s4:kdc: let samba_kdc_entry take references to sdb_entry and kdc_entry

kdc_entry can be hdb_entry or krb5_db_entry.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c
index 3c9540eb3488725f46f6fd91ca0744fd6e2adbd4..592285511cebe000aa3df9da323e563d224e05c3 100644 (file)
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -252,6 +252,21 @@ static struct SDBFlags uf2SDBFlags(krb5_context context, uint32_t userAccountCon
 
 static int samba_kdc_entry_destructor(struct samba_kdc_entry *p)
 {
+       if (p->db_entry != NULL) {
+               /*
+                * A sdb_entry still has a reference
+                */
+               return -1;
+       }
+
+       if (p->kdc_entry != NULL) {
+               /*
+                * hdb_entry or krb5_db_entry still
+                * have a reference...
+                */
+               return -1;
+       }
+
        return 0;
 }
 

diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index dcd9c3979aa611875e3cf8a8ae3d4b416d53a3c9..0c903afe35ce758b35f2d6964d6f5b26c4efd4fd 100644 (file)
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -101,14 +101,17 @@ static void hdb_samba4_free_entry_context(krb5_context context, struct HDB *db,
         * 'context' set, so we have to check that the context is not NULL.
        */
        if (entry->context != NULL) {
+               struct samba_kdc_entry *skdc_entry =
+                       talloc_get_type_abort(entry->context,
+                       struct samba_kdc_entry);
+
                /* this function is called only from hdb_free_entry().
                 * Make sure we neutralize the destructor or we will
                 * get a double free later when hdb_free_entry() will
                 * try to call free_hdb_entry() */
-               talloc_set_destructor(entry->context, NULL);
-
-               /* now proceed to free the talloc part */
-               talloc_free(entry->context);
+               entry->context = NULL;
+               skdc_entry->kdc_entry = NULL;
+               TALLOC_FREE(skdc_entry);
        }
 }
 

diff --git a/source4/kdc/mit-kdb/kdb_samba.c b/source4/kdc/mit-kdb/kdb_samba.c
index 650df06882f023df79b282c05698acb97817fa0f..0ff1bfe6c5cfdf2ce49e89a487518599d91bba3e 100644 (file)
--- a/source4/kdc/mit-kdb/kdb_samba.c
+++ b/source4/kdc/mit-kdb/kdb_samba.c
@@ -27,6 +27,7 @@
 #include <profile.h>
 #include <kdb.h>
 
+#include "kdc/samba_kdc.h"
 #include "kdc/mit_samba.h"
 #include "kdb_samba.h"
 
@@ -133,7 +134,7 @@ static void kdb_samba_db_free_principal_e_data(krb5_context context,
 
        skdc_entry = talloc_get_type_abort(e_data,
                                           struct samba_kdc_entry);
-       talloc_set_destructor(skdc_entry, NULL);
+       skdc_entry->kdc_entry = NULL;
        TALLOC_FREE(skdc_entry);
 }
 

diff --git a/source4/kdc/mit-kdb/kdb_samba_principals.c b/source4/kdc/mit-kdb/kdb_samba_principals.c
index 3917b9824c619b574ba1f6eac23630a3f79f0275..31983a7da6c92f0224c9fe31bf50d05ffa6962c5 100644 (file)
--- a/source4/kdc/mit-kdb/kdb_samba_principals.c
+++ b/source4/kdc/mit-kdb/kdb_samba_principals.c
@@ -27,6 +27,7 @@
 #include <profile.h>
 #include <kdb.h>
 
+#include "kdc/samba_kdc.h"
 #include "kdc/mit_samba.h"
 #include "kdb_samba.h"
 
@@ -68,7 +69,7 @@ static void ks_free_principal_e_data(krb5_context context, krb5_octet *e_data)
 
        skdc_entry = talloc_get_type_abort(e_data,
                                           struct samba_kdc_entry);
-       talloc_set_destructor(skdc_entry, NULL);
+       skdc_entry->kdc_entry = NULL;
        TALLOC_FREE(skdc_entry);
 }
 

diff --git a/source4/kdc/samba_kdc.h b/source4/kdc/samba_kdc.h
index 4a0b4eff22e9dd035ae7af8cc801651110ecd0f3..2caefd58ae91d3bbad4b6c230e675a500aa7ea0c 100644 (file)
--- a/source4/kdc/samba_kdc.h
+++ b/source4/kdc/samba_kdc.h
@@ -54,6 +54,8 @@ struct samba_kdc_db_context {
 
 struct samba_kdc_entry {
        struct samba_kdc_db_context *kdc_db_ctx;
+       const struct sdb_entry *db_entry; /* this is only temporary valid */
+       const void *kdc_entry; /* this is a reference to hdb_entry/krb5_db_entry */
        struct ldb_message *msg;
        struct ldb_dn *realm_dn;
        struct auth_user_info_dc *user_info_dc;

diff --git a/source4/kdc/sdb.c b/source4/kdc/sdb.c
index 3296e509e37c01052cc94893d2937ea5da1eef2c..37784529f840a3813e99b3860c9d27a4775e7cbd 100644 (file)
--- a/source4/kdc/sdb.c
+++ b/source4/kdc/sdb.c
@@ -24,6 +24,7 @@
 #include "includes.h"
 #include "system/kerberos.h"
 #include "sdb.h"
+#include "samba_kdc.h"
 #include "lib/krb5_wrap/krb5_samba.h"
 
 static void free_sdb_entry(struct sdb_entry *s);
@@ -73,6 +74,11 @@ void sdb_keys_free(struct sdb_keys *keys)
 
 static void free_sdb_entry(struct sdb_entry *s)
 {
+       if (s->skdc_entry != NULL) {
+               s->skdc_entry->db_entry = NULL;
+               TALLOC_FREE(s->skdc_entry);
+       }
+
        /*
         * Passing NULL as the Kerberos context is intentional here, as both
         * Heimdal and MIT libraries don't use the context when clearing the

diff --git a/source4/kdc/sdb_to_hdb.c b/source4/kdc/sdb_to_hdb.c
index 800dace005e8d94224e8bbced928a1bfd42886d1..9cce5ead7ee26001c299ac5bd859de205c0bbad6 100644 (file)
--- a/source4/kdc/sdb_to_hdb.c
+++ b/source4/kdc/sdb_to_hdb.c
@@ -294,6 +294,9 @@ static int sdb_entry_to_hdb_entry(krb5_context context,
        }
 
        h->context = ske;
+       if (ske != NULL) {
+               ske->kdc_entry = h;
+       }
        return 0;
 error:
        free_hdb_entry(h);

diff --git a/source4/kdc/sdb_to_kdb.c b/source4/kdc/sdb_to_kdb.c
index a4a85537ac02640481f6dd9c29c641d6ea1169fe..e617845ed78d9920091e1b7bd3943ef6cee7eaec 100644 (file)
--- a/source4/kdc/sdb_to_kdb.c
+++ b/source4/kdc/sdb_to_kdb.c
@@ -311,6 +311,9 @@ static int sdb_entry_ex_to_krb5_db_entry(krb5_context context,
        }
 
        k->e_data = (void *)ske;
+       if (ske != NULL) {
+               ske->kdc_entry = k;
+       }
        return 0;
 }