Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-wsgi
authorJelmer Vernooij <jelmer@samba.org>
Fri, 23 May 2008 14:24:07 +0000 (16:24 +0200)
committerJelmer Vernooij <jelmer@samba.org>
Fri, 23 May 2008 14:24:07 +0000 (16:24 +0200)
Conflicts:

source/scripting/python/samba/provision.py
(This used to be commit d27de633656f8a699222df77c4c58326890889a2)

650 files changed:
.gitignore
howto.txt
source4/Makefile
source4/auth/auth.py
source4/auth/auth_server.c [deleted file]
source4/auth/auth_wrap.c
source4/auth/config.mk
source4/auth/credentials/config.mk
source4/auth/credentials/credentials.c
source4/auth/credentials/credentials.h
source4/auth/credentials/credentials.i
source4/auth/credentials/credentials.py
source4/auth/credentials/credentials_files.c
source4/auth/credentials/credentials_krb5.c
source4/auth/credentials/credentials_krb5.h
source4/auth/credentials/credentials_ntlm.c
source4/auth/credentials/credentials_wrap.c
source4/auth/credentials/tests/bindings.py
source4/auth/gensec/config.mk
source4/auth/gensec/gensec.c
source4/auth/gensec/gensec_gssapi.c
source4/auth/gensec/gensec_krb5.c
source4/auth/gensec/schannel.c
source4/auth/gensec/schannel_state.c
source4/auth/kerberos/config.mk
source4/auth/ntlm/auth.c [moved from source4/auth/auth.c with 98% similarity]
source4/auth/ntlm/auth_anonymous.c [moved from source4/auth/auth_anonymous.c with 98% similarity]
source4/auth/ntlm/auth_developer.c [moved from source4/auth/auth_developer.c with 99% similarity]
source4/auth/ntlm/auth_proto.h [new file with mode: 0644]
source4/auth/ntlm/auth_sam.c [moved from source4/auth/auth_sam.c with 98% similarity]
source4/auth/ntlm/auth_server.c [new file with mode: 0644]
source4/auth/ntlm/auth_simple.c [moved from source4/auth/auth_simple.c with 96% similarity]
source4/auth/ntlm/auth_unix.c [moved from source4/auth/auth_unix.c with 99% similarity]
source4/auth/ntlm/auth_util.c [moved from source4/auth/auth_util.c with 100% similarity]
source4/auth/ntlm/auth_winbind.c [moved from source4/auth/auth_winbind.c with 99% similarity]
source4/auth/ntlm/config.mk [new file with mode: 0644]
source4/auth/ntlm/ntlm_check.c [moved from source4/auth/ntlm_check.c with 99% similarity]
source4/auth/ntlm/ntlm_check.h [new file with mode: 0644]
source4/auth/ntlm/pam_errors.c [moved from source4/auth/pam_errors.c with 100% similarity]
source4/auth/ntlm/pam_errors.h [new file with mode: 0644]
source4/auth/ntlmssp/config.mk
source4/auth/ntlmssp/ntlmssp.c
source4/auth/ntlmssp/ntlmssp_server.c
source4/auth/sam.c
source4/auth/session.c
source4/auth/session.h
source4/auth/system_session.c
source4/auth/tests/bindings.py
source4/build/m4/check_ld.m4
source4/build/m4/public.m4
source4/build/make/lex_compile.sh [moved from source4/script/lex_compile.sh with 100% similarity]
source4/build/make/python.mk [new file with mode: 0644]
source4/build/make/rules.mk [moved from source4/rules.mk with 87% similarity]
source4/build/make/templates.mk [new file with mode: 0644]
source4/build/make/yacc_compile.sh [moved from source4/script/yacc_compile.sh with 100% similarity]
source4/build/smb_build/config_mk.pm
source4/build/smb_build/dot.pl
source4/build/smb_build/header.pm [deleted file]
source4/build/smb_build/input.pm
source4/build/smb_build/main.pl
source4/build/smb_build/makefile.pm
source4/build/smb_build/output.pm
source4/build/tests/unixsock.c [deleted file]
source4/cldap_server/cldap_server.c
source4/cldap_server/config.mk
source4/cldap_server/netlogon.c
source4/client/cifsdd.c
source4/client/cifsdd.h
source4/client/cifsddio.c
source4/client/client.c
source4/client/config.mk
source4/cluster/config.mk
source4/cluster/ctdb/config.mk
source4/cluster/ctdb/include/includes.h
source4/configure.ac
source4/dsdb/common/sidmap.c
source4/dsdb/config.mk
source4/dsdb/repl/drepl_service.c
source4/dsdb/samdb/cracknames.c
source4/dsdb/samdb/ldb_modules/config.mk
source4/dsdb/samdb/ldb_modules/rootdse.c
source4/dsdb/samdb/ldb_modules/samldb.c
source4/dsdb/samdb/ldb_modules/update_keytab.c
source4/dsdb/samdb/samdb.c
source4/dsdb/samdb/samdb.h
source4/dsdb/samdb/samdb_privilege.c
source4/dynconfig.mk
source4/headermap.txt
source4/heimdal_build/asn1_deps.pl
source4/heimdal_build/config.mk
source4/kdc/config.mk
source4/kdc/hdb-ldb.c
source4/kdc/kdc.c
source4/kdc/kpasswdd.c
source4/ldap_server/config.mk
source4/ldap_server/ldap_backend.c
source4/ldap_server/ldap_bind.c
source4/ldap_server/ldap_server.c
source4/lib/appweb/config.mk
source4/lib/appweb/mpr/miniMpr.c
source4/lib/appweb/mpr/miniMpr.h
source4/lib/basic.mk
source4/lib/charset/config.mk
source4/lib/cmdline/config.mk
source4/lib/crypto/config.mk
source4/lib/crypto/sha1test.c
source4/lib/dbwrap/config.mk
source4/lib/events/Makefile.in [new file with mode: 0644]
source4/lib/events/autogen.sh [new file with mode: 0755]
source4/lib/events/config.mk
source4/lib/events/configure.ac [new file with mode: 0644]
source4/lib/events/events.c
source4/lib/events/events.i
source4/lib/events/events.mk [new file with mode: 0644]
source4/lib/events/events.pc.in [new file with mode: 0644]
source4/lib/events/events.py
source4/lib/events/events_epoll.c
source4/lib/events/events_select.c
source4/lib/events/events_signal.c
source4/lib/events/events_standard.c
source4/lib/events/events_timed.c
source4/lib/events/events_util.c [new file with mode: 0644]
source4/lib/events/events_util.h [new file with mode: 0644]
source4/lib/events/events_wrap.c
source4/lib/events/libevents.m4
source4/lib/events/tests.py
source4/lib/ldb-samba/config.mk
source4/lib/ldb/common/ldb_modules.c
source4/lib/ldb/config.mk
source4/lib/ldb/include/ldb_private.h
source4/lib/ldb/ldb.i
source4/lib/ldb/ldb.mk
source4/lib/ldb/ldb.py
source4/lib/ldb/ldb_ildap/config.mk
source4/lib/ldb/ldb_ildap/ldb_ildap.c
source4/lib/ldb/ldb_tdb/ldb_index.c
source4/lib/ldb/ldb_wrap.c
source4/lib/ldb/python.mk
source4/lib/ldb/tests/python/api.py
source4/lib/ldb/tests/python/ldap.py
source4/lib/ldb/tools/ad2oLschema.c
source4/lib/ldb/tools/config.mk
source4/lib/ldb_wrap.c
source4/lib/ldb_wrap.h
source4/lib/messaging/config.mk
source4/lib/messaging/messaging.c
source4/lib/messaging/tests/messaging.c
source4/lib/nss_wrapper/config.mk
source4/lib/policy/adm.h [deleted file]
source4/lib/policy/config.mk [deleted file]
source4/lib/policy/dumpadm.c [deleted file]
source4/lib/policy/lex.c [deleted file]
source4/lib/policy/lex.l [deleted file]
source4/lib/policy/parse_adm.c [deleted file]
source4/lib/policy/parse_adm.h [deleted file]
source4/lib/policy/parse_adm.y [deleted file]
source4/lib/popt/config.mk
source4/lib/registry/config.mk
source4/lib/registry/hive.c
source4/lib/registry/interface.c
source4/lib/registry/ldb.c
source4/lib/registry/local.c
source4/lib/registry/patchfile.c
source4/lib/registry/patchfile_dotreg.c
source4/lib/registry/patchfile_preg.c
source4/lib/registry/regf.c
source4/lib/registry/registry.h
source4/lib/registry/registry.i
source4/lib/registry/registry.py
source4/lib/registry/registry_wrap.c
source4/lib/registry/samba.c
source4/lib/registry/tests/bindings.py
source4/lib/registry/tests/diff.c
source4/lib/registry/tests/hive.c
source4/lib/registry/tests/registry.c
source4/lib/registry/tools/common.c
source4/lib/registry/tools/regdiff.c
source4/lib/registry/tools/regpatch.c
source4/lib/registry/tools/regshell.c
source4/lib/registry/tools/regtree.c
source4/lib/replace/README
source4/lib/replace/configure.ac
source4/lib/replace/getaddrinfo.m4 [deleted file]
source4/lib/replace/getifaddrs.m4 [deleted file]
source4/lib/replace/inet_aton.m4 [deleted file]
source4/lib/replace/inet_ntoa.m4 [deleted file]
source4/lib/replace/inet_ntop.m4 [deleted file]
source4/lib/replace/inet_pton.m4 [deleted file]
source4/lib/replace/libreplace.m4
source4/lib/replace/libreplace_cc.m4
source4/lib/replace/libreplace_ld.m4
source4/lib/replace/libreplace_network.m4 [new file with mode: 0644]
source4/lib/replace/replace.c
source4/lib/replace/replace.h
source4/lib/replace/samba.m4
source4/lib/replace/socket.m4 [deleted file]
source4/lib/replace/socketpair.m4 [deleted file]
source4/lib/replace/system/config.m4
source4/lib/replace/system/network.h
source4/lib/replace/system/time.h
source4/lib/replace/test/testsuite.c
source4/lib/samba3/config.mk
source4/lib/socket/config.m4
source4/lib/socket/config.mk
source4/lib/socket/testsuite.c
source4/lib/socket_wrapper/config.mk
source4/lib/stream/config.mk
source4/lib/talloc/config.mk
source4/lib/talloc/testsuite.c
source4/lib/tdb/common/traverse.c
source4/lib/tdb/config.mk
source4/lib/tdb/configure.ac
source4/lib/tdb/python.mk
source4/lib/tdb/python/tests/simple.py
source4/lib/tdb/tdb.i
source4/lib/tdb/tdb.mk
source4/lib/tdb/tdb.py
source4/lib/tdb/tdb_wrap.c
source4/lib/tdr/config.mk
source4/lib/tls/config.mk
source4/lib/torture/config.mk [new file with mode: 0644]
source4/lib/torture/torture.c [moved from source4/torture/ui.c with 97% similarity]
source4/lib/torture/torture.h [moved from source4/torture/ui.h with 96% similarity]
source4/lib/torture/torture.pc.in [moved from source4/torture/torture.pc.in with 100% similarity]
source4/lib/util/config.mk
source4/lib/util/tests/file.c
source4/lib/util/tests/str.c
source4/lib/util/time.c
source4/lib/util/time.h
source4/lib/util/util.h
source4/libcli/auth/config.mk
source4/libcli/cldap/cldap.c
source4/libcli/cldap/cldap.h
source4/libcli/cliconnect.c
source4/libcli/clifile.c
source4/libcli/composite/composite.c
source4/libcli/composite/composite.h
source4/libcli/config.mk
source4/libcli/dgram/dgramsocket.c
source4/libcli/dgram/libdgram.h
source4/libcli/dgram/netlogon.c
source4/libcli/dgram/ntlogon.c [deleted file]
source4/libcli/ldap/config.mk
source4/libcli/ldap/ldap_bind.c
source4/libcli/ldap/ldap_client.c
source4/libcli/ldap/ldap_ndr.h
source4/libcli/nbt/libnbt.h
source4/libcli/nbt/nbtsocket.c
source4/libcli/ndr_netlogon.c [new file with mode: 0644]
source4/libcli/netlogon.c [new file with mode: 0644]
source4/libcli/netlogon.h [new file with mode: 0644]
source4/libcli/raw/clisocket.c
source4/libcli/raw/clitree.c
source4/libcli/raw/interfaces.h
source4/libcli/raw/raweas.c
source4/libcli/raw/rawfile.c
source4/libcli/raw/rawfileinfo.c
source4/libcli/raw/rawrequest.c
source4/libcli/raw/rawtrans.c
source4/libcli/raw/smb.h
source4/libcli/resolve/host.c
source4/libcli/resolve/nbtlist.c
source4/libcli/resolve/resolve.c
source4/libcli/security/config.mk
source4/libcli/security/security.py
source4/libcli/security/security_wrap.c
source4/libcli/security/tests/bindings.py
source4/libcli/smb2/break.c [new file with mode: 0644]
source4/libcli/smb2/config.mk
source4/libcli/smb2/connect.c
source4/libcli/smb2/create.c
source4/libcli/smb2/find.c
source4/libcli/smb2/flush.c
source4/libcli/smb2/lock.c
source4/libcli/smb2/read.c
source4/libcli/smb2/request.c
source4/libcli/smb2/session.c
source4/libcli/smb2/smb2.h
source4/libcli/smb2/transport.c
source4/libcli/smb2/util.c [new file with mode: 0644]
source4/libcli/smb_composite/connect.c
source4/libcli/smb_composite/fetchfile.c
source4/libcli/smb_composite/fsinfo.c
source4/libcli/smb_composite/sesssetup.c
source4/libcli/smb_composite/smb2.c [new file with mode: 0644]
source4/libcli/smb_composite/smb_composite.h
source4/libcli/swig/libcli_nbt.py
source4/libcli/swig/libcli_nbt_wrap.c
source4/libcli/swig/libcli_smb.py
source4/libcli/swig/libcli_smb_wrap.c
source4/libcli/wbclient/config.mk
source4/libcli/wrepl/winsrepl.c
source4/libnet/config.mk
source4/libnet/libnet.c
source4/libnet/libnet.h
source4/libnet/libnet_become_dc.c
source4/libnet/libnet_join.c
source4/libnet/libnet_join.h
source4/libnet/libnet_samdump_keytab.c
source4/libnet/libnet_samsync.c [new file with mode: 0644]
source4/libnet/libnet_samsync.h [new file with mode: 0644]
source4/libnet/libnet_samsync_ldb.c
source4/libnet/libnet_site.c
source4/libnet/libnet_unbecome_dc.c
source4/libnet/libnet_user.c
source4/libnet/libnet_user.h
source4/libnet/libnet_vampire.c
source4/libnet/libnet_vampire.h
source4/libnet/net.i [deleted file]
source4/libnet/net.py [deleted file]
source4/libnet/net_wrap.c [deleted file]
source4/libnet/py_net.c [new file with mode: 0644]
source4/librpc/config.mk
source4/librpc/idl-deps.pl
source4/librpc/idl/audiosrv.idl
source4/librpc/idl/browser.idl
source4/librpc/idl/dcerpc.idl
source4/librpc/idl/dfs.idl
source4/librpc/idl/drsuapi.idl
source4/librpc/idl/dsbackup.idl
source4/librpc/idl/dssetup.idl
source4/librpc/idl/efs.idl
source4/librpc/idl/epmapper.idl
source4/librpc/idl/eventlog.idl
source4/librpc/idl/frsapi.idl
source4/librpc/idl/frsrpc.idl
source4/librpc/idl/lsa.idl
source4/librpc/idl/msgsvc.idl
source4/librpc/idl/nbt.idl
source4/librpc/idl/netlogon.idl
source4/librpc/idl/ntsvcs.idl
source4/librpc/idl/policyagent.idl
source4/librpc/idl/security.idl
source4/librpc/idl/spoolss.idl
source4/librpc/idl/srvsvc.idl
source4/librpc/idl/svcctl.idl
source4/librpc/idl/w32time.idl
source4/librpc/idl/winreg.idl
source4/librpc/idl/xattr.idl
source4/librpc/ndr/libndr.h
source4/librpc/ndr/ndr_basic.c
source4/librpc/ndr/ndr_sec_helper.c
source4/librpc/rpc/binding.c [new file with mode: 0644]
source4/librpc/rpc/dcerpc.c
source4/librpc/rpc/dcerpc.py
source4/librpc/rpc/dcerpc_connect.c
source4/librpc/rpc/dcerpc_smb2.c
source4/librpc/rpc/dcerpc_util.c
source4/librpc/rpc/dcerpc_wrap.c
source4/librpc/scripts/build_idl.sh [moved from source4/script/build_idl.sh with 51% similarity]
source4/main.mk
source4/nbt_server/config.mk
source4/nbt_server/dgram/netlogon.c
source4/nbt_server/dgram/request.c
source4/nbt_server/irpc.c
source4/nbt_server/nbt_server.c
source4/nbt_server/wins/winsdb.c
source4/nbt_server/wins/winsserver.c
source4/nsswitch/config.m4
source4/nsswitch/config.mk
source4/ntptr/config.mk
source4/ntptr/ntptr.h
source4/ntptr/ntptr_base.c
source4/ntptr/simple_ldb/ntptr_simple_ldb.c
source4/ntvfs/cifs/vfs_cifs.c
source4/ntvfs/common/config.mk
source4/ntvfs/common/notify.c
source4/ntvfs/config.mk
source4/ntvfs/ipc/ipc_rap.c
source4/ntvfs/ipc/rap_server.c
source4/ntvfs/ipc/vfs_ipc.c
source4/ntvfs/ntvfs_base.c
source4/ntvfs/ntvfs_generic.c
source4/ntvfs/posix/config.mk
source4/ntvfs/posix/pvfs_acl.c
source4/ntvfs/posix/pvfs_fileinfo.c
source4/ntvfs/posix/pvfs_open.c
source4/ntvfs/posix/pvfs_qfileinfo.c
source4/ntvfs/posix/pvfs_resolve.c
source4/ntvfs/posix/pvfs_setfileinfo.c
source4/ntvfs/posix/pvfs_streams.c
source4/ntvfs/posix/pvfs_xattr.c
source4/ntvfs/posix/vfs_posix.c
source4/ntvfs/posix/vfs_posix.h
source4/ntvfs/smb2/vfs_smb2.c [new file with mode: 0644]
source4/ntvfs/sysdep/config.mk
source4/ntvfs/sysdep/sys_lease.c
source4/ntvfs/sysdep/sys_notify.c
source4/ntvfs/unixuid/config.mk
source4/param/config.mk
source4/param/param.i
source4/param/param.py
source4/param/param_wrap.c
source4/param/provision.c [moved from source4/torture/util_provision.c with 78% similarity]
source4/param/provision.h [new file with mode: 0644]
source4/param/share.c
source4/param/share.h
source4/param/share_classic.c
source4/param/share_ldb.c
source4/param/tests/bindings.py
source4/param/tests/share.c
source4/pidl/TODO
source4/pidl/config.mk
source4/pidl/lib/Parse/Pidl/NDR.pm
source4/pidl/lib/Parse/Pidl/Samba3/ClientNDR.pm
source4/pidl/lib/Parse/Pidl/Samba4/NDR/Client.pm
source4/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
source4/pidl/lib/Parse/Pidl/Samba4/Python.pm
source4/pidl/tests/samba-ndr.pl
source4/pidl/tests/samba3-cli.pl
source4/rpc_server/common/server_info.c
source4/rpc_server/config.mk
source4/rpc_server/dcerpc_server.c
source4/rpc_server/drsuapi/dcesrv_drsuapi.c
source4/rpc_server/lsa/lsa_init.c
source4/rpc_server/lsa/lsa_lookup.c
source4/rpc_server/netlogon/dcerpc_netlogon.c
source4/rpc_server/samr/dcesrv_samr.c
source4/rpc_server/samr/samr_password.c
source4/rpc_server/service_rpc.c
source4/rpc_server/spoolss/dcesrv_spoolss.c
source4/rpc_server/srvsvc/dcesrv_srvsvc.c
source4/rpc_server/srvsvc/srvsvc_ntvfs.c
source4/rpc_server/winreg/rpc_winreg.c
source4/samba4-knownfail
source4/samba4-skip
source4/script/harness2subunit.pl
source4/script/installheader.pl
source4/scripting/bin/minschema.py
source4/scripting/bin/rpcclient
source4/scripting/bin/samba3dump
source4/scripting/bin/samr.py [new file with mode: 0755]
source4/scripting/bin/subunitrun
source4/scripting/bin/winreg.py
source4/scripting/ejs/config.mk
source4/scripting/ejs/ejsnet/config.mk
source4/scripting/ejs/ejsnet/net_ctx.c
source4/scripting/ejs/ejsnet/net_user.c
source4/scripting/ejs/smbcalls.c
source4/scripting/ejs/smbcalls_auth.c
source4/scripting/ejs/smbcalls_ldb.c
source4/scripting/ejs/smbcalls_nbt.c
source4/scripting/ejs/smbcalls_reg.c
source4/scripting/ejs/smbcalls_rpc.c
source4/scripting/libjs/provision.js [deleted file]
source4/scripting/libjs/samr.js [deleted file]
source4/scripting/libjs/winreg.js [deleted file]
source4/scripting/python/config.m4
source4/scripting/python/config.mk
source4/scripting/python/misc.i
source4/scripting/python/misc.py
source4/scripting/python/misc_wrap.c
source4/scripting/python/modules.c
source4/scripting/python/pyrpc.h
source4/scripting/python/pytalloc.c
source4/scripting/python/samba/__init__.py
source4/scripting/python/samba/getopt.py
source4/scripting/python/samba/idmap.py
source4/scripting/python/samba/provision.py
source4/scripting/python/samba/samba3.py
source4/scripting/python/samba/samdb.py
source4/scripting/python/samba/tests/__init__.py
source4/scripting/python/samba/tests/dcerpc/registry.py
source4/scripting/python/samba/tests/dcerpc/rpcecho.py
source4/scripting/python/samba/tests/dcerpc/sam.py
source4/scripting/python/samba/tests/dcerpc/unix.py [new file with mode: 0644]
source4/scripting/python/samba/tests/provision.py
source4/scripting/python/samba/tests/samdb.py
source4/scripting/python/samba/upgrade.py
source4/scripting/python/smbpython.c [deleted file]
source4/scripting/python/uuidmodule.c
source4/selftest/README
source4/selftest/Subunit.pm
source4/selftest/output/plain.pm
source4/selftest/samba4_tests.sh
source4/selftest/selftest.pl
source4/selftest/target/Samba4.pm
source4/setup/enableaccount [changed mode: 0644->0755]
source4/setup/idmap_init.ldif
source4/setup/krb5.conf [new file with mode: 0644]
source4/setup/named.conf
source4/setup/newuser
source4/setup/provision
source4/setup/provision-backend
source4/setup/provision-backend.js [deleted file]
source4/setup/provision.ldif
source4/setup/provision_basedn_modify.ldif
source4/setup/provision_configuration.ldif
source4/setup/provision_rootdse_add.ldif
source4/setup/provision_schema_basedn_modify.ldif
source4/setup/provision_self_join.ldif
source4/setup/secrets_dc.ldif
source4/setup/setpassword
source4/setup/tests/blackbox_newuser.sh [new file with mode: 0755]
source4/setup/tests/blackbox_provision.sh
source4/setup/tests/blackbox_setpassword.sh [new file with mode: 0755]
source4/setup/upgrade [moved from source4/setup/upgrade.py with 92% similarity]
source4/setup/vampire.py [deleted file]
source4/smb_server/blob.c
source4/smb_server/config.mk
source4/smb_server/smb/config.mk
source4/smb_server/smb/receive.c
source4/smb_server/smb/request.c
source4/smb_server/smb/sesssetup.c
source4/smb_server/smb2/config.mk
source4/smb_server/smb2/fileio.c
source4/smb_server/smb2/find.c
source4/smb_server/smb2/negprot.c
source4/smb_server/smb2/smb2_server.h
source4/smb_server/smb_server.c
source4/smbd/config.mk
source4/smbd/process_model.c
source4/smbd/process_model.mk
source4/smbd/server.c
source4/smbd/service_stream.c
source4/smbd/service_stream.h
source4/static_deps.mk
source4/torture/auth/ntlmssp.c
source4/torture/basic/base.c
source4/torture/basic/delaywrite.c
source4/torture/basic/locking.c
source4/torture/basic/misc.c
source4/torture/config.mk
source4/torture/gentest.c
source4/torture/gentest_smb2.c [new file with mode: 0644]
source4/torture/ldap/cldap.c
source4/torture/ldap/cldapbench.c
source4/torture/ldap/common.c
source4/torture/ldap/schema.c
source4/torture/ldap/uptodatevector.c
source4/torture/libnet/domain.c
source4/torture/libnet/libnet.c
source4/torture/libnet/libnet_BecomeDC.c
source4/torture/libnet/libnet_domain.c
source4/torture/libnet/libnet_group.c
source4/torture/libnet/libnet_lookup.c
source4/torture/libnet/libnet_rpc.c
source4/torture/libnet/libnet_share.c
source4/torture/libnet/libnet_user.c
source4/torture/local/config.mk
source4/torture/local/dbspeed.c
source4/torture/local/local.c
source4/torture/local/torture.c
source4/torture/locktest.c
source4/torture/locktest2.c
source4/torture/masktest.c
source4/torture/nbench/nbench.c
source4/torture/nbt/browse.c
source4/torture/nbt/dgram.c
source4/torture/nbt/nbt.c
source4/torture/nbt/query.c
source4/torture/nbt/register.c
source4/torture/nbt/wins.c
source4/torture/nbt/winsbench.c
source4/torture/nbt/winsreplication.c
source4/torture/ndr/ndr.c
source4/torture/ndr/netlogon.c
source4/torture/rap/rap.c
source4/torture/raw/composite.c
source4/torture/raw/lockbench.c
source4/torture/raw/lookuprate.c [new file with mode: 0644]
source4/torture/raw/offline.c
source4/torture/raw/open.c
source4/torture/raw/openbench.c
source4/torture/raw/oplock.c
source4/torture/raw/raw.c
source4/torture/raw/samba3hide.c
source4/torture/raw/samba3misc.c
source4/torture/raw/streams.c
source4/torture/raw/tconrate.c [new file with mode: 0644]
source4/torture/rpc/async_bind.c
source4/torture/rpc/dfs.c
source4/torture/rpc/dssync.c
source4/torture/rpc/join.c
source4/torture/rpc/rpc.c
source4/torture/rpc/rpc.h
source4/torture/rpc/samba3rpc.c
source4/torture/rpc/samlogon.c
source4/torture/rpc/samsync.c
source4/torture/rpc/schannel.c
source4/torture/rpc/session_key.c
source4/torture/rpc/spoolss_notify.c
source4/torture/rpc/spoolss_win.c
source4/torture/rpc/testjoin.c
source4/torture/smb2/config.mk
source4/torture/smb2/getinfo.c
source4/torture/smb2/lock.c
source4/torture/smb2/oplocks.c [new file with mode: 0644]
source4/torture/smb2/persistent_handles.c [new file with mode: 0644]
source4/torture/smb2/scan.c
source4/torture/smb2/smb2.c
source4/torture/smb2/util.c
source4/torture/smbtorture.c
source4/torture/smbtorture.h [moved from source4/torture/torture.h with 91% similarity]
source4/torture/torture.c
source4/torture/unix/unix.c
source4/torture/unix/unix_info2.c
source4/torture/unix/whoami.c
source4/torture/util.h
source4/torture/util_smb.c
source4/torture/winbind/config.mk
source4/torture/winbind/struct_based.c
source4/torture/winbind/winbind.c
source4/utils/config.mk
source4/utils/net/config.mk
source4/utils/net/net.c
source4/utils/net/net.h
source4/utils/net/net_join.c
source4/utils/net/net_password.c
source4/utils/net/net_time.c
source4/utils/net/net_user.c
source4/utils/net/net_vampire.c
source4/utils/nmblookup.c
source4/utils/ntlm_auth.c
source4/web_server/config.mk
source4/winbind/config.mk
source4/winbind/idmap.c
source4/winbind/idmap.h
source4/winbind/wb_async_helpers.c
source4/winbind/wb_cmd_getpwnam.c
source4/winbind/wb_cmd_getpwuid.c
source4/winbind/wb_cmd_list_trustdom.c
source4/winbind/wb_connect_lsa.c
source4/winbind/wb_init_domain.c
source4/winbind/wb_pam_auth.c
source4/winbind/wb_samba3_cmd.c
source4/winbind/wb_samba3_protocol.c
source4/winbind/wb_server.c
source4/winbind/wb_sids2xids.c
source4/winbind/wb_xids2sids.c
source4/wrepl_server/config.mk
source4/wrepl_server/wrepl_in_connection.c
source4/wrepl_server/wrepl_server.c
testdata/samba3/provision_samba3sam_templates.ldif
testprogs/blackbox/ndrdump/samr-CreateUser-in.dat [new file with mode: 0644]
testprogs/blackbox/ndrdump/samr-CreateUser-out.dat [new file with mode: 0644]
testprogs/blackbox/subunit.sh [new file with mode: 0755]
testprogs/blackbox/test_cifsdd.sh
testprogs/blackbox/test_gentest.sh
testprogs/blackbox/test_kinit.sh
testprogs/blackbox/test_ldb.sh
testprogs/blackbox/test_locktest.sh
testprogs/blackbox/test_masktest.sh
testprogs/blackbox/test_ndrdump.sh [new file with mode: 0755]
testprogs/blackbox/test_smbclient.sh
testprogs/blackbox/test_wbinfo.sh [new file with mode: 0755]
testprogs/ejs/echo.js [deleted file]
testprogs/ejs/loadparm.js [deleted file]
testprogs/ejs/resolveName.js [deleted file]
testprogs/ejs/samr.js [deleted file]

