) {
if (delete) {
struct dn_list *p;
for (p=data->changed_dns; p; p = p->next) {
int kret;
- kret = cli_credentials_update_keytab(p->creds, ldb_get_opaque(module->ldb, "loadparm"));
+ kret = cli_credentials_update_keytab(p->creds, ldb_get_opaque(module->ldb, "event_ctx"), ldb_get_opaque(module->ldb, "loadparm"));
if (kret != 0) {
talloc_free(data->changed_dns);
data->changed_dns = NULL;
* we already have, rather than a new context */
cli_credentials_set_krb5_context(server_credentials, kdc->smb_krb5_context);
cli_credentials_set_conf(server_credentials, kdc->task->lp_ctx);
- nt_status = cli_credentials_set_stored_principal(server_credentials, kdc->task->lp_ctx, "kadmin/changepw");
+ nt_status = cli_credentials_set_stored_principal(server_credentials, kdc->task->event_ctx, kdc->task->lp_ctx, "kadmin/changepw");
if (!NT_STATUS_IS_OK(nt_status)) {
ret = kpasswdd_make_unauth_error_reply(kdc, mem_ctx,
KRB5_KPASSWD_HARDERROR,
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "param/param.h"
+#include "lib/events/events.h"
static NTSTATUS samdump_keytab_handle_user(TALLOC_CTX *mem_ctx,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *keytab_name,
struct netr_DELTA_ENUM *delta)
* pass a value in here */
cli_credentials_set_kvno(credentials, 0);
cli_credentials_set_nt_hash(credentials, &user->ntpassword, CRED_SPECIFIED);
- ret = cli_credentials_set_keytab_name(credentials, lp_ctx, keytab_name, CRED_SPECIFIED);
+ ret = cli_credentials_set_keytab_name(credentials, event_ctx, lp_ctx, keytab_name, CRED_SPECIFIED);
if (ret) {
return NT_STATUS_UNSUCCESSFUL;
}
- ret = cli_credentials_update_keytab(credentials, lp_ctx);
+ ret = cli_credentials_update_keytab(credentials, event_ctx, lp_ctx);
if (ret) {
return NT_STATUS_UNSUCCESSFUL;
}
/* not interested in builtin users */
if (database == SAM_DATABASE_DOMAIN) {
nt_status = samdump_keytab_handle_user(mem_ctx,
+ event_context_find(mem_ctx),
global_loadparm,
keytab_name,
delta);
/* anonymous credentials for rpc connection used to get endpoint mapping */
anon_creds = cli_credentials_init(mem_ctx);
- cli_credentials_set_event_context(anon_creds, ev);
cli_credentials_set_anonymous(anon_creds);
/*
if (!credentials) {
return NT_STATUS_NO_MEMORY;
}
- cli_credentials_set_event_context(credentials, ntvfs->ctx->event_ctx);
cli_credentials_set_conf(credentials, ntvfs->ctx->lp_ctx);
cli_credentials_set_username(credentials, user, CRED_SPECIFIED);
if (domain) {
} else if (machine_account) {
DEBUG(5, ("CIFS backend: Using machine account\n"));
credentials = cli_credentials_init(private);
- cli_credentials_set_event_context(credentials, ntvfs->ctx->event_ctx);
cli_credentials_set_conf(credentials, ntvfs->ctx->lp_ctx);
if (domain) {
cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
const char *host = torture_setting_string(tctx, "host", NULL);
const char *share = torture_setting_string(tctx, "share", NULL);
int i, num_files = 3;
- struct event_context *ev;
int num_ok = 0;
int num_collision = 0;
- ev = cli_credentials_get_event_context(cmdline_credentials);
clients = talloc_array(mem_ctx, struct smbcli_state *, num_files);
requests = talloc_array(mem_ctx, struct smbcli_request *, num_files);
ios = talloc_array(mem_ctx, union smb_open, num_files);
- if ((ev == NULL) || (clients == NULL) || (requests == NULL) ||
+ if ((tctx->ev == NULL) || (clients == NULL) || (requests == NULL) ||
(ios == NULL)) {
DEBUG(0, ("talloc failed\n"));
return false;
}
- if (!torture_open_connection_share(mem_ctx, &cli, tctx, host, share, ev)) {
+ if (!torture_open_connection_share(mem_ctx, &cli, tctx, host, share, tctx->ev)) {
return false;
}
for (i=0; i<num_files; i++) {
if (!torture_open_connection_share(mem_ctx, &(clients[i]),
- tctx, host, share, ev)) {
+ tctx, host, share, tctx->ev)) {
DEBUG(0, ("Could not open %d'th connection\n", i));
return false;
}
break;
}
- if (event_loop_once(ev) != 0) {
+ if (event_loop_once(tctx->ev) != 0) {
DEBUG(0, ("event_loop_once failed\n"));
return false;
}
{
NTSTATUS status;
TALLOC_CTX *mem_ctx;
- struct event_context *evt_ctx;
int i;
const char *binding_string;
struct cli_credentials *creds;
/* credentials */
creds = cmdline_credentials;
- /* event context */
- evt_ctx = cli_credentials_get_event_context(creds);
- if (evt_ctx == NULL) return false;
-
/* send bind requests */
for (i = 0; i < torture_numasync; i++) {
table[i] = &ndr_table_lsarpc;
bind_req[i] = dcerpc_pipe_connect_send(mem_ctx, binding_string,
- table[i], creds, evt_ctx, torture->lp_ctx);
+ table[i], creds, torture->ev, torture->lp_ctx);
}
/* recv bind requests */
exit(1);
}
- torture = torture_context_init(cli_credentials_get_event_context(cmdline_credentials), ui_ops);
+ torture = torture_context_init(event_context_init(NULL), ui_ops);
if (basedir != NULL) {
if (basedir[0] != '/') {
fprintf(stderr, "Please specify an absolute path to --basedir\n");
ctx->lp_ctx = cmdline_lp_ctx;
ctx->credentials = cmdline_credentials;
ctx->event_ctx = ev;
- cli_credentials_set_event_context(ctx->credentials, ev);
rc = net_run_function(ctx, argc_new-1, argv_new+1, net_functable, net_usage);
state->domain->libnet_ctx->cred = cli_credentials_init(state->domain);
if (state->domain->libnet_ctx->cred == NULL) goto failed;
- cli_credentials_set_event_context(state->domain->libnet_ctx->cred, service->task->event_ctx);
-
cli_credentials_set_conf(state->domain->libnet_ctx->cred, service->task->lp_ctx);
/* Connect the machine account to the credentials */
return NT_STATUS_NO_MEMORY;
}
- cli_credentials_set_event_context(creds, service->task->event_ctx);
-
cli_credentials_set_conf(creds, service->task->lp_ctx);
/* Connect the machine account to the credentials */