index 1ad2e2501f5458a96b8a91cd0e43fec48a9f80b1..1e574f00597ccd17a924c4ad28e0de31da73fc14 100644 (file)
@@ -22,7 +22,6 @@ source/heimdal/lib/des/hcrypto
 source/build/smb_build/config.pm
 source/auth/auth_proto.h
 source/auth/auth_sam.h
-source/auth/pam_errors.h
 source/auth/credentials/credentials_proto.h
 source/auth/gensec/gensec_proto.h
 source/auth/gensec/schannel_proto.h
@@ -195,3 +194,9 @@ source/apidocs
 source/mkconfig.mk
 source/data.mk
 source/librpc/idl-deps
+source/libcli/netlogon_proto.h
+source/libcli/ndr_netlogon_proto.h
+source/foo.tdb
+source/gentest_seeds.dat
+source/templates.ldb
+source/torture.tdb
index d128baa5bd47ca483ab3262b2ad1a2ce573cc259..ae9b0e284845e68f9150640c5ecbcd06f4c9cea2 100644 (file)
--- a/howto.txt
+++ b/howto.txt
@@ -27,7 +27,7 @@ There are 2 methods of doing this:
 
   method 1:  "rsync -avz samba.org::ftp/unpacked/samba_4_0_test/ samba4"
 
-  method 2:  "git clone git://git.samba.org/samba.git samba4; cd samba4; git checkout v4-0-test; cd .."
+  method 2:  "git clone git://git.samba.org/samba.git samba4; cd samba4 && git checkout -b v4-0-test origin/v4-0-test; cd .."
 
 both methods will create a directory called "samba4" in the current
 directory. If you don't have rsync or git then install one of them. 
index ab3ef47fed62f767a3c7762dcdb9c936fcf36d07..0ee36ec830d62d7f2f54ca2cc371bf08f90bb6aa 100644 (file)
@@ -4,6 +4,8 @@
 
 include mkconfig.mk
 
+pidldir := $(srcdir)/pidl
+
 VPATH = $(builddir):$(srcdir):heimdal_build:heimdal/lib/asn1:heimdal/lib/krb5:heimdal/lib/gssapi:heimdal/lib/hdb:heimdal/lib/roken:heimdal/lib/des
 
 BASEDIR = $(prefix)
@@ -19,16 +21,40 @@ BNLD_FLAGS = $(LDFLAGS) $(SYS_LDFLAGS)
 HOSTCC_FLAGS = -D_SAMBA_HOSTCC_ $(CFLAGS)
 HOSTLD_FLAGS = $(LDFLAGS) $(SYS_LDFLAGS)
 
+$(srcdir)/version.h: $(srcdir)/VERSION
+       @$(SHELL) script/mkversion.sh VERSION $(srcdir)/version.h $(srcdir)/
+
 .DEFAULT_GOAL := all
 
 ifneq ($(automatic_dependencies),yes)
-ALL_PREDEP = proto
+ALL_PREDEP = basics
 .NOTPARALLEL:
 endif
 
-include rules.mk
+regen_version::
+       @$(SHELL) script/mkversion.sh VERSION $(srcdir)/version.h $(srcdir)/
+
+clean_pch::
+       @echo "Removing precompiled headers"
+       @-rm -f include/includes.h.gch
+
+pch:: clean_pch include/includes.h.gch
+
+.DEFAULT_GOAL := all
+
+ifneq ($(automatic_dependencies),yes)
+ALL_PREDEP = basics
+.NOTPARALLEL:
+endif
+
+include build/make/rules.mk
+include build/make/python.mk
 include data.mk
 
+BINARIES += $(BIN_PROGS) $(SBIN_PROGS)
+
+pythonmods:: $(PYTHON_PYS) $(PYTHON_SO)
+
 DEP_FILES = $(patsubst %.ho,%.hd,$(patsubst %.o,%.d,$(ALL_OBJS))) \
                   include/includes.d
 
@@ -55,7 +81,7 @@ endif
 DEFAULT_HEADERS = $(srcdir)/lib/util/dlinklist.h \
                  $(srcdir)/version.h
 
-binaries::
+binaries:: $(BINARIES)
 libraries:: $(STATIC_LIBS) $(SHARED_LIBS)
 modules:: $(PLUGINS)
 headers:: $(PUBLIC_HEADERS) $(DEFAULT_HEADERS)
index 88675f36266252d4687fcfe3c5f1d11d519d5e89..1a7aa6d0e78c34394a575ec6a1b253db478039e0 100644 (file)
@@ -1,5 +1,5 @@
 # This file was automatically generated by SWIG (http://www.swig.org).
-# Version 1.3.33
+# Version 1.3.35
 #
 # Don't modify this file, modify the SWIG interface instead.
 
diff --git a/source4/auth/auth_server.c b/source4/auth/auth_server.c
deleted file mode 100644 (file)
index f200ad9..0000000
+++ /dev/null
@@ -1,377 +0,0 @@
-/* 
-   Unix SMB/CIFS implementation.
-   Authenticate to a remote server
-   Copyright (C) Andrew Tridgell 1992-1998
-   Copyright (C) Andrew Bartlett 2001
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3 of the License, or
-   (at your option) any later version.
-   
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-   
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-
-/****************************************************************************
- Support for server level security.
-****************************************************************************/
-
-static struct smbcli_state *server_cryptkey(TALLOC_CTX *mem_ctx, bool unicode, int maxprotocol, struct resolve_context *resolve_ctx)
-{
-       struct smbcli_state *cli = NULL;
-       fstring desthost;
-       struct in_addr dest_ip;
-       const char *p;
-       char *pserver;
-       bool connected_ok = false;
-
-       if (!(cli = smbcli_initialise(cli)))
-               return NULL;
-
-       /* security = server just can't function with spnego */
-       cli->use_spnego = false;
-
-        pserver = talloc_strdup(mem_ctx, lp_passwordserver());
-       p = pserver;
-
-        while(next_token( &p, desthost, LIST_SEP, sizeof(desthost))) {
-               strupper(desthost);
-
-               if(!resolve_name(resolve_ctx, desthost, &dest_ip, 0x20)) {
-                       DEBUG(1,("server_cryptkey: Can't resolve address for %s\n",desthost));
-                       continue;
-               }
-
-               if (ismyip(dest_ip)) {
-                       DEBUG(1,("Password server loop - disabling password server %s\n",desthost));
-                       continue;
-               }
-
-               /* we use a mutex to prevent two connections at once - when a 
-                  Win2k PDC get two connections where one hasn't completed a 
-                  session setup yet it will send a TCP reset to the first 
-                  connection (tridge) */
-
-               if (!grab_server_mutex(desthost)) {
-                       return NULL;
-               }
-
-               if (smbcli_connect(cli, desthost, &dest_ip)) {
-                       DEBUG(3,("connected to password server %s\n",desthost));
-                       connected_ok = true;
-                       break;
-               }
-       }
-
-       if (!connected_ok) {
-               release_server_mutex();
-               DEBUG(0,("password server not available\n"));
-               talloc_free(cli);
-               return NULL;
-       }
-       
-       if (!attempt_netbios_session_request(cli, lp_netbios_name(), 
-                                            desthost, &dest_ip)) {
-               release_server_mutex();
-               DEBUG(1,("password server fails session request\n"));
-               talloc_free(cli);
-               return NULL;
-       }
-       
-       if (strequal(desthost,myhostname(mem_ctx))) {
-               exit_server("Password server loop!");
-       }
-       
-       DEBUG(3,("got session\n"));
-
-       if (!smbcli_negprot(cli, unicode, maxprotocol)) {
-               DEBUG(1,("%s rejected the negprot\n",desthost));
-               release_server_mutex();
-               talloc_free(cli);
-               return NULL;
-       }
-
-       if (cli->protocol < PROTOCOL_LANMAN2 ||
-           !(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
-               DEBUG(1,("%s isn't in user level security mode\n",desthost));
-               release_server_mutex();
-               talloc_free(cli);
-               return NULL;
-       }
-
-       /* Get the first session setup done quickly, to avoid silly 
-          Win2k bugs.  (The next connection to the server will kill
-          this one... 
-       */
-
-       if (!smbcli_session_setup(cli, "", "", 0, "", 0,
-                              "")) {
-               DEBUG(0,("%s rejected the initial session setup (%s)\n",
-                        desthost, smbcli_errstr(cli)));
-               release_server_mutex();
-               talloc_free(cli);
-               return NULL;
-       }
-       
-       release_server_mutex();
-       
-       DEBUG(3,("password server OK\n"));
-       
-       return cli;
-}
-
-/****************************************************************************
- Clean up our allocated cli.
-****************************************************************************/
-
-static void free_server_private_data(void **private_data_pointer) 
-{
-       struct smbcli_state **cli = (struct smbcli_state **)private_data_pointer;
-       if (*cli && (*cli)->initialised) {
-               talloc_free(*cli);
-       }
-}
-
-/****************************************************************************
- Get the challenge out of a password server.
-****************************************************************************/
-
-static DATA_BLOB auth_get_challenge_server(const struct auth_context *auth_context,
-                                          void **my_private_data, 
-                                          TALLOC_CTX *mem_ctx)
-{
-       struct smbcli_state *cli = server_cryptkey(mem_ctx, lp_cli_maxprotocol(auth_context->lp_ctx));
-       
-       if (cli) {
-               DEBUG(3,("using password server validation\n"));
-
-               if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) {
-                       /* We can't work with unencrypted password servers
-                          unless 'encrypt passwords = no' */
-                       DEBUG(5,("make_auth_info_server: Server is unencrypted, no challenge available..\n"));
-                       
-                       /* However, it is still a perfectly fine connection
-                          to pass that unencrypted password over */
-                       *my_private_data = (void *)cli;
-                       return data_blob(NULL, 0);
-                       
-               } else if (cli->secblob.length < 8) {
-                       /* We can't do much if we don't get a full challenge */
-                       DEBUG(2,("make_auth_info_server: Didn't receive a full challenge from server\n"));
-                       talloc_free(cli);
-                       return data_blob(NULL, 0);
-               }
-
-               *my_private_data = (void *)cli;
-
-               /* The return must be allocated on the caller's mem_ctx, as our own will be
-                  destoyed just after the call. */
-               return data_blob_talloc(auth_context->mem_ctx, cli->secblob.data,8);
-       } else {
-               return data_blob(NULL, 0);
-       }
-}
-
-
-/****************************************************************************
- Check for a valid username and password in security=server mode.
-  - Validate a password with the password server.
-****************************************************************************/
-
-static NTSTATUS check_smbserver_security(const struct auth_context *auth_context,
-                                        void *my_private_data, 
-                                        TALLOC_CTX *mem_ctx,
-                                        const auth_usersupplied_info *user_info, 
-                                        auth_serversupplied_info **server_info)
-{
-       struct smbcli_state *cli;
-       static uint8_t badpass[24];
-       static fstring baduser; 
-       static bool tested_password_server = false;
-       static bool bad_password_server = false;
-       NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
-       bool locally_made_cli = false;
-
-       /* 
-        * Check that the requested domain is not our own machine name.
-        * If it is, we should never check the PDC here, we use our own local
-        * password file.
-        */
-
-       if (lp_is_myname(auth_context->lp_ctx, user_info->domain.str)) {
-               DEBUG(3,("check_smbserver_security: Requested domain was for this machine.\n"));
-               return NT_STATUS_LOGON_FAILURE;
-       }
-
-       cli = my_private_data;
-       
-       if (cli) {
-       } else {
-               cli = server_cryptkey(mem_ctx, lp_unicode(auth_context->lp_ctx), lp_cli_maxprotocol(auth_context->lp_ctx), lp_resolve_context(auth_context->lp_ctx));
-               locally_made_cli = true;
-       }
-
-       if (!cli || !cli->initialised) {
-               DEBUG(1,("password server is not connected (cli not initilised)\n"));
-               return NT_STATUS_LOGON_FAILURE;
-       }  
-       
-       if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) {
-               if (user_info->encrypted) {
-                       DEBUG(1,("password server %s is plaintext, but we are encrypted. This just can't work :-(\n", cli->desthost));
-                       return NT_STATUS_LOGON_FAILURE;         
-               }
-       } else {
-               if (memcmp(cli->secblob.data, auth_context->challenge.data, 8) != 0) {
-                       DEBUG(1,("the challenge that the password server (%s) supplied us is not the one we gave our client. This just can't work :-(\n", cli->desthost));
-                       return NT_STATUS_LOGON_FAILURE;         
-               }
-       }
-
-       if(badpass[0] == 0)
-               memset(badpass, 0x1f, sizeof(badpass));
-
-       if((user_info->nt_resp.length == sizeof(badpass)) && 
-          !memcmp(badpass, user_info->nt_resp.data, sizeof(badpass))) {
-               /* 
-                * Very unlikely, our random bad password is the same as the users
-                * password.
-                */
-               memset(badpass, badpass[0]+1, sizeof(badpass));
-       }
-
-       if(baduser[0] == 0) {
-               fstrcpy(baduser, INVALID_USER_PREFIX);
-               fstrcat(baduser, lp_netbios_name());
-       }
-
-       /*
-        * Attempt a session setup with a totally incorrect password.
-        * If this succeeds with the guest bit *NOT* set then the password
-        * server is broken and is not correctly setting the guest bit. We
-        * need to detect this as some versions of NT4.x are broken. JRA.
-        */
-
-       /* I sure as hell hope that there aren't servers out there that take 
-        * NTLMv2 and have this bug, as we don't test for that... 
-        *  - abartlet@samba.org
-        */
-
-       if ((!tested_password_server) && (lp_paranoid_server_security())) {
-               if (smbcli_session_setup(cli, baduser, (char *)badpass, sizeof(badpass), 
-                                       (char *)badpass, sizeof(badpass), user_info->domain.str)) {
-
-                       /*
-                        * We connected to the password server so we
-                        * can say we've tested it.
-                        */
-                       tested_password_server = true;
-
-                       if ((SVAL(cli->inbuf,smb_vwv2) & 1) == 0) {
-                               DEBUG(0,("server_validate: password server %s allows users as non-guest \
-with a bad password.\n", cli->desthost));
-                               DEBUG(0,("server_validate: This is broken (and insecure) behaviour. Please do not \
-use this machine as the password server.\n"));
-                               smbcli_ulogoff(cli);
-
-                               /*
-                                * Password server has the bug.
-                                */
-                               bad_password_server = true;
-                               return NT_STATUS_LOGON_FAILURE;
-                       }
-                       smbcli_ulogoff(cli);
-               }
-       } else {
-
-               /*
-                * We have already tested the password server.
-                * Fail immediately if it has the bug.
-                */
-
-               if(bad_password_server) {
-                       DEBUG(0,("server_validate: [1] password server %s allows users as non-guest \
-with a bad password.\n", cli->desthost));
-                       DEBUG(0,("server_validate: [1] This is broken (and insecure) behaviour. Please do not \
-use this machine as the password server.\n"));
-                       return NT_STATUS_LOGON_FAILURE;
-               }
-       }
-
-       /*
-        * Now we know the password server will correctly set the guest bit, or is
-        * not guest enabled, we can try with the real password.
-        */
-
-       if (!user_info->encrypted) {
-               /* Plaintext available */
-               if (!smbcli_session_setup(cli, user_info->smb_name.str, 
-                                      (char *)user_info->plaintext_password.data, 
-                                      user_info->plaintext_password.length, 
-                                      NULL, 0,
-                                      user_info->domain.str)) {
-                       DEBUG(1,("password server %s rejected the password\n", cli->desthost));
-                       /* Make this smbcli_nt_error() when the conversion is in */
-                       nt_status = smbcli_nt_error(cli);
-               } else {
-                       nt_status = NT_STATUS_OK;
-               }
-       } else {
-               if (!smbcli_session_setup(cli, user_info->smb_name.str, 
-                                      (char *)user_info->lm_resp.data, 
-                                      user_info->lm_resp.length, 
-                                      (char *)user_info->nt_resp.data, 
-                                      user_info->nt_resp.length, 
-                                      user_info->domain.str)) {
-                       DEBUG(1,("password server %s rejected the password\n", cli->desthost));
-                       /* Make this smbcli_nt_error() when the conversion is in */
-                       nt_status = smbcli_nt_error(cli);
-               } else {
-                       nt_status = NT_STATUS_OK;
-               }
-       }
-
-       /* if logged in as guest then reject */
-       if ((SVAL(cli->inbuf,smb_vwv2) & 1) != 0) {
-               DEBUG(1,("password server %s gave us guest only\n", cli->desthost));
-               nt_status = NT_STATUS_LOGON_FAILURE;
-       }
-
-       smbcli_ulogoff(cli);
-
-       if NT_STATUS_IS_OK(nt_status) {
-               struct passwd *pass = Get_Pwnam(user_info->internal_username.str);
-               if (pass) {
-                       nt_status = make_server_info_pw(auth_context, server_info, pass);
-               } else {
-                       nt_status = NT_STATUS_NO_SUCH_USER;
-               }
-       }
-
-       if (locally_made_cli) {
-               talloc_free(cli);
-       }
-
-       return(nt_status);
-}
-
-NTSTATUS auth_init_smbserver(struct auth_context *auth_context, const char* param, auth_methods **auth_method) 
-{
-       if (!make_auth_methods(auth_context, auth_method)) {
-               return NT_STATUS_NO_MEMORY;
-       }
-       (*auth_method)->name = "smbserver";
-       (*auth_method)->auth = check_smbserver_security;
-       (*auth_method)->get_chal = auth_get_challenge_server;
-       (*auth_method)->send_keepalive = send_server_keepalive;
-       (*auth_method)->free_private_data = free_server_private_data;
-       return NT_STATUS_OK;
-}
index af1827adc94e4161af21d8c511ca30c2a02983be..dea76ef87d26e93af15b3ddbc26e62e9cad253c2 100644 (file)
@@ -1,6 +1,6 @@
 /* ----------------------------------------------------------------------------
  * This file was automatically generated by SWIG (http://www.swig.org).
- * Version 1.3.33
+ * Version 1.3.35
  * 
  * This file is not intended to be easily readable and contains a number of 
  * coding conventions designed to improve portability and efficiency. Do not make
 
 /* This should only be incremented when either the layout of swig_type_info changes,
    or for whatever reason, the runtime changes incompatibly */
-#define SWIG_RUNTIME_VERSION "3"
+#define SWIG_RUNTIME_VERSION "4"
 
 /* define SWIG_TYPE_TABLE_NAME as "SWIG_TYPE_TABLE" */
 #ifdef SWIG_TYPE_TABLE
 
 /* Flags for pointer conversions */
 #define SWIG_POINTER_DISOWN        0x1
+#define SWIG_CAST_NEW_MEMORY       0x2
 
 /* Flags for new pointer objects */
 #define SWIG_POINTER_OWN           0x1
@@ -301,10 +302,10 @@ SWIGINTERNINLINE int SWIG_CheckState(int r) {
 extern "C" {
 #endif
 
-typedef void *(*swig_converter_func)(void *);
+typedef void *(*swig_converter_func)(void *, int *);
 typedef struct swig_type_info *(*swig_dycast_func)(void **);
 
-/* Structure to store inforomation on one type */
+/* Structure to store information on one type */
 typedef struct swig_type_info {
   const char             *name;                        /* mangled name of this type */
   const char             *str;                 /* human readable name of this type */
@@ -431,8 +432,8 @@ SWIG_TypeCheckStruct(swig_type_info *from, swig_type_info *into) {
   Cast a pointer up an inheritance hierarchy
 */
 SWIGRUNTIMEINLINE void *
-SWIG_TypeCast(swig_cast_info *ty, void *ptr) {
-  return ((!ty) || (!ty->converter)) ? ptr : (*ty->converter)(ptr);
+SWIG_TypeCast(swig_cast_info *ty, void *ptr, int *newmemory) {
+  return ((!ty) || (!ty->converter)) ? ptr : (*ty->converter)(ptr, newmemory);
 }
 
 /* 
@@ -856,7 +857,7 @@ SWIG_Python_AddErrorMsg(const char* mesg)
     Py_DECREF(old_str);
     Py_DECREF(value);
   } else {
-    PyErr_Format(PyExc_RuntimeError, mesg);
+    PyErr_SetString(PyExc_RuntimeError, mesg);
   }
 }
 
@@ -1416,7 +1417,7 @@ PySwigObject_dealloc(PyObject *v)
 {
   PySwigObject *sobj = (PySwigObject *) v;
   PyObject *next = sobj->next;
-  if (sobj->own) {
+  if (sobj->own == SWIG_POINTER_OWN) {
     swig_type_info *ty = sobj->ty;
     PySwigClientData *data = ty ? (PySwigClientData *) ty->clientdata : 0;
     PyObject *destroy = data ? data->destroy : 0;
@@ -1434,12 +1435,13 @@ PySwigObject_dealloc(PyObject *v)
        res = ((*meth)(mself, v));
       }
       Py_XDECREF(res);
-    } else {
-      const char *name = SWIG_TypePrettyName(ty);
+    } 
 #if !defined(SWIG_PYTHON_SILENT_MEMLEAK)
-      printf("swig/python detected a memory leak of type '%s', no destructor found.\n", name);
-#endif
+    else {
+      const char *name = SWIG_TypePrettyName(ty);
+      printf("swig/python detected a memory leak of type '%s', no destructor found.\n", (name ? name : "unknown"));
     }
+#endif
   } 
   Py_XDECREF(next);
   PyObject_DEL(v);
@@ -1944,7 +1946,7 @@ SWIG_Python_GetSwigThis(PyObject *pyobj)
 
 SWIGRUNTIME int
 SWIG_Python_AcquirePtr(PyObject *obj, int own) {
-  if (own) {
+  if (own == SWIG_POINTER_OWN) {
     PySwigObject *sobj = SWIG_Python_GetSwigThis(obj);
     if (sobj) {
       int oldown = sobj->own;
@@ -1965,6 +1967,8 @@ SWIG_Python_ConvertPtrAndOwn(PyObject *obj, void **ptr, swig_type_info *ty, int
     return SWIG_OK;
   } else {
     PySwigObject *sobj = SWIG_Python_GetSwigThis(obj);
+    if (own)
+      *own = 0;
     while (sobj) {
       void *vptr = sobj->ptr;
       if (ty) {
@@ -1978,7 +1982,15 @@ SWIG_Python_ConvertPtrAndOwn(PyObject *obj, void **ptr, swig_type_info *ty, int
          if (!tc) {
            sobj = (PySwigObject *)sobj->next;
          } else {
-           if (ptr) *ptr = SWIG_TypeCast(tc,vptr);
+           if (ptr) {
+              int newmemory = 0;
+              *ptr = SWIG_TypeCast(tc,vptr,&newmemory);
+              if (newmemory == SWIG_CAST_NEW_MEMORY) {
+                assert(own);
+                if (own)
+                  *own = *own | SWIG_CAST_NEW_MEMORY;
+              }
+            }
            break;
          }
        }
@@ -1988,7 +2000,8 @@ SWIG_Python_ConvertPtrAndOwn(PyObject *obj, void **ptr, swig_type_info *ty, int
       }
     }
     if (sobj) {
-      if (own) *own = sobj->own;
+      if (own)
+        *own = *own | sobj->own;
       if (flags & SWIG_POINTER_DISOWN) {
        sobj->own = 0;
       }
@@ -2053,8 +2066,13 @@ SWIG_Python_ConvertFunctionPtr(PyObject *obj, void **ptr, swig_type_info *ty) {
     }
     if (ty) {
       swig_cast_info *tc = SWIG_TypeCheck(desc,ty);
-      if (!tc) return SWIG_ERROR;
-      *ptr = SWIG_TypeCast(tc,vptr);
+      if (tc) {
+        int newmemory = 0;
+        *ptr = SWIG_TypeCast(tc,vptr,&newmemory);
+        assert(!newmemory); /* newmemory handling not yet implemented */
+      } else {
+        return SWIG_ERROR;
+      }
     } else {
       *ptr = vptr;
     }
@@ -2505,7 +2523,7 @@ static swig_module_info swig_module = {swig_types, 16, 0, 0, 0, 0};
 
 #define SWIG_name    "_auth"
 
-#define SWIGVERSION 0x010333 
+#define SWIGVERSION 0x010335 
 #define SWIG_VERSION SWIGVERSION
 
 
@@ -2733,7 +2751,7 @@ SWIGRUNTIME void
 SWIG_InitializeModule(void *clientdata) {
   size_t i;
   swig_module_info *module_head, *iter;
-  int found;
+  int found, init;
   
   clientdata = clientdata;
   
@@ -2743,6 +2761,9 @@ SWIG_InitializeModule(void *clientdata) {
     swig_module.type_initial = swig_type_initial;
     swig_module.cast_initial = swig_cast_initial;
     swig_module.next = &swig_module;
+    init = 1;
+  } else {
+    init = 0;
   }
   
   /* Try and load any already created modules */
@@ -2771,6 +2792,12 @@ SWIG_InitializeModule(void *clientdata) {
     module_head->next = &swig_module;
   }
   
+  /* When multiple interpeters are used, a module could have already been initialized in
+       a different interpreter, but not yet have a pointer in this interpreter.
+       In this case, we do not want to continue adding types... everything should be
+       set up already */
+  if (init == 0) return;
+  
   /* Now work on filling in swig_module.types */
 #ifdef SWIGRUNTIME_DEBUG
   printf("SWIG_InitializeModule: size %d\n", swig_module.size);
index 63aec098472fb7c62ce34725df802ca32afc6c72..f13c2e5758993e283b6330899a62084ddd5da129 100644 (file)
 # auth server subsystem
+gensecsrcdir := $(authsrcdir)/gensec
 mkinclude gensec/config.mk
 mkinclude kerberos/config.mk
 mkinclude ntlmssp/config.mk
+mkinclude ntlm/config.mk
 mkinclude credentials/config.mk
 
 [SUBSYSTEM::auth_session]
-OBJ_FILES = session.o
-PRIVATE_PROTO_HEADER = session_proto.h
 PUBLIC_DEPENDENCIES = CREDENTIALS
 
-# PUBLIC_HEADERS += auth/session.h
+PUBLIC_HEADERS += $(authsrcdir)/session.h
+
+auth_session_OBJ_FILES = $(addprefix $(authsrcdir)/, session.o)
+
+$(eval $(call proto_header_template,$(authsrcdir)/session_proto.h,$(auth_session_OBJ_FILES:.o=.c)))
 
 [SUBSYSTEM::auth_system_session]
-OBJ_FILES = system_session.o
-PRIVATE_PROTO_HEADER = system_session_proto.h
 PUBLIC_DEPENDENCIES = CREDENTIALS
 PRIVATE_DEPENDENCIES = auth_session LIBSAMBA-UTIL LIBSECURITY 
 
+auth_system_session_OBJ_FILES = $(addprefix $(authsrcdir)/, system_session.o)
+$(eval $(call proto_header_template,$(authsrcdir)/system_session_proto.h,$(auth_system_session_OBJ_FILES:.o=.c)))
+
 [SUBSYSTEM::auth_sam]
-PRIVATE_PROTO_HEADER = auth_sam.h
-OBJ_FILES = sam.o ntlm_check.o 
 PUBLIC_DEPENDENCIES = SAMDB UTIL_LDB LIBSECURITY
 PRIVATE_DEPENDENCIES = LDAP_ENCODE
 
+auth_sam_OBJ_FILES = $(addprefix $(authsrcdir)/, sam.o)
+
+$(eval $(call proto_header_template,$(authsrcdir)/auth_sam.h,$(auth_sam_OBJ_FILES:.o=.c)))
+
 [SUBSYSTEM::auth_sam_reply]
-PRIVATE_PROTO_HEADER = auth_sam_reply.h
-OBJ_FILES = auth_sam_reply.o
-
-#######################
-# Start MODULE auth_sam
-[MODULE::auth_sam_module]
-# gensec_krb5 and gensec_gssapi depend on it
-INIT_FUNCTION = auth_sam_init
-SUBSYSTEM = auth
-OBJ_FILES = auth_sam.o
-PRIVATE_DEPENDENCIES = \
-               SAMDB auth_sam
-# End MODULE auth_sam
-#######################
-
-#######################
-# Start MODULE auth_anonymous
-[MODULE::auth_anonymous]
-INIT_FUNCTION = auth_anonymous_init
-SUBSYSTEM = auth
-OBJ_FILES = auth_anonymous.o
-# End MODULE auth_anonymous
-#######################
-
-#######################
-# Start MODULE auth_winbind
-[MODULE::auth_winbind]
-INIT_FUNCTION = auth_winbind_init
-SUBSYSTEM = auth
-OBJ_FILES = auth_winbind.o
-PRIVATE_DEPENDENCIES = NDR_WINBIND MESSAGING LIBWINBIND-CLIENT
-# End MODULE auth_winbind
-#######################
-
-#######################
-# Start MODULE auth_developer
-[MODULE::auth_developer]
-INIT_FUNCTION = auth_developer_init
-SUBSYSTEM = auth
-OBJ_FILES = auth_developer.o
-# End MODULE auth_developer
-#######################
-
-[MODULE::auth_unix]
-INIT_FUNCTION = auth_unix_init
-SUBSYSTEM = auth
-OBJ_FILES = auth_unix.o
-PRIVATE_DEPENDENCIES = CRYPT PAM PAM_ERRORS NSS_WRAPPER
-
-[SUBSYSTEM::PAM_ERRORS]
-PRIVATE_PROTO_HEADER = pam_errors.h
-OBJ_FILES = pam_errors.o
-
-#######################
-# Start SUBSYSTEM auth
-[SUBSYSTEM::auth]
-#VERSION = 0.0.1
-#SO_VERSION = 0
-PRIVATE_PROTO_HEADER = auth_proto.h
-OBJ_FILES = \
-               auth.o \
-               auth_util.o \
-               auth_simple.o
-PUBLIC_DEPENDENCIES = LIBSECURITY SAMDB CREDENTIALS
-PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL
-# End SUBSYSTEM auth
-#######################
-
-# PUBLIC_HEADERS += auth/auth.h
+
+auth_sam_reply_OBJ_FILES = $(addprefix $(authsrcdir)/, auth_sam_reply.o)
+
+$(eval $(call proto_header_template,$(authsrcdir)/auth_sam_reply.h,$(auth_sam_reply_OBJ_FILES:.o=.c)))
 
 [PYTHON::swig_auth]
+LIBRARY_REALNAME = samba/_auth.$(SHLIBEXT)
 PUBLIC_DEPENDENCIES = auth_system_session
 PRIVATE_DEPENDENCIES = SAMDB 
-SWIG_FILE = auth.i
+
+$(eval $(call python_py_module_template,samba/auth.py,$(authsrcdir)/auth.py))
+
+swig_auth_OBJ_FILES = $(authsrcdir)/auth_wrap.o
+
+$(swig_auth_OBJ_FILES): CFLAGS+=$(CFLAG_NO_UNUSED_MACROS) $(CFLAG_NO_CAST_QUAL)
index 83f2f0db93a235c644f21d1d15552d2dddde0e58..2eeeec20ecf7eebf68ad92dd9305b5a0667dfede 100644 (file)
@@ -1,19 +1,24 @@
 #################################
 # Start SUBSYSTEM CREDENTIALS
 [SUBSYSTEM::CREDENTIALS]
-PRIVATE_PROTO_HEADER = credentials_proto.h
-OBJ_FILES = credentials.o \
-               credentials_files.o \
-               credentials_ntlm.o \
-               credentials_krb5.o \
-               ../kerberos/kerberos_util.o
 PUBLIC_DEPENDENCIES = \
                LIBCLI_AUTH SECRETS LIBCRYPTO KERBEROS UTIL_LDB HEIMDAL_GSSAPI 
 PRIVATE_DEPENDENCIES = \
                SECRETS
 
-PUBLIC_HEADERS += auth/credentials/credentials.h
+
+CREDENTIALS_OBJ_FILES = $(addprefix $(authsrcdir)/credentials/, credentials.o credentials_files.o credentials_ntlm.o credentials_krb5.o ../kerberos/kerberos_util.o)
+
+$(eval $(call proto_header_template,$(authsrcdir)/credentials/credentials_proto.h,$(CREDENTIALS_OBJ_FILES:.o=.c)))
+
+PUBLIC_HEADERS += $(authsrcdir)/credentials/credentials.h
 
 [PYTHON::swig_credentials]
+LIBRARY_REALNAME = samba/_credentials.$(SHLIBEXT)
 PUBLIC_DEPENDENCIES = CREDENTIALS LIBCMDLINE_CREDENTIALS
-SWIG_FILE = credentials.i
+
+$(eval $(call python_py_module_template,samba/credentials.py,$(authsrcdir)/credentials/credentials.py))
+
+swig_credentials_OBJ_FILES = $(authsrcdir)/credentials/credentials_wrap.o
+
+$(swig_credentials_OBJ_FILES): CFLAGS+=$(CFLAG_NO_UNUSED_MACROS) $(CFLAG_NO_CAST_QUAL)
index 89dddc9e0585408dde0bfa412030e68ebb363ad3..adabe49cb4f3a42a8d6bf72f601d1054fb8dd06d 100644 (file)
@@ -65,7 +65,6 @@ _PUBLIC_ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
 
        cred->tries = 3;
        cred->callback_running = false;
-       cred->ev = NULL;
 
        cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS);
        cli_credentials_set_gensec_features(cred, 0);
@@ -307,6 +306,8 @@ _PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred,
                cli_credentials_invalidate_ccache(cred, cred->password_obtained);
 
                cred->nt_hash = NULL;
+               cred->lm_response = data_blob(NULL, 0);
+               cred->nt_response = data_blob(NULL, 0);
                return true;
        }
 
@@ -377,24 +378,6 @@ _PUBLIC_ const struct samr_Password *cli_credentials_get_nt_hash(struct cli_cred
        }
 }
 
-_PUBLIC_ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
-                                const struct samr_Password *nt_hash, 
-                                enum credentials_obtained obtained)
-{
-       if (obtained >= cred->password_obtained) {
-               cli_credentials_set_password(cred, NULL, obtained);
-               if (nt_hash) {
-                       cred->nt_hash = talloc(cred, struct samr_Password);
-                       *cred->nt_hash = *nt_hash;
-               } else {
-                       cred->nt_hash = NULL;
-               }
-               return true;
-       }
-
-       return false;
-}
-
 /**
  * Obtain the 'short' or 'NetBIOS' domain for this credentials context.
  * @param cred credentials context
@@ -675,7 +658,7 @@ _PUBLIC_ void cli_credentials_guess(struct cli_credentials *cred,
        }
        
        if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
-               cli_credentials_set_ccache(cred, lp_ctx, NULL, CRED_GUESS_FILE);
+               cli_credentials_set_ccache(cred, event_context_find(cred), lp_ctx, NULL, CRED_GUESS_FILE);
        }
 }
 
@@ -775,22 +758,3 @@ _PUBLIC_ bool cli_credentials_wrong_password(struct cli_credentials *cred)
 
        return (cred->tries > 0);
 }
-
-/*
-  set the common event context for this set of credentials
- */
-_PUBLIC_ void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev)
-{
-       cred->ev = ev;
-}
-
-/*
-  set the common event context for this set of credentials
- */
-_PUBLIC_ struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred)
-{
-       if (cred->ev == NULL) {
-               cred->ev = event_context_find(cred);
-       }
-       return cred->ev;
-}
index afcb300638388d19f43f5047e7bbb7fee9a8aa6a..79c50ae5afff236b4df2546f5f0b44e063409ecb 100644 (file)
@@ -26,6 +26,7 @@
 #include "librpc/gen_ndr/misc.h"
 
 struct ccache_container;
+struct event_context;
 
 /* In order of priority */
 enum credentials_obtained { 
@@ -79,8 +80,13 @@ struct cli_credentials {
 
        const char *bind_dn;
 
+       /* Allows authentication from a keytab or similar */
        struct samr_Password *nt_hash;
 
+       /* Allows NTLM pass-though authentication */
+       DATA_BLOB lm_response;
+       DATA_BLOB nt_response;
+
        struct ccache_container *ccache;
        struct gssapi_creds_container *client_gss_creds;
        struct keytab_container *keytab;
@@ -121,9 +127,6 @@ struct cli_credentials {
 
        /* Whether any callback is currently running */
        bool callback_running;
-
-       /* an event context for anyone wanting to use the credentials */
-       struct event_context *ev;
 };
 
 struct ldb_context;
@@ -152,12 +155,15 @@ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_
 const char *cli_credentials_get_realm(struct cli_credentials *cred);
 const char *cli_credentials_get_username(struct cli_credentials *cred);
 int cli_credentials_get_krb5_context(struct cli_credentials *cred, 
+                                    struct event_context *event_ctx,
                                     struct loadparm_context *lp_ctx,
                                     struct smb_krb5_context **smb_krb5_context);
 int cli_credentials_get_ccache(struct cli_credentials *cred, 
+                              struct event_context *event_ctx,
                               struct loadparm_context *lp_ctx,
                               struct ccache_container **ccc);
 int cli_credentials_get_keytab(struct cli_credentials *cred, 
+                              struct event_context *event_ctx,
                               struct loadparm_context *lp_ctx,
                               struct keytab_container **_ktc);
 const char *cli_credentials_get_domain(struct cli_credentials *cred);
@@ -168,15 +174,15 @@ void cli_credentials_set_conf(struct cli_credentials *cred,
                              struct loadparm_context *lp_ctx);
 const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx);
 int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, 
+                                        struct event_context *event_ctx,
                                         struct loadparm_context *lp_ctx,
                                         struct gssapi_creds_container **_gcc);
 int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, 
+                                        struct event_context *event_ctx,
                                         struct loadparm_context *lp_ctx,
                                         struct gssapi_creds_container **_gcc);
-void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev);
 void cli_credentials_set_kerberos_state(struct cli_credentials *creds, 
                                        enum credentials_use_kerberos use_kerberos);
-struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred);
 bool cli_credentials_set_domain(struct cli_credentials *cred, 
                                const char *val, 
                                enum credentials_obtained obtained);
@@ -199,6 +205,7 @@ void cli_credentials_set_netlogon_creds(struct cli_credentials *cred,
 NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred, 
                                          struct smb_krb5_context *smb_krb5_context);
 NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+                                             struct event_context *event_ctx,
                                              struct loadparm_context *lp_ctx,
                                              const char *serviceprincipal);
 NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
@@ -219,15 +226,22 @@ void cli_credentials_set_kvno(struct cli_credentials *cred,
 bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
                                 const struct samr_Password *nt_hash, 
                                 enum credentials_obtained obtained);
+bool cli_credentials_set_ntlm_response(struct cli_credentials *cred,
+                                      const DATA_BLOB *lm_response, 
+                                      const DATA_BLOB *nt_response, 
+                                      enum credentials_obtained obtained);
 int cli_credentials_set_keytab_name(struct cli_credentials *cred, 
+                                   struct event_context *event_ctx,
                                    struct loadparm_context *lp_ctx,
                                    const char *keytab_name, 
                                    enum credentials_obtained obtained);
 int cli_credentials_update_keytab(struct cli_credentials *cred, 
+                                 struct event_context *event_ctx,
                                  struct loadparm_context *lp_ctx);
 void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features);
 uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds);
 int cli_credentials_set_ccache(struct cli_credentials *cred, 
+                              struct event_context *event_ctx,
                               struct loadparm_context *lp_ctx,
                               const char *name, 
                               enum credentials_obtained obtained);
@@ -239,6 +253,7 @@ void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
 void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal);
 enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds);
 NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, 
+                                    struct event_context *event_ctx,
                                     struct loadparm_context *lp_ctx,
                                     struct ldb_context *ldb,
                                     const char *base,
index 0a604cf0020364c2108e4c8444d24a37bd9cb6dd..89eb4924b307a519b647813682172d9eebdae2e1 100644 (file)
@@ -59,42 +59,61 @@ typedef struct cli_credentials {
             return cli_credentials_init(NULL);
         }
         /* username */
+        %feature("docstring") get_username "S.get_username() -> username\nObtain username.";
         const char *get_username(void);
+        %feature("docstring") set_username "S.set_username(name, obtained=CRED_SPECIFIED) -> None\nChange username.";
         bool set_username(const char *value, 
-                          enum credentials_obtained=CRED_SPECIFIED);
+                          enum credentials_obtained obtained=CRED_SPECIFIED);
 
         /* password */
+        %feature("docstring") get_password "S.get_password() -> password\n" \
+                                           "Obtain password.";
         const char *get_password(void);
+        %feature("docstring") set_password "S.set_password(password, obtained=CRED_SPECIFIED) -> None\n" \
+                                           "Change password.";
         bool set_password(const char *val, 
-                          enum credentials_obtained=CRED_SPECIFIED);
+                          enum credentials_obtained obtained=CRED_SPECIFIED);
 
         /* domain */
+        %feature("docstring") get_password "S.get_domain() -> domain\nObtain domain name.";
         const char *get_domain(void);
+        %feature("docstring") set_domain "S.set_domain(domain, obtained=CRED_SPECIFIED) -> None\n" \
+                                         "Change domain name.";
         bool set_domain(const char *val, 
-                        enum credentials_obtained=CRED_SPECIFIED);
+                        enum credentials_obtained obtained=CRED_SPECIFIED);
 
         /* realm */
+        %feature("docstring") get_realm "S.get_realm() -> realm\nObtain realm name.";
         const char *get_realm(void);
+        %feature("docstring") set_realm "S.set_realm(realm, obtained=CRED_SPECIFIED) -> None\n" \
+                                        "Change realm name.";
         bool set_realm(const char *val, 
-                       enum credentials_obtained=CRED_SPECIFIED);
+                       enum credentials_obtained obtained=CRED_SPECIFIED);
 
-       /* Kerberos */
+        /* Kerberos */
         void set_kerberos_state(enum credentials_use_kerberos use_kerberos);
 
+        %feature("docstring") parse_string "S.parse_string(text, obtained=CRED_SPECIFIED) -> None\n" \
+                                           "Parse credentials string.";
         void parse_string(const char *text,
-                         enum credentials_obtained=CRED_SPECIFIED);
+                          enum credentials_obtained obtained=CRED_SPECIFIED);
 
         /* bind dn */
+        %feature("docstring") get_bind_dn "S.get_bind_dn() -> bind dn\nObtain bind DN.";
         const char *get_bind_dn(void);
+        %feature("docstring") set_bind_dn "S.set_bind_dn(bind_dn) -> None\nChange bind DN.";
         bool set_bind_dn(const char *bind_dn);
 
-       void set_anonymous();
+        %feature("docstring") set_anonymous "S.set_anonymous() -> None\nUse anonymous credentials.";
+        void set_anonymous();
 
         /* workstation name */
         const char *get_workstation(void);
         bool set_workstation(const char *workstation, 
                              enum credentials_obtained obtained=CRED_SPECIFIED);
 
+        NTSTATUS set_machine_account(struct loadparm_context *lp_ctx);
+
         void guess(struct loadparm_context *lp_ctx);
         bool is_anonymous(void);
 
@@ -102,8 +121,10 @@ typedef struct cli_credentials {
 
         bool authentication_requested(void);
 
+        %feature("docstring") wrong_password "S.wrong_password() -> bool\nIndicate the returned password was incorrect.";
         bool wrong_password(void);
 
+        %feature("docstring") set_cmdline_callbacks "S.set_cmdline_callbacks() -> bool\nUse command-line to obtain credentials not explicitly set.";
         bool set_cmdline_callbacks();
     }
 } cli_credentials;
index 2b40fbeeadfd074fbdbab8535115ae058013864d..fd00a8e6f0876fc6f7145452586150c1c8b9d452 100644 (file)
@@ -1,5 +1,5 @@
 # This file was automatically generated by SWIG (http://www.swig.org).
-# Version 1.3.33
+# Version 1.3.35
 #
 # Don't modify this file, modify the SWIG interface instead.
 
@@ -66,6 +66,97 @@ class Credentials(object):
     __repr__ = _swig_repr
     def __init__(self, *args, **kwargs): 
         _credentials.Credentials_swiginit(self,_credentials.new_Credentials(*args, **kwargs))
+    def get_username(*args, **kwargs):
+        """
+        S.get_username() -> username
+        Obtain username.
+        """
+        return _credentials.Credentials_get_username(*args, **kwargs)
+
+    def set_username(*args, **kwargs):
+        """
+        S.set_username(name, obtained=CRED_SPECIFIED) -> None
+        Change username.
+        """
+        return _credentials.Credentials_set_username(*args, **kwargs)
+
+    def get_password(*args, **kwargs):
+        """
+        S.get_password() -> password
+        Obtain password.
+        """
+        return _credentials.Credentials_get_password(*args, **kwargs)
+
+    def set_password(*args, **kwargs):
+        """
+        S.set_password(password, obtained=CRED_SPECIFIED) -> None
+        Change password.
+        """
+        return _credentials.Credentials_set_password(*args, **kwargs)
+
+    def set_domain(*args, **kwargs):
+        """
+        S.set_domain(domain, obtained=CRED_SPECIFIED) -> None
+        Change domain name.
+        """
+        return _credentials.Credentials_set_domain(*args, **kwargs)
+
+    def get_realm(*args, **kwargs):
+        """
+        S.get_realm() -> realm
+        Obtain realm name.
+        """
+        return _credentials.Credentials_get_realm(*args, **kwargs)
+
+    def set_realm(*args, **kwargs):
+        """
+        S.set_realm(realm, obtained=CRED_SPECIFIED) -> None
+        Change realm name.
+        """
+        return _credentials.Credentials_set_realm(*args, **kwargs)
+
+    def parse_string(*args, **kwargs):
+        """
+        S.parse_string(text, obtained=CRED_SPECIFIED) -> None
+        Parse credentials string.
+        """
+        return _credentials.Credentials_parse_string(*args, **kwargs)
+
+    def get_bind_dn(*args, **kwargs):
+        """
+        S.get_bind_dn() -> bind dn
+        Obtain bind DN.
+        """
+        return _credentials.Credentials_get_bind_dn(*args, **kwargs)
+
+    def set_bind_dn(*args, **kwargs):
+        """
+        S.set_bind_dn(bind_dn) -> None
+        Change bind DN.
+        """
+        return _credentials.Credentials_set_bind_dn(*args, **kwargs)
+
+    def set_anonymous(*args, **kwargs):
+        """
+        S.set_anonymous() -> None
+        Use anonymous credentials.
+        """
+        return _credentials.Credentials_set_anonymous(*args, **kwargs)
+
+    def wrong_password(*args, **kwargs):
+        """
+        S.wrong_password() -> bool
+        Indicate the returned password was incorrect.
+        """
+        return _credentials.Credentials_wrong_password(*args, **kwargs)
+
+    def set_cmdline_callbacks(*args, **kwargs):
+        """
+        S.set_cmdline_callbacks() -> bool
+        Use command-line to obtain credentials not explicitly set.
+        """
+        return _credentials.Credentials_set_cmdline_callbacks(*args, **kwargs)
+
     __swig_destroy__ = _credentials.delete_Credentials
 Credentials.get_username = new_instancemethod(_credentials.Credentials_get_username,None,Credentials)
 Credentials.set_username = new_instancemethod(_credentials.Credentials_set_username,None,Credentials)
@@ -82,6 +173,7 @@ Credentials.set_bind_dn = new_instancemethod(_credentials.Credentials_set_bind_d
 Credentials.set_anonymous = new_instancemethod(_credentials.Credentials_set_anonymous,None,Credentials)
 Credentials.get_workstation = new_instancemethod(_credentials.Credentials_get_workstation,None,Credentials)
 Credentials.set_workstation = new_instancemethod(_credentials.Credentials_set_workstation,None,Credentials)
+Credentials.set_machine_account = new_instancemethod(_credentials.Credentials_set_machine_account,None,Credentials)
 Credentials.guess = new_instancemethod(_credentials.Credentials_guess,None,Credentials)
 Credentials.is_anonymous = new_instancemethod(_credentials.Credentials_is_anonymous,None,Credentials)
 Credentials.get_nt_hash = new_instancemethod(_credentials.Credentials_get_nt_hash,None,Credentials)
index 8bcbc655750906d403ef56fd7e970d7114d01900..ab76ea2cdec0564c70690f2bada995840f03b5f8 100644 (file)
@@ -30,6 +30,7 @@
 #include "auth/credentials/credentials.h"
 #include "auth/credentials/credentials_krb5.h"
 #include "param/param.h"
+#include "lib/events/events.h"
 
 /**
  * Read a file descriptor, and parse it for a password (eg from a file or stdin)
@@ -169,6 +170,7 @@ _PUBLIC_ bool cli_credentials_parse_file(struct cli_credentials *cred, const cha
  * @retval NTSTATUS error detailing any failure
  */
 _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, 
+                                             struct event_context *event_ctx,
                                     struct loadparm_context *lp_ctx,
                                     struct ldb_context *ldb,
                                     const char *base,
@@ -305,13 +307,13 @@ _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
         * (chewing CPU time) from the password */
        keytab = ldb_msg_find_attr_as_string(msgs[0], "krb5Keytab", NULL);
        if (keytab) {
-               cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
+               cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED);
        } else {
                keytab = ldb_msg_find_attr_as_string(msgs[0], "privateKeytab", NULL);
                if (keytab) {
                        keytab = talloc_asprintf(mem_ctx, "FILE:%s", private_path(mem_ctx, lp_ctx, keytab));
                        if (keytab) {
-                               cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
+                               cli_credentials_set_keytab_name(cred, event_ctx, lp_ctx, keytab, CRED_SPECIFIED);
                        }
                }
        }
@@ -327,7 +329,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
  * @retval NTSTATUS error detailing any failure
  */
 _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
-                                            struct loadparm_context *lp_ctx)
+                                                     struct loadparm_context *lp_ctx)
 {
        char *filter;
        /* Bleh, nasty recursion issues: We are setting a machine
@@ -336,7 +338,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
        cred->machine_account_pending = false;
        filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER, 
                                       cli_credentials_get_domain(cred));
-       return cli_credentials_set_secrets(cred, lp_ctx, NULL, 
+       return cli_credentials_set_secrets(cred, event_context_find(cred), lp_ctx, NULL, 
                                           SECRETS_PRIMARY_DOMAIN_DN,
                                           filter);
 }
@@ -348,6 +350,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
  * @retval NTSTATUS error detailing any failure
  */
 NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
+                                   struct event_context *event_ctx,
                                    struct loadparm_context *lp_ctx)
 {
        char *filter;
@@ -358,7 +361,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
        filter = talloc_asprintf(cred, SECRETS_KRBTGT_SEARCH,
                                       cli_credentials_get_realm(cred),
                                       cli_credentials_get_domain(cred));
-       return cli_credentials_set_secrets(cred, lp_ctx, NULL, 
+       return cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL, 
                                           SECRETS_PRINCIPALS_DN,
                                           filter);
 }
@@ -370,6 +373,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
  * @retval NTSTATUS error detailing any failure
  */
 _PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+                                                      struct event_context *event_ctx,
                                              struct loadparm_context *lp_ctx,
                                              const char *serviceprincipal)
 {
@@ -382,7 +386,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *c
                                 cli_credentials_get_realm(cred),
                                 cli_credentials_get_domain(cred),
                                 serviceprincipal);
-       return cli_credentials_set_secrets(cred, lp_ctx, NULL, 
+       return cli_credentials_set_secrets(cred, event_ctx, lp_ctx, NULL, 
                                           SECRETS_PRINCIPALS_DN, filter);
 }
 
index cd9285b09d0592edafe6d10aff3c0692717ac9fa..3bc17644488a090aaf81619ad2fa106fcdfde99c 100644 (file)
@@ -30,6 +30,7 @@
 #include "param/param.h"
 
 _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred, 
+                                             struct event_context *event_ctx,
                                     struct loadparm_context *lp_ctx,
                                     struct smb_krb5_context **smb_krb5_context) 
 {
@@ -39,8 +40,7 @@ _PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
                return 0;
        }
 
-       ret = smb_krb5_init_context(cred, cli_credentials_get_event_context(cred), 
-                                   lp_ctx, &cred->smb_krb5_context);
+       ret = smb_krb5_init_context(cred, event_ctx, lp_ctx, &cred->smb_krb5_context);
        if (ret) {
                cred->smb_krb5_context = NULL;
                return ret;
@@ -128,6 +128,7 @@ static int free_dccache(struct ccache_container *ccc) {
 }
 
 _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred, 
+                                       struct event_context *event_ctx,
                               struct loadparm_context *lp_ctx,
                               const char *name, 
                               enum credentials_obtained obtained)
@@ -144,7 +145,7 @@ _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
                return ENOMEM;
        }
 
-       ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
+       ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, 
                                               &ccc->smb_krb5_context);
        if (ret) {
                talloc_free(ccc);
@@ -203,6 +204,7 @@ _PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
 
 
 static int cli_credentials_new_ccache(struct cli_credentials *cred, 
+                                     struct event_context *event_ctx,
                                      struct loadparm_context *lp_ctx,
                                      struct ccache_container **_ccc)
 {
@@ -221,7 +223,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
                return ENOMEM;
        }
 
-       ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
+       ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, 
                                               &ccc->smb_krb5_context);
        if (ret) {
                talloc_free(ccc);
@@ -253,6 +255,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
 }
 
 _PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred, 
+                                       struct event_context *event_ctx,
                               struct loadparm_context *lp_ctx,
                               struct ccache_container **ccc)
 {
@@ -271,7 +274,7 @@ _PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred,
                return EINVAL;
        }
 
-       ret = cli_credentials_new_ccache(cred, lp_ctx, ccc);
+       ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, ccc);
        if (ret) {
                return ret;
        }
@@ -348,6 +351,7 @@ static int free_gssapi_creds(struct gssapi_creds_container *gcc)
 }
 
 _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, 
+                                        struct event_context *event_ctx,
                                         struct loadparm_context *lp_ctx,
                                         struct gssapi_creds_container **_gcc) 
 {
@@ -360,7 +364,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
                *_gcc = cred->client_gss_creds;
                return 0;
        }
-       ret = cli_credentials_get_ccache(cred, lp_ctx, 
+       ret = cli_credentials_get_ccache(cred, event_ctx, lp_ctx, 
                                         &ccache);
        if (ret) {
                DEBUG(1, ("Failed to get CCACHE for GSSAPI client: %s\n", error_message(ret)));
@@ -402,6 +406,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
 */
 
  int cli_credentials_set_client_gss_creds(struct cli_credentials *cred, 
+                                         struct event_context *event_ctx,
                                          struct loadparm_context *lp_ctx,
                                          gss_cred_id_t gssapi_cred,
                                          enum credentials_obtained obtained) 
@@ -419,7 +424,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
                return ENOMEM;
        }
 
-       ret = cli_credentials_new_ccache(cred, lp_ctx, &ccc);
+       ret = cli_credentials_new_ccache(cred, event_ctx, lp_ctx, &ccc);
        if (ret != 0) {
                return ret;
        }
@@ -456,6 +461,7 @@ _PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
  * it will be generated from the password.
  */
 _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred, 
+                                       struct event_context *event_ctx,
                               struct loadparm_context *lp_ctx,
                               struct keytab_container **_ktc)
 {
@@ -475,7 +481,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
                return EINVAL;
        }
 
-       ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
+       ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, 
                                               &smb_krb5_context);
        if (ret) {
                return ret;
@@ -510,6 +516,7 @@ _PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
  * FILE:/etc/krb5.keytab), open it and attach it */
 
 _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred, 
+                                            struct event_context *event_ctx,
                                    struct loadparm_context *lp_ctx,
                                    const char *keytab_name, 
                                    enum credentials_obtained obtained) 
@@ -523,7 +530,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
                return 0;
        }
 
-       ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+       ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
        if (ret) {
                return ret;
        }
@@ -549,6 +556,7 @@ _PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
 }
 
 _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred, 
+                                          struct event_context *event_ctx,
                                  struct loadparm_context *lp_ctx) 
 {
        krb5_error_code ret;
@@ -562,7 +570,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
                return ENOMEM;
        }
 
-       ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+       ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
        if (ret) {
                talloc_free(mem_ctx);
                return ret;
@@ -570,7 +578,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
 
        enctype_strings = cli_credentials_get_enctype_strings(cred);
        
-       ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
+       ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc);
        if (ret != 0) {
                talloc_free(mem_ctx);
                return ret;
@@ -585,6 +593,7 @@ _PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
 /* Get server gss credentials (in gsskrb5, this means the keytab) */
 
 _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, 
+                                                 struct event_context *event_ctx,
                                         struct loadparm_context *lp_ctx,
                                         struct gssapi_creds_container **_gcc) 
 {
@@ -603,12 +612,12 @@ _PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
                return 0;
        }
 
-       ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
+       ret = cli_credentials_get_krb5_context(cred, event_ctx, lp_ctx, &smb_krb5_context);
        if (ret) {
                return ret;
        }
 
-       ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
+       ret = cli_credentials_get_keytab(cred, event_ctx, lp_ctx, &ktc);
        if (ret) {
                DEBUG(1, ("Failed to get keytab for GSSAPI server: %s\n", error_message(ret)));
                return ret;
index aaa7d7f0da1c2d6ecd444e903f1cecdc93f66edc..f672b0ad9ad4c9421e64dbe303c90d8eaaafa131 100644 (file)
@@ -32,6 +32,7 @@ struct gssapi_creds_container {
 
 /* Manually prototyped here to avoid needing gss headers in most callers */
 int cli_credentials_set_client_gss_creds(struct cli_credentials *cred, 
+                                        struct event_context *event_ctx,
                                         struct loadparm_context *lp_ctx,
                                         gss_cred_id_t gssapi_cred,
                                         enum credentials_obtained obtained);
index b88f2018df11a008793ca896cdba69c8da303bc1..22e273c35af406b78848caa8e9f23a5332effdf2 100644 (file)
@@ -52,6 +52,20 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
        const struct samr_Password *nt_hash;
        lm_session_key = data_blob(NULL, 0);
 
+       /* We may already have an NTLM response we prepared earlier.
+        * This is used for NTLM pass-though authentication */
+       if (cred->nt_response.data || cred->lm_response.data) {
+               *_nt_response = cred->nt_response;
+               *_lm_response = cred->lm_response;
+
+               if (!cred->lm_response.data) {
+                       *flags = *flags & ~CLI_CRED_LANMAN_AUTH;
+               }
+               *_lm_session_key = data_blob(NULL, 0);
+               *_session_key = data_blob(NULL, 0);
+               return NT_STATUS_OK;
+       }
+
        nt_hash = cli_credentials_get_nt_hash(cred, mem_ctx);
 
        cli_credentials_get_ntlm_username_domain(cred, mem_ctx, &user, &domain);
@@ -215,3 +229,41 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred
        return NT_STATUS_OK;
 }
        
+_PUBLIC_ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
+                                const struct samr_Password *nt_hash, 
+                                enum credentials_obtained obtained)
+{
+       if (obtained >= cred->password_obtained) {
+               cli_credentials_set_password(cred, NULL, obtained);
+               if (nt_hash) {
+                       cred->nt_hash = talloc(cred, struct samr_Password);
+                       *cred->nt_hash = *nt_hash;
+               } else {
+                       cred->nt_hash = NULL;
+               }
+               return true;
+       }
+
+       return false;
+}
+
+_PUBLIC_ bool cli_credentials_set_ntlm_response(struct cli_credentials *cred,
+                                               const DATA_BLOB *lm_response, 
+                                               const DATA_BLOB *nt_response, 
+                                               enum credentials_obtained obtained)
+{
+       if (obtained >= cred->password_obtained) {
+               cli_credentials_set_password(cred, NULL, obtained);
+               if (nt_response) {
+                       cred->nt_response = data_blob_talloc(cred, nt_response->data, nt_response->length);
+                       talloc_steal(cred, cred->nt_response.data);
+               }
+               if (nt_response) {
+                       cred->lm_response = data_blob_talloc(cred, lm_response->data, lm_response->length);
+               }
+               return true;
+       }
+
+       return false;
+}
+
index 909233aaff9e41c5caa9a1afb0f8aa782bb2de75..81ba426e456baec106a12ab7b7d6f9389727dd8c 100644 (file)
@@ -1,6 +1,6 @@
 /* ----------------------------------------------------------------------------
  * This file was automatically generated by SWIG (http://www.swig.org).
- * Version 1.3.33
+ * Version 1.3.35
  * 
  * This file is not intended to be easily readable and contains a number of 
  * coding conventions designed to improve portability and efficiency. Do not make
 
 /* This should only be incremented when either the layout of swig_type_info changes,
    or for whatever reason, the runtime changes incompatibly */
-#define SWIG_RUNTIME_VERSION "3"
+#define SWIG_RUNTIME_VERSION "4"
 
 /* define SWIG_TYPE_TABLE_NAME as "SWIG_TYPE_TABLE" */
 #ifdef SWIG_TYPE_TABLE
 
 /* Flags for pointer conversions */
 #define SWIG_POINTER_DISOWN        0x1
+#define SWIG_CAST_NEW_MEMORY       0x2
 
 /* Flags for new pointer objects */
 #define SWIG_POINTER_OWN           0x1
@@ -301,10 +302,10 @@ SWIGINTERNINLINE int SWIG_CheckState(int r) {
 extern "C" {
 #endif
 
-typedef void *(*swig_converter_func)(void *);
+typedef void *(*swig_converter_func)(void *, int *);
 typedef struct swig_type_info *(*swig_dycast_func)(void **);
 
-/* Structure to store inforomation on one type */
+/* Structure to store information on one type */
 typedef struct swig_type_info {
   const char             *name;                        /* mangled name of this type */
   const char             *str;                 /* human readable name of this type */
@@ -431,8 +432,8 @@ SWIG_TypeCheckStruct(swig_type_info *from, swig_type_info *into) {
   Cast a pointer up an inheritance hierarchy
 */
 SWIGRUNTIMEINLINE void *
-SWIG_TypeCast(swig_cast_info *ty, void *ptr) {
-  return ((!ty) || (!ty->converter)) ? ptr : (*ty->converter)(ptr);
+SWIG_TypeCast(swig_cast_info *ty, void *ptr, int *newmemory) {
+  return ((!ty) || (!ty->converter)) ? ptr : (*ty->converter)(ptr, newmemory);
 }
 
 /* 
@@ -856,7 +857,7 @@ SWIG_Python_AddErrorMsg(const char* mesg)
     Py_DECREF(old_str);
     Py_DECREF(value);
   } else {
-    PyErr_Format(PyExc_RuntimeError, mesg);
+    PyErr_SetString(PyExc_RuntimeError, mesg);
   }
 }
 
@@ -1416,7 +1417,7 @@ PySwigObject_dealloc(PyObject *v)
 {
   PySwigObject *sobj = (PySwigObject *) v;
   PyObject *next = sobj->next;
-  if (sobj->own) {
+  if (sobj->own == SWIG_POINTER_OWN) {
     swig_type_info *ty = sobj->ty;
     PySwigClientData *data = ty ? (PySwigClientData *) ty->clientdata : 0;
     PyObject *destroy = data ? data->destroy : 0;
@@ -1434,12 +1435,13 @@ PySwigObject_dealloc(PyObject *v)
        res = ((*meth)(mself, v));
       }
       Py_XDECREF(res);
-    } else {
-      const char *name = SWIG_TypePrettyName(ty);
+    } 
 #if !defined(SWIG_PYTHON_SILENT_MEMLEAK)
-      printf("swig/python detected a memory leak of type '%s', no destructor found.\n", name);
-#endif
+    else {
+      const char *name = SWIG_TypePrettyName(ty);
+      printf("swig/python detected a memory leak of type '%s', no destructor found.\n", (name ? name : "unknown"));
     }
+#endif
   } 
   Py_XDECREF(next);
   PyObject_DEL(v);
@@ -1944,7 +1946,7 @@ SWIG_Python_GetSwigThis(PyObject *pyobj)
 
 SWIGRUNTIME int
 SWIG_Python_AcquirePtr(PyObject *obj, int own) {
-  if (own) {
+  if (own == SWIG_POINTER_OWN) {
     PySwigObject *sobj = SWIG_Python_GetSwigThis(obj);
     if (sobj) {
       int oldown = sobj->own;
@@ -1965,6 +1967,8 @@ SWIG_Python_ConvertPtrAndOwn(PyObject *obj, void **ptr, swig_type_info *ty, int
     return SWIG_OK;
   } else {
     PySwigObject *sobj = SWIG_Python_GetSwigThis(obj);
+    if (own)
+      *own = 0;
     while (sobj) {
       void *vptr = sobj->ptr;
       if (ty) {
@@ -1978,7 +1982,15 @@ SWIG_Python_ConvertPtrAndOwn(PyObject *obj, void **ptr, swig_type_info *ty, int
          if (!tc) {
            sobj = (PySwigObject *)sobj->next;
          } else {
-           if (ptr) *ptr = SWIG_TypeCast(tc,vptr);
+           if (ptr) {
+              int newmemory = 0;
+              *ptr = SWIG_TypeCast(tc,vptr,&newmemory);
+              if (newmemory == SWIG_CAST_NEW_MEMORY) {
+                assert(own);
+                if (own)
+                  *own = *own | SWIG_CAST_NEW_MEMORY;
+              }
+            }
            break;
          }
        }
@@ -1988,7 +2000,8 @@ SWIG_Python_ConvertPtrAndOwn(PyObject *obj, void **ptr, swig_type_info *ty, int
       }
     }
     if (sobj) {
-      if (own) *own = sobj->own;
+      if (own)
+        *own = *own | sobj->own;
       if (flags & SWIG_POINTER_DISOWN) {
        sobj->own = 0;
       }
@@ -2053,8 +2066,13 @@ SWIG_Python_ConvertFunctionPtr(PyObject *obj, void **ptr, swig_type_info *ty) {
     }
     if (ty) {
       swig_cast_info *tc = SWIG_TypeCheck(desc,ty);
-      if (!tc) return SWIG_ERROR;
-      *ptr = SWIG_TypeCast(tc,vptr);
+      if (tc) {
+        int newmemory = 0;
+        *ptr = SWIG_TypeCast(tc,vptr,&newmemory);
+        assert(!newmemory); /* newmemory handling not yet implemented */
+      } else {
+        return SWIG_ERROR;
+      }
     } else {
       *ptr = vptr;
     }
@@ -2456,24 +2474,25 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags)
 
 /* -------- TYPES TABLE (BEGIN) -------- */
 
-#define SWIGTYPE_p_TALLOC_CTX swig_types[0]
-#define SWIGTYPE_p_char swig_types[1]
-#define SWIGTYPE_p_cli_credentials swig_types[2]
-#define SWIGTYPE_p_int swig_types[3]
-#define SWIGTYPE_p_loadparm_context swig_types[4]
-#define SWIGTYPE_p_loadparm_service swig_types[5]
-#define SWIGTYPE_p_long swig_types[6]
-#define SWIGTYPE_p_param_context swig_types[7]
-#define SWIGTYPE_p_param_opt swig_types[8]
-#define SWIGTYPE_p_param_section swig_types[9]
-#define SWIGTYPE_p_short swig_types[10]
-#define SWIGTYPE_p_signed_char swig_types[11]
-#define SWIGTYPE_p_unsigned_char swig_types[12]
-#define SWIGTYPE_p_unsigned_int swig_types[13]
-#define SWIGTYPE_p_unsigned_long swig_types[14]
-#define SWIGTYPE_p_unsigned_short swig_types[15]
-static swig_type_info *swig_types[17];
-static swig_module_info swig_module = {swig_types, 16, 0, 0, 0, 0};
+#define SWIGTYPE_p_NTSTATUS swig_types[0]
+#define SWIGTYPE_p_TALLOC_CTX swig_types[1]
+#define SWIGTYPE_p_char swig_types[2]
+#define SWIGTYPE_p_cli_credentials swig_types[3]
+#define SWIGTYPE_p_int swig_types[4]
+#define SWIGTYPE_p_loadparm_context swig_types[5]
+#define SWIGTYPE_p_loadparm_service swig_types[6]
+#define SWIGTYPE_p_long_long swig_types[7]
+#define SWIGTYPE_p_param_context swig_types[8]
+#define SWIGTYPE_p_param_opt swig_types[9]
+#define SWIGTYPE_p_param_section swig_types[10]
+#define SWIGTYPE_p_short swig_types[11]
+#define SWIGTYPE_p_signed_char swig_types[12]
+#define SWIGTYPE_p_unsigned_char swig_types[13]
+#define SWIGTYPE_p_unsigned_int swig_types[14]
+#define SWIGTYPE_p_unsigned_long_long swig_types[15]
+#define SWIGTYPE_p_unsigned_short swig_types[16]
+static swig_type_info *swig_types[18];
+static swig_module_info swig_module = {swig_types, 17, 0, 0, 0, 0};
 #define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name)
 #define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name)
 
@@ -2505,7 +2524,7 @@ static swig_module_info swig_module = {swig_types, 16, 0, 0, 0, 0};
 
 #define SWIG_name    "_credentials"
 
-#define SWIGVERSION 0x010333 
+#define SWIGVERSION 0x010335 
 #define SWIG_VERSION SWIGVERSION
 
 
@@ -2862,7 +2881,7 @@ SWIGINTERN PyObject *_wrap_Credentials_set_username(PyObject *SWIGUNUSEDPARM(sel
   PyObject * obj1 = 0 ;
   PyObject * obj2 = 0 ;
   char *  kwnames[] = {
-    (char *) "self",(char *) "value",(char *)"arg3", NULL 
+    (char *) "self",(char *) "value",(char *) "obtained", NULL 
   };
   
   arg1 = NULL;
@@ -2943,7 +2962,7 @@ SWIGINTERN PyObject *_wrap_Credentials_set_password(PyObject *SWIGUNUSEDPARM(sel
   PyObject * obj1 = 0 ;
   PyObject * obj2 = 0 ;
   char *  kwnames[] = {
-    (char *) "self",(char *) "val",(char *)"arg3", NULL 
+    (char *) "self",(char *) "val",(char *) "obtained", NULL 
   };
   
   arg1 = NULL;
@@ -3024,7 +3043,7 @@ SWIGINTERN PyObject *_wrap_Credentials_set_domain(PyObject *SWIGUNUSEDPARM(self)
   PyObject * obj1 = 0 ;
   PyObject * obj2 = 0 ;
   char *  kwnames[] = {
-    (char *) "self",(char *) "val",(char *)"arg3", NULL 
+    (char *) "self",(char *) "val",(char *) "obtained", NULL 
   };
   
   arg1 = NULL;
@@ -3105,7 +3124,7 @@ SWIGINTERN PyObject *_wrap_Credentials_set_realm(PyObject *SWIGUNUSEDPARM(self),
   PyObject * obj1 = 0 ;
   PyObject * obj2 = 0 ;
   char *  kwnames[] = {
-    (char *) "self",(char *) "val",(char *)"arg3", NULL 
+    (char *) "self",(char *) "val",(char *) "obtained", NULL 
   };
   
   arg1 = NULL;
@@ -3195,7 +3214,7 @@ SWIGINTERN PyObject *_wrap_Credentials_parse_string(PyObject *SWIGUNUSEDPARM(sel
   PyObject * obj1 = 0 ;
   PyObject * obj2 = 0 ;
   char *  kwnames[] = {
-    (char *) "self",(char *) "text",(char *)"arg3", NULL 
+    (char *) "self",(char *) "text",(char *) "obtained", NULL 
   };
   
   arg1 = NULL;
@@ -3409,6 +3428,46 @@ fail:
 }
 
 
+SWIGINTERN PyObject *_wrap_Credentials_set_machine_account(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
+  PyObject *resultobj = 0;
+  cli_credentials *arg1 = (cli_credentials *) 0 ;
+  struct loadparm_context *arg2 = (struct loadparm_context *) 0 ;
+  NTSTATUS result;
+  void *argp1 = 0 ;
+  int res1 = 0 ;
+  void *argp2 = 0 ;
+  int res2 = 0 ;
+  PyObject * obj0 = 0 ;
+  PyObject * obj1 = 0 ;
+  char *  kwnames[] = {
+    (char *) "self",(char *) "lp_ctx", NULL 
+  };
+  
+  arg1 = NULL;
+  arg2 = loadparm_init(NULL);
+  if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"|OO:Credentials_set_machine_account",kwnames,&obj0,&obj1)) SWIG_fail;
+  if (obj0) {
+    res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_cli_credentials, 0 |  0 );
+    if (!SWIG_IsOK(res1)) {
+      SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "Credentials_set_machine_account" "', argument " "1"" of type '" "cli_credentials *""'"); 
+    }
+    arg1 = (cli_credentials *)(argp1);
+  }
+  if (obj1) {
+    res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_loadparm_context, 0 |  0 );
+    if (!SWIG_IsOK(res2)) {
+      SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "Credentials_set_machine_account" "', argument " "2"" of type '" "struct loadparm_context *""'"); 
+    }
+    arg2 = (struct loadparm_context *)(argp2);
+  }
+  result = cli_credentials_set_machine_account(arg1,arg2);
+  resultobj = SWIG_NewPointerObj((NTSTATUS *)memcpy((NTSTATUS *)malloc(sizeof(NTSTATUS)),&result,sizeof(NTSTATUS)), SWIGTYPE_p_NTSTATUS, SWIG_POINTER_OWN |  0 );
+  return resultobj;
+fail:
+  return NULL;
+}
+
+
 SWIGINTERN PyObject *_wrap_Credentials_guess(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
   PyObject *resultobj = 0;
   cli_credentials *arg1 = (cli_credentials *) 0 ;
@@ -3631,27 +3690,67 @@ SWIGINTERN PyObject *Credentials_swiginit(PyObject *SWIGUNUSEDPARM(self), PyObje
 
 static PyMethodDef SwigMethods[] = {
         { (char *)"new_Credentials", (PyCFunction)_wrap_new_Credentials, METH_NOARGS, NULL},
-        { (char *)"Credentials_get_username", (PyCFunction) _wrap_Credentials_get_username, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_set_username", (PyCFunction) _wrap_Credentials_set_username, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_get_password", (PyCFunction) _wrap_Credentials_get_password, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_set_password", (PyCFunction) _wrap_Credentials_set_password, METH_VARARGS | METH_KEYWORDS, NULL},
+        { (char *)"Credentials_get_username", (PyCFunction) _wrap_Credentials_get_username, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.get_username() -> username\n"
+               "Obtain username.\n"
+               ""},
+        { (char *)"Credentials_set_username", (PyCFunction) _wrap_Credentials_set_username, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.set_username(name, obtained=CRED_SPECIFIED) -> None\n"
+               "Change username.\n"
+               ""},
+        { (char *)"Credentials_get_password", (PyCFunction) _wrap_Credentials_get_password, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.get_password() -> password\n"
+               "Obtain password.\n"
+               ""},
+        { (char *)"Credentials_set_password", (PyCFunction) _wrap_Credentials_set_password, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.set_password(password, obtained=CRED_SPECIFIED) -> None\n"
+               "Change password.\n"
+               ""},
         { (char *)"Credentials_get_domain", (PyCFunction) _wrap_Credentials_get_domain, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_set_domain", (PyCFunction) _wrap_Credentials_set_domain, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_get_realm", (PyCFunction) _wrap_Credentials_get_realm, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_set_realm", (PyCFunction) _wrap_Credentials_set_realm, METH_VARARGS | METH_KEYWORDS, NULL},
+        { (char *)"Credentials_set_domain", (PyCFunction) _wrap_Credentials_set_domain, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.set_domain(domain, obtained=CRED_SPECIFIED) -> None\n"
+               "Change domain name.\n"
+               ""},
+        { (char *)"Credentials_get_realm", (PyCFunction) _wrap_Credentials_get_realm, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.get_realm() -> realm\n"
+               "Obtain realm name.\n"
+               ""},
+        { (char *)"Credentials_set_realm", (PyCFunction) _wrap_Credentials_set_realm, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.set_realm(realm, obtained=CRED_SPECIFIED) -> None\n"
+               "Change realm name.\n"
+               ""},
         { (char *)"Credentials_set_kerberos_state", (PyCFunction) _wrap_Credentials_set_kerberos_state, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_parse_string", (PyCFunction) _wrap_Credentials_parse_string, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_get_bind_dn", (PyCFunction) _wrap_Credentials_get_bind_dn, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_set_bind_dn", (PyCFunction) _wrap_Credentials_set_bind_dn, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_set_anonymous", (PyCFunction) _wrap_Credentials_set_anonymous, METH_VARARGS | METH_KEYWORDS, NULL},
+        { (char *)"Credentials_parse_string", (PyCFunction) _wrap_Credentials_parse_string, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.parse_string(text, obtained=CRED_SPECIFIED) -> None\n"
+               "Parse credentials string.\n"
+               ""},
+        { (char *)"Credentials_get_bind_dn", (PyCFunction) _wrap_Credentials_get_bind_dn, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.get_bind_dn() -> bind dn\n"
+               "Obtain bind DN.\n"
+               ""},
+        { (char *)"Credentials_set_bind_dn", (PyCFunction) _wrap_Credentials_set_bind_dn, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.set_bind_dn(bind_dn) -> None\n"
+               "Change bind DN.\n"
+               ""},
+        { (char *)"Credentials_set_anonymous", (PyCFunction) _wrap_Credentials_set_anonymous, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.set_anonymous() -> None\n"
+               "Use anonymous credentials.\n"
+               ""},
         { (char *)"Credentials_get_workstation", (PyCFunction) _wrap_Credentials_get_workstation, METH_VARARGS | METH_KEYWORDS, NULL},
         { (char *)"Credentials_set_workstation", (PyCFunction) _wrap_Credentials_set_workstation, METH_VARARGS | METH_KEYWORDS, NULL},
+        { (char *)"Credentials_set_machine_account", (PyCFunction) _wrap_Credentials_set_machine_account, METH_VARARGS | METH_KEYWORDS, NULL},
         { (char *)"Credentials_guess", (PyCFunction) _wrap_Credentials_guess, METH_VARARGS | METH_KEYWORDS, NULL},
         { (char *)"Credentials_is_anonymous", (PyCFunction) _wrap_Credentials_is_anonymous, METH_VARARGS | METH_KEYWORDS, NULL},
         { (char *)"Credentials_get_nt_hash", (PyCFunction) _wrap_Credentials_get_nt_hash, METH_VARARGS | METH_KEYWORDS, NULL},
         { (char *)"Credentials_authentication_requested", (PyCFunction) _wrap_Credentials_authentication_requested, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_wrong_password", (PyCFunction) _wrap_Credentials_wrong_password, METH_VARARGS | METH_KEYWORDS, NULL},
-        { (char *)"Credentials_set_cmdline_callbacks", (PyCFunction) _wrap_Credentials_set_cmdline_callbacks, METH_VARARGS | METH_KEYWORDS, NULL},
+        { (char *)"Credentials_wrong_password", (PyCFunction) _wrap_Credentials_wrong_password, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.wrong_password() -> bool\n"
+               "Indicate the returned password was incorrect.\n"
+               ""},
+        { (char *)"Credentials_set_cmdline_callbacks", (PyCFunction) _wrap_Credentials_set_cmdline_callbacks, METH_VARARGS | METH_KEYWORDS, (char *)"\n"
+               "S.set_cmdline_callbacks() -> bool\n"
+               "Use command-line to obtain credentials not explicitly set.\n"
+               ""},
         { (char *)"delete_Credentials", (PyCFunction) _wrap_delete_Credentials, METH_VARARGS | METH_KEYWORDS, NULL},
         { (char *)"Credentials_swigregister", Credentials_swigregister, METH_VARARGS, NULL},
         { (char *)"Credentials_swiginit", Credentials_swiginit, METH_VARARGS, NULL},
@@ -3661,31 +3760,33 @@ static PyMethodDef SwigMethods[] = {
 
 /* -------- TYPE CONVERSION AND EQUIVALENCE RULES (BEGIN) -------- */
 
+static swig_type_info _swigt__p_NTSTATUS = {"_p_NTSTATUS", "NTSTATUS *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_TALLOC_CTX = {"_p_TALLOC_CTX", "TALLOC_CTX *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_cli_credentials = {"_p_cli_credentials", "struct cli_credentials *|cli_credentials *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_int = {"_p_int", "int *|int_least32_t *|int32_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_int = {"_p_int", "intptr_t *|int *|int_least32_t *|int_fast32_t *|int32_t *|int_fast16_t *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_loadparm_context = {"_p_loadparm_context", "struct loadparm_context *|loadparm_context *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_loadparm_service = {"_p_loadparm_service", "struct loadparm_service *|loadparm_service *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_long = {"_p_long", "intptr_t *|int_least64_t *|int_fast32_t *|int_fast64_t *|int64_t *|long *|int_fast16_t *|intmax_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_long_long = {"_p_long_long", "int_least64_t *|int_fast64_t *|int64_t *|long long *|intmax_t *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_param_context = {"_p_param_context", "struct param_context *|param *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_param_opt = {"_p_param_opt", "struct param_opt *|param_opt *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_param_section = {"_p_param_section", "struct param_section *|param_section *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_short = {"_p_short", "short *|int_least16_t *|int16_t *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_signed_char = {"_p_signed_char", "signed char *|int_least8_t *|int_fast8_t *|int8_t *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_unsigned_char = {"_p_unsigned_char", "unsigned char *|uint_least8_t *|uint_fast8_t *|uint8_t *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "uint_least32_t *|uint32_t *|unsigned int *", 0, 0, (void*)0, 0};
-static swig_type_info _swigt__p_unsigned_long = {"_p_unsigned_long", "uintptr_t *|uint_least64_t *|uint_fast32_t *|uint_fast64_t *|uint64_t *|unsigned long *|uint_fast16_t *|uintmax_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "uintptr_t *|uint_least32_t *|uint_fast32_t *|uint32_t *|unsigned int *|uint_fast16_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_unsigned_long_long = {"_p_unsigned_long_long", "uint_least64_t *|uint_fast64_t *|uint64_t *|unsigned long long *|uintmax_t *", 0, 0, (void*)0, 0};
 static swig_type_info _swigt__p_unsigned_short = {"_p_unsigned_short", "unsigned short *|uint_least16_t *|uint16_t *", 0, 0, (void*)0, 0};
 
 static swig_type_info *swig_type_initial[] = {
+  &_swigt__p_NTSTATUS,
   &_swigt__p_TALLOC_CTX,
   &_swigt__p_char,
   &_swigt__p_cli_credentials,
   &_swigt__p_int,
   &_swigt__p_loadparm_context,
   &_swigt__p_loadparm_service,
-  &_swigt__p_long,
+  &_swigt__p_long_long,
   &_swigt__p_param_context,
   &_swigt__p_param_opt,
   &_swigt__p_param_section,
@@ -3693,17 +3794,18 @@ static swig_type_info *swig_type_initial[] = {
   &_swigt__p_signed_char,
   &_swigt__p_unsigned_char,
   &_swigt__p_unsigned_int,
-  &_swigt__p_unsigned_long,
+  &_swigt__p_unsigned_long_long,
   &_swigt__p_unsigned_short,
 };
 
+static swig_cast_info _swigc__p_NTSTATUS[] = {  {&_swigt__p_NTSTATUS, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_TALLOC_CTX[] = {  {&_swigt__p_TALLOC_CTX, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_char[] = {  {&_swigt__p_char, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_cli_credentials[] = {  {&_swigt__p_cli_credentials, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_int[] = {  {&_swigt__p_int, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_loadparm_context[] = {  {&_swigt__p_loadparm_context, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_loadparm_service[] = {  {&_swigt__p_loadparm_service, 0, 0, 0},{0, 0, 0, 0}};
-static swig_cast_info _swigc__p_long[] = {  {&_swigt__p_long, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_long_long[] = {  {&_swigt__p_long_long, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_param_context[] = {  {&_swigt__p_param_context, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_param_opt[] = {  {&_swigt__p_param_opt, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_param_section[] = {  {&_swigt__p_param_section, 0, 0, 0},{0, 0, 0, 0}};
@@ -3711,17 +3813,18 @@ static swig_cast_info _swigc__p_short[] = {  {&_swigt__p_short, 0, 0, 0},{0, 0,
 static swig_cast_info _swigc__p_signed_char[] = {  {&_swigt__p_signed_char, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_unsigned_char[] = {  {&_swigt__p_unsigned_char, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_unsigned_int[] = {  {&_swigt__p_unsigned_int, 0, 0, 0},{0, 0, 0, 0}};
-static swig_cast_info _swigc__p_unsigned_long[] = {  {&_swigt__p_unsigned_long, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_unsigned_long_long[] = {  {&_swigt__p_unsigned_long_long, 0, 0, 0},{0, 0, 0, 0}};
 static swig_cast_info _swigc__p_unsigned_short[] = {  {&_swigt__p_unsigned_short, 0, 0, 0},{0, 0, 0, 0}};
 
 static swig_cast_info *swig_cast_initial[] = {
+  _swigc__p_NTSTATUS,
   _swigc__p_TALLOC_CTX,
   _swigc__p_char,
   _swigc__p_cli_credentials,
   _swigc__p_int,
   _swigc__p_loadparm_context,
   _swigc__p_loadparm_service,
-  _swigc__p_long,
+  _swigc__p_long_long,
   _swigc__p_param_context,
   _swigc__p_param_opt,
   _swigc__p_param_section,
@@ -3729,7 +3832,7 @@ static swig_cast_info *swig_cast_initial[] = {
   _swigc__p_signed_char,
   _swigc__p_unsigned_char,
   _swigc__p_unsigned_int,
-  _swigc__p_unsigned_long,
+  _swigc__p_unsigned_long_long,
   _swigc__p_unsigned_short,
 };
 
@@ -3799,7 +3902,7 @@ SWIGRUNTIME void
 SWIG_InitializeModule(void *clientdata) {
   size_t i;
   swig_module_info *module_head, *iter;
-  int found;
+  int found, init;
   
   clientdata = clientdata;
   
@@ -3809,6 +3912,9 @@ SWIG_InitializeModule(void *clientdata) {
     swig_module.type_initial = swig_type_initial;
     swig_module.cast_initial = swig_cast_initial;
     swig_module.next = &swig_module;
+    init = 1;
+  } else {
+    init = 0;
   }
   
   /* Try and load any already created modules */
@@ -3837,6 +3943,12 @@ SWIG_InitializeModule(void *clientdata) {
     module_head->next = &swig_module;
   }
   
+  /* When multiple interpeters are used, a module could have already been initialized in
+       a different interpreter, but not yet have a pointer in this interpreter.
+       In this case, we do not want to continue adding types... everything should be
+       set up already */
+  if (init == 0) return;
+  
   /* Now work on filling in swig_module.types */
 #ifdef SWIGRUNTIME_DEBUG
   printf("SWIG_InitializeModule: size %d\n", swig_module.size);
index d0a99502c17d94de43b990cbf7970928d150202b..30120b3a605dbe4ddabafda78335c9f01b71f970 100644 (file)
@@ -24,7 +24,7 @@ the functionality, that's already done in other tests.
 """
 
 import unittest
-import credentials
+from samba import credentials
 
 class CredentialsTests(unittest.TestCase):
     def setUp(self):
index 14864f7e4c594d7d16c77f4772330fe3158a7fa6..f08ff2638a539133becad04a652270fe3246669d 100644 (file)
@@ -1,80 +1,87 @@
 #################################
 # Start SUBSYSTEM gensec
 [LIBRARY::gensec]
-PC_FILE = gensec.pc
-VERSION = 0.0.1
-SO_VERSION = 0
-PRIVATE_PROTO_HEADER = gensec_proto.h
-OBJ_FILES = gensec.o socket.o
 PUBLIC_DEPENDENCIES = \
                CREDENTIALS LIBSAMBA-UTIL LIBCRYPTO ASN1_UTIL samba-socket LIBPACKET
 # End SUBSYSTEM gensec
 #################################
 
-PUBLIC_HEADERS += auth/gensec/gensec.h
+PC_FILES += $(gensecsrcdir)/gensec.pc
+
+gensec_VERSION = 0.0.1
+gensec_SOVERSION = 0
+gensec_OBJ_FILES = $(addprefix $(gensecsrcdir)/, gensec.o socket.o)
+
+PUBLIC_HEADERS += $(gensecsrcdir)/gensec.h
+
+$(eval $(call proto_header_template,$(gensecsrcdir)/gensec_proto.h,$(gensec_OBJ_FILES:.o=.c)))
 
 ################################################
 # Start MODULE gensec_krb5
 [MODULE::gensec_krb5]
 SUBSYSTEM = gensec
 INIT_FUNCTION = gensec_krb5_init
-OBJ_FILES = gensec_krb5.o 
-PRIVATE_DEPENDENCIES = CREDENTIALS KERBEROS auth auth_sam
+PRIVATE_DEPENDENCIES = CREDENTIALS KERBEROS auth_session auth_sam
 # End MODULE gensec_krb5
 ################################################
 
+gensec_krb5_OBJ_FILES = $(addprefix $(gensecsrcdir)/, gensec_krb5.o)
+
 ################################################
 # Start MODULE gensec_gssapi
 [MODULE::gensec_gssapi]
 SUBSYSTEM = gensec
 INIT_FUNCTION = gensec_gssapi_init
-OBJ_FILES = gensec_gssapi.o 
 PRIVATE_DEPENDENCIES = HEIMDAL_GSSAPI CREDENTIALS KERBEROS 
 # End MODULE gensec_gssapi
 ################################################
 
+gensec_gssapi_OBJ_FILES = $(addprefix $(gensecsrcdir)/, gensec_gssapi.o)
+
 ################################################
 # Start MODULE cyrus_sasl
 [MODULE::cyrus_sasl]
 SUBSYSTEM = gensec
 INIT_FUNCTION = gensec_sasl_init
-OBJ_FILES = cyrus_sasl.o 
 PRIVATE_DEPENDENCIES = CREDENTIALS SASL 
 # End MODULE cyrus_sasl
 ################################################
 
+cyrus_sasl_OBJ_FILES = $(addprefix $(gensecsrcdir)/, cyrus_sasl.o)
+
 ################################################
 # Start MODULE gensec_spnego
 [MODULE::gensec_spnego]
 SUBSYSTEM = gensec
 INIT_FUNCTION = gensec_spnego_init
-PRIVATE_PROTO_HEADER = spnego_proto.h
 PRIVATE_DEPENDENCIES = ASN1_UTIL CREDENTIALS
-OBJ_FILES = spnego.o spnego_parse.o
 # End MODULE gensec_spnego
 ################################################
 
+gensec_spnego_OBJ_FILES = $(addprefix $(gensecsrcdir)/, spnego.o spnego_parse.o)
+
+$(eval $(call proto_header_template,$(gensecsrcdir)/spnego_proto.h,$(gensec_spnego_OBJ_FILES:.o=.c)))
+
 ################################################
 # Start MODULE gensec_schannel
 [MODULE::gensec_schannel]
 SUBSYSTEM = gensec
-PRIVATE_PROTO_HEADER = schannel_proto.h
 INIT_FUNCTION = gensec_schannel_init
-OBJ_FILES = schannel.o \
-                       schannel_sign.o
 PRIVATE_DEPENDENCIES = SCHANNELDB NDR_SCHANNEL CREDENTIALS LIBNDR
 OUTPUT_TYPE = MERGED_OBJ
 # End MODULE gensec_schannel
 ################################################
 
+gensec_schannel_OBJ_FILES = $(addprefix $(gensecsrcdir)/, schannel.o schannel_sign.o)
+$(eval $(call proto_header_template,$(gensecsrcdir)/schannel_proto.h,$(gensec_schannel_OBJ_FILES:.o=.c)))
+
 ################################################
 # Start SUBSYSTEM SCHANNELDB
 [SUBSYSTEM::SCHANNELDB]
-PRIVATE_PROTO_HEADER = schannel_state.h
-OBJ_FILES = \
-               schannel_state.o
 PRIVATE_DEPENDENCIES = LDB_WRAP SAMDB
-#
 # End SUBSYSTEM SCHANNELDB
 ################################################
 
+SCHANNELDB_OBJ_FILES = $(addprefix $(gensecsrcdir)/, schannel_state.o)
+$(eval $(call proto_header_template,$(gensecsrcdir)/schannel_state.h,$(SCHANNELDB_OBJ_FILES:.o=.c)))
+
index 59c19b96abdd1de0698110bf21901523b4db4d16..0edb34d7403fc7d048314ac3d005bf2128bb202f 100644 (file)
@@ -23,7 +23,6 @@
 #include "includes.h"
 #include "auth/auth.h"
 #include "lib/events/events.h"
-#include "build.h"
 #include "librpc/rpc/dcerpc.h"
 #include "auth/credentials/credentials.h"
 #include "auth/gensec/gensec.h"
@@ -482,6 +481,11 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
                             struct messaging_context *msg,
                             struct gensec_security **gensec_security)
 {
+       if (ev == NULL) {
+               DEBUG(0, ("No event context available!\n"));
+               return NT_STATUS_INTERNAL_ERROR;
+       }
+
        (*gensec_security) = talloc(mem_ctx, struct gensec_security);
        NT_STATUS_HAVE_NO_MEMORY(*gensec_security);
 
@@ -493,14 +497,6 @@ static NTSTATUS gensec_start(TALLOC_CTX *mem_ctx,
 
        (*gensec_security)->subcontext = false;
        (*gensec_security)->want_features = 0;
-       
-       if (ev == NULL) {
-               ev = event_context_init(*gensec_security);
-               if (ev == NULL) {
-                       talloc_free(*gensec_security);
-                       return NT_STATUS_NO_MEMORY;
-               }
-       }
 
        (*gensec_security)->event_ctx = ev;
        (*gensec_security)->msg_ctx = msg;
@@ -548,20 +544,11 @@ _PUBLIC_ NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx,
                             struct loadparm_context *lp_ctx)
 {
        NTSTATUS status;
-       struct event_context *new_ev = NULL;
-
-       if (ev == NULL) {
-               new_ev = event_context_init(mem_ctx);
-               NT_STATUS_HAVE_NO_MEMORY(new_ev);
-               ev = new_ev;
-       }
 
        status = gensec_start(mem_ctx, ev, lp_ctx, NULL, gensec_security);
        if (!NT_STATUS_IS_OK(status)) {
-               talloc_free(new_ev);
                return status;
        }
-       talloc_steal((*gensec_security), new_ev);
        (*gensec_security)->gensec_role = GENSEC_CLIENT;
 
        return status;
@@ -1268,6 +1255,12 @@ static int sort_gensec(struct gensec_security_ops **gs1, struct gensec_security_
 _PUBLIC_ NTSTATUS gensec_init(struct loadparm_context *lp_ctx)
 {
        static bool initialized = false;
+       extern NTSTATUS gensec_sasl_init(void);
+       extern NTSTATUS gensec_krb5_init(void);
+       extern NTSTATUS gensec_schannel_init(void);
+       extern NTSTATUS gensec_spnego_init(void);
+       extern NTSTATUS gensec_gssapi_init(void);
+       extern NTSTATUS gensec_ntlmssp_init(void);
 
        init_module_fn static_init[] = { STATIC_gensec_MODULES };
        init_module_fn *shared_init;
index e7dcb4ea688d41ae561516f9a1f0a1f5e2b56c8a..cc0d40469e529099113c12233fdc52f1cc04d1de 100644 (file)
@@ -273,7 +273,9 @@ static NTSTATUS gensec_gssapi_server_start(struct gensec_security *gensec_securi
                DEBUG(3, ("No machine account credentials specified\n"));
                return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
        } else {
-               ret = cli_credentials_get_server_gss_creds(machine_account, gensec_security->lp_ctx, &gcc);
+               ret = cli_credentials_get_server_gss_creds(machine_account, 
+                                                          gensec_security->event_ctx, 
+                                                          gensec_security->lp_ctx, &gcc);
                if (ret) {
                        DEBUG(1, ("Aquiring acceptor credentials failed: %s\n", 
                                  error_message(ret)));
@@ -359,7 +361,9 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
                return NT_STATUS_INVALID_PARAMETER;
        }
 
-       ret = cli_credentials_get_client_gss_creds(creds, gensec_security->lp_ctx, &gcc);
+       ret = cli_credentials_get_client_gss_creds(creds, 
+                                                  gensec_security->event_ctx, 
+                                                  gensec_security->lp_ctx, &gcc);
        switch (ret) {
        case 0:
                break;
@@ -1323,7 +1327,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
        } else if (!lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec", "require_pac", false)) {
                DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
                          gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
-               nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->lp_ctx, principal_string,
+               nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
                                                          &server_info);
 
                if (!NT_STATUS_IS_OK(nt_status)) {
@@ -1338,7 +1342,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
        }
 
        /* references the server_info into the session_info */
-       nt_status = auth_generate_session_info(mem_ctx, gensec_security->lp_ctx, server_info, &session_info);
+       nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
        if (!NT_STATUS_IS_OK(nt_status)) {
                talloc_free(mem_ctx);
                return nt_status;
@@ -1361,12 +1365,12 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
                        return NT_STATUS_NO_MEMORY;
                }
 
-               cli_credentials_set_event_context(session_info->credentials, gensec_security->event_ctx);
                cli_credentials_set_conf(session_info->credentials, gensec_security->lp_ctx);
                /* Just so we don't segfault trying to get at a username */
                cli_credentials_set_anonymous(session_info->credentials);
                
                ret = cli_credentials_set_client_gss_creds(session_info->credentials, 
+                                                          gensec_security->event_ctx,
                                                           gensec_security->lp_ctx, 
                                                           gensec_gssapi_state->delegated_cred_handle,
                                                           CRED_SPECIFIED);
index ae601b19c25e60fa21f0beaf0b906f42dffd516b..47df2ccfcc27835b920b6751dfc389bd9081ef5e 100644 (file)
@@ -118,7 +118,9 @@ static NTSTATUS gensec_krb5_start(struct gensec_security *gensec_security)
 
        talloc_set_destructor(gensec_krb5_state, gensec_krb5_destroy); 
 
-       if (cli_credentials_get_krb5_context(creds, gensec_security->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
+       if (cli_credentials_get_krb5_context(creds, 
+                                            gensec_security->event_ctx, 
+                                            gensec_security->lp_ctx, &gensec_krb5_state->smb_krb5_context)) {
                talloc_free(gensec_krb5_state);
                return NT_STATUS_INTERNAL_ERROR;
        }
@@ -248,7 +250,9 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
 
        principal = gensec_get_target_principal(gensec_security);
 
-       ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), gensec_security->lp_ctx, &ccache_container);
+       ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), 
+                                        gensec_security->event_ctx, 
+                                        gensec_security->lp_ctx, &ccache_container);
        switch (ret) {
        case 0:
                break;
@@ -446,7 +450,9 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
                }       
 
                /* Grab the keytab, however generated */
-               ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), gensec_security->lp_ctx, &keytab);
+               ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), 
+                                                gensec_security->event_ctx, 
+                                                gensec_security->lp_ctx, &keytab);
                if (ret) {
                        return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
                }
@@ -597,7 +603,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
                DEBUG(5, ("krb5_ticket_get_authorization_data_type failed to find PAC: %s\n", 
                          smb_get_krb5_error_message(context, 
                                                     ret, mem_ctx)));
-               nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->lp_ctx, principal_string,
+               nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
                                                          &server_info);
                krb5_free_principal(context, client_principal);
                free(principal_string);
@@ -645,7 +651,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
        }
 
        /* references the server_info into the session_info */
-       nt_status = auth_generate_session_info(mem_ctx, gensec_security->lp_ctx, server_info, &session_info);
+       nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
 
        if (!NT_STATUS_IS_OK(nt_status)) {
                talloc_free(mem_ctx);
index b3117ee9b2e00d0b86a27c31a424bce8cbaad1ee..f21202b86f5486e46a94898adf518d73ba90ae2d 100644 (file)
@@ -125,7 +125,8 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
                }
                
                /* pull the session key for this client */
-               status = schannel_fetch_session_key(out_mem_ctx, gensec_security->lp_ctx, workstation, 
+               status = schannel_fetch_session_key(out_mem_ctx, gensec_security->event_ctx, 
+                                                   gensec_security->lp_ctx, workstation, 
                                                    domain, &creds);
                if (!NT_STATUS_IS_OK(status)) {
                        DEBUG(3, ("Could not find session key for attempted schannel connection from %s: %s\n",
@@ -189,7 +190,7 @@ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security,
                                         struct auth_session_info **_session_info) 
 {
        struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
-       return auth_anonymous_session_info(state, gensec_security->lp_ctx, _session_info);
+       return auth_anonymous_session_info(state, gensec_security->event_ctx, gensec_security->lp_ctx, _session_info);
 }
 
 static NTSTATUS schannel_start(struct gensec_security *gensec_security)
index 0c7c509954f6a03b1c108927c629264e4c3b5c13..0f7c4ca11d7f9c75b283e901dc65a73c59721d17 100644 (file)
@@ -32,7 +32,8 @@
 /**
   connect to the schannel ldb
 */
-struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct event_context *ev_ctx,
+                                       struct loadparm_context *lp_ctx)
 {
        char *path;
        struct ldb_context *ldb;
@@ -49,7 +50,7 @@ struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_con
 
        existed = file_exist(path);
        
-       ldb = ldb_wrap_connect(mem_ctx, lp_ctx, path, 
+       ldb = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx, path, 
                               system_session(mem_ctx, lp_ctx), 
                               NULL, LDB_FLG_NOSYNC, NULL);
        talloc_free(path);
@@ -137,6 +138,7 @@ NTSTATUS schannel_store_session_key_ldb(TALLOC_CTX *mem_ctx,
 }
 
 NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
+                                   struct event_context *ev_ctx,
                                    struct loadparm_context *lp_ctx,
                                    struct creds_CredentialState *creds)
 {
@@ -144,7 +146,7 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
        NTSTATUS nt_status;
        int ret;
                
-       ldb = schannel_db_connect(mem_ctx, lp_ctx);
+       ldb = schannel_db_connect(mem_ctx, ev_ctx, lp_ctx);
        if (!ldb) {
                return NT_STATUS_ACCESS_DENIED;
        }
@@ -268,6 +270,7 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx,
 }
 
 NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
+                                   struct event_context *ev_ctx,
                                    struct loadparm_context *lp_ctx,
                                        const char *computer_name, 
                                        const char *domain, 
@@ -276,7 +279,7 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
        NTSTATUS nt_status;
        struct ldb_context *ldb;
 
-       ldb = schannel_db_connect(mem_ctx, lp_ctx);
+       ldb = schannel_db_connect(mem_ctx, ev_ctx, lp_ctx);
        if (!ldb) {
                return NT_STATUS_ACCESS_DENIED;
        }
index 7493a6d06d7520ae18a7b2740aa4f77bf84c23b0..951e247258d391fa4a5daddfc9ff5c3e3f72f023 100644 (file)
@@ -1,14 +1,18 @@
 #################################
 # Start SUBSYSTEM KERBEROS
 [SUBSYSTEM::KERBEROS]
-PRIVATE_PROTO_HEADER = proto.h
-OBJ_FILES = kerberos.o \
-                       clikrb5.o \
-                       kerberos_heimdal.o \
-                       kerberos_pac.o \
-                       gssapi_parse.o \
-                       krb5_init_context.o
 PUBLIC_DEPENDENCIES = HEIMDAL_KRB5 NDR_KRB5PAC samba-socket LIBCLI_RESOLVE
 PRIVATE_DEPENDENCIES = ASN1_UTIL auth_sam_reply LIBPACKET LIBNDR
 # End SUBSYSTEM KERBEROS
 #################################
+
+KERBEROS_OBJ_FILES = $(addprefix $(authsrcdir)/kerberos/, \
+       kerberos.o \
+       clikrb5.o \
+       kerberos_heimdal.o \
+       kerberos_pac.o \
+       gssapi_parse.o \
+       krb5_init_context.o)
+
+$(eval $(call proto_header_template,$(authsrcdir)/kerberos/proto.h,$(KERBEROS_OBJ_FILES:.o=.c)))
+
similarity index 98%
rename from source4/auth/auth.c
rename to source4/auth/ntlm/auth.c
index af3796a70d1800d4fcd4530ce2e177ba1d9d58c3..0f1ef3ccdb71e24b13d1d445f2cebb30ebfc2192 100644 (file)
@@ -21,9 +21,8 @@
 #include "includes.h"
 #include "lib/util/dlinklist.h"
 #include "auth/auth.h"
-#include "auth/auth_proto.h"
+#include "auth/ntlm/auth_proto.h"
 #include "lib/events/events.h"
-#include "build.h"
 #include "param/param.h"
 
 /***************************************************************************
@@ -516,6 +515,12 @@ const struct auth_critical_sizes *auth_interface_version(void)
 _PUBLIC_ NTSTATUS auth_init(void)
 {
        static bool initialized = false;
+       extern NTSTATUS auth_developer_init(void);
+       extern NTSTATUS auth_winbind_init(void);
+       extern NTSTATUS auth_anonymous_init(void);
+       extern NTSTATUS auth_unix_init(void);
+       extern NTSTATUS auth_sam_init(void);
+       extern NTSTATUS auth_server_init(void);
 
        init_module_fn static_init[] = { STATIC_auth_MODULES };
        
similarity index 98%
rename from source4/auth/auth_anonymous.c
rename to source4/auth/ntlm/auth_anonymous.c
index b93c7c200868100eb1be9a86151c88984c839f3f..c8890718784c4b5d3e645268edb79f8f38e7d79a 100644 (file)
@@ -21,7 +21,7 @@
 
 #include "includes.h"
 #include "auth/auth.h"
-#include "auth/auth_proto.h"
+#include "auth/ntlm/auth_proto.h"
 #include "param/param.h"
 
 /**
similarity index 99%
rename from source4/auth/auth_developer.c
rename to source4/auth/ntlm/auth_developer.c
index a2c9cbc828454d60b2a01c572faac3faf88ad728..3b8c83c349b0caca9b75318e11cb81ea7d8388a7 100644 (file)
@@ -21,7 +21,7 @@
 
 #include "includes.h"
 #include "auth/auth.h"
-#include "auth/auth_proto.h"
+#include "auth/ntlm/auth_proto.h"
 #include "libcli/security/security.h"
 #include "librpc/gen_ndr/ndr_samr.h"
 
diff --git a/source4/auth/ntlm/auth_proto.h b/source4/auth/ntlm/auth_proto.h
new file mode 100644 (file)
index 0000000..572c1a4
--- /dev/null
@@ -0,0 +1,50 @@
+#ifndef __AUTH_NTLM_AUTH_PROTO_H__
+#define __AUTH_NTLM_AUTH_PROTO_H__
+
+#undef _PRINTF_ATTRIBUTE
+#define _PRINTF_ATTRIBUTE(a1, a2) PRINTF_ATTRIBUTE(a1, a2)
+/* This file was automatically generated by mkproto.pl. DO NOT EDIT */
+
+/* this file contains prototypes for functions that are private 
+ * to this subsystem or library. These functions should not be 
+ * used outside this particular subsystem! */
+
+
+/* The following definitions come from auth/ntlm/auth.c  */
+
+
+/***************************************************************************
+ Set a fixed challenge
+***************************************************************************/
+bool auth_challenge_may_be_modified(struct auth_context *auth_ctx) ;
+const struct auth_operations *auth_backend_byname(const char *name);
+const struct auth_critical_sizes *auth_interface_version(void);
+NTSTATUS server_service_auth_init(void);
+
+/* The following definitions come from auth/ntlm/auth_util.c  */
+
+NTSTATUS auth_get_challenge_not_implemented(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *challenge);
+
+/****************************************************************************
+ Create an auth_usersupplied_data structure after appropriate mapping.
+****************************************************************************/
+NTSTATUS map_user_info(TALLOC_CTX *mem_ctx,
+                      const char *default_domain,
+                      const struct auth_usersupplied_info *user_info,
+                      struct auth_usersupplied_info **user_info_mapped);
+
+/****************************************************************************
+ Create an auth_usersupplied_data structure after appropriate mapping.
+****************************************************************************/
+NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, 
+                          enum auth_password_state to_state,
+                          const struct auth_usersupplied_info *user_info_in,
+                          const struct auth_usersupplied_info **user_info_encrypted);
+
+/* The following definitions come from auth/ntlm/auth_simple.c  */
+
+#undef _PRINTF_ATTRIBUTE
+#define _PRINTF_ATTRIBUTE(a1, a2)
+
+#endif /* __AUTH_NTLM_AUTH_PROTO_H__ */
+
similarity index 98%
rename from source4/auth/auth_sam.c
rename to source4/auth/ntlm/auth_sam.c
index 4b467cee75bd2d3dbcbd3a433cd9f4fe6210ce27..2c13cd963dc471635a8c36b721dc1affccf2f296 100644 (file)
@@ -25,7 +25,8 @@
 #include "lib/ldb/include/ldb.h"
 #include "util/util_ldb.h"
 #include "auth/auth.h"
-#include "auth/auth_proto.h"
+#include "auth/ntlm/ntlm_check.h"
+#include "auth/ntlm/auth_proto.h"
 #include "auth/auth_sam.h"
 #include "dsdb/samdb/samdb.h"
 #include "libcli/security/security.h"
@@ -289,7 +290,7 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx
                return NT_STATUS_NO_MEMORY;
        }
 
-       sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
+       sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->event_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
        if (sam_ctx == NULL) {
                talloc_free(tmp_ctx);
                return NT_STATUS_INVALID_SYSTEM_SERVICE;
diff --git a/source4/auth/ntlm/auth_server.c b/source4/auth/ntlm/auth_server.c
new file mode 100644 (file)
index 0000000..f154cf0
--- /dev/null
@@ -0,0 +1,225 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Authenticate by using a remote server
+   Copyright (C) Andrew Bartlett         2001-2002, 2008
+   Copyright (C) Jelmer Vernooij              2002
+   Copyright (C) Stefan Metzmacher            2005
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "auth/auth.h"
+#include "auth/ntlm/auth_proto.h"
+#include "auth/credentials/credentials.h"
+#include "libcli/security/security.h"
+#include "librpc/gen_ndr/ndr_samr.h"
+#include "libcli/smb_composite/smb_composite.h"
+#include "param/param.h"
+#include "libcli/resolve/resolve.h"
+
+/* This version of 'security=server' rewirtten from scratch for Samba4
+ * libraries in 2008 */
+
+
+static NTSTATUS server_want_check(struct auth_method_context *ctx,
+                                           TALLOC_CTX *mem_ctx,
+                                           const struct auth_usersupplied_info *user_info)
+{
+       return NT_STATUS_OK;
+}
+/** 
+ * The challenge from the target server, when operating in security=server
+ **/
+static NTSTATUS server_get_challenge(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *_blob)
+{
+       struct smb_composite_connect io;
+       struct smbcli_options smb_options;
+       const char **host_list;
+       NTSTATUS status;
+
+       /* Make a connection to the target server, found by 'password server' in smb.conf */
+       
+       lp_smbcli_options(ctx->auth_ctx->lp_ctx, &smb_options);
+
+       /* Make a negprot, WITHOUT SPNEGO, so we get a challenge nice an easy */
+       io.in.options.use_spnego = false;
+
+       /* Hope we don't get * (the default), as this won't work... */
+       host_list = lp_passwordserver(ctx->auth_ctx->lp_ctx); 
+       if (!host_list) {
+               return NT_STATUS_INTERNAL_ERROR;
+       }
+       io.in.dest_host = host_list[0];
+       if (strequal(io.in.dest_host, "*")) {
+               return NT_STATUS_INTERNAL_ERROR;
+       }
+       io.in.dest_ports = lp_smb_ports(ctx->auth_ctx->lp_ctx); 
+
+       io.in.called_name = strupper_talloc(mem_ctx, io.in.dest_host);
+
+       /* We don't want to get as far as the session setup */
+       io.in.credentials = NULL;
+       io.in.service = NULL;
+
+       io.in.workgroup = ""; /* only used with SPNEGO, disabled above */
+
+       io.in.options = smb_options;
+
+       status = smb_composite_connect(&io, mem_ctx, lp_resolve_context(ctx->auth_ctx->lp_ctx),
+                                      ctx->auth_ctx->event_ctx);
+       if (!NT_STATUS_IS_OK(status)) {
+               *_blob = io.out.tree->session->transport->negotiate.secblob;
+               ctx->private_data = talloc_steal(ctx, io.out.tree->session);
+       }
+       return NT_STATUS_OK;
+}
+
+/** 
+ * Return an error based on username
+ *
+ * This function allows the testing of obsure errors, as well as the generation
+ * of NT_STATUS -> DOS error mapping tables.
+ *
+ * This module is of no value to end-users.
+ *
+ * The password is ignored.
+ *
+ * @return An NTSTATUS value based on the username
+ **/
+
+static NTSTATUS server_check_password(struct auth_method_context *ctx,
+                                     TALLOC_CTX *mem_ctx,
+                                     const struct auth_usersupplied_info *user_info, 
+                                     struct auth_serversupplied_info **_server_info)
+{
+       NTSTATUS nt_status;
+       struct auth_serversupplied_info *server_info;
+       struct cli_credentials *creds;
+       const char *user;
+       struct smb_composite_sesssetup session_setup;
+
+       struct smbcli_session *session = talloc_get_type(ctx->private_data, struct smbcli_session);
+
+       creds = cli_credentials_init(mem_ctx);
+
+       NT_STATUS_HAVE_NO_MEMORY(creds);
+       
+       cli_credentials_set_username(creds, user_info->client.account_name, CRED_SPECIFIED);
+       cli_credentials_set_domain(creds, user_info->client.domain_name, CRED_SPECIFIED);
+
+       switch (user_info->password_state) {
+       case AUTH_PASSWORD_PLAIN:
+               cli_credentials_set_password(creds, user_info->password.plaintext, 
+                                            CRED_SPECIFIED);
+               break;
+       case AUTH_PASSWORD_HASH:
+               cli_credentials_set_nt_hash(creds, user_info->password.hash.nt,
+                                           CRED_SPECIFIED);
+               break;
+               
+       case AUTH_PASSWORD_RESPONSE:
+               cli_credentials_set_ntlm_response(creds, &user_info->password.response.lanman, &user_info->password.response.nt, CRED_SPECIFIED);
+               break;
+       }
+
+       session_setup.in.sesskey = session->transport->negotiate.sesskey;
+       session_setup.in.capabilities = session->transport->negotiate.capabilities;
+
+       session_setup.in.credentials = creds;
+       session_setup.in.workgroup = ""; /* Only used with SPNEGO, which we are not doing */
+
+       /* Check password with remove server - this should be async some day */
+       nt_status = smb_composite_sesssetup(session, &session_setup);
+
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               return nt_status;
+       }
+
+       server_info = talloc(mem_ctx, struct auth_serversupplied_info);
+       NT_STATUS_HAVE_NO_MEMORY(server_info);
+
+       server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
+
+       /* is this correct? */
+       server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
+
+       server_info->n_domain_groups = 0;
+       server_info->domain_groups = NULL;
+
+       /* annoying, but the Anonymous really does have a session key, 
+          and it is all zeros! */
+       server_info->user_session_key = data_blob(NULL, 0);
+       server_info->lm_session_key = data_blob(NULL, 0);
+
+       server_info->account_name = talloc_strdup(server_info, user_info->client.account_name);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
+
+       server_info->domain_name = talloc_strdup(server_info, user_info->client.domain_name);
+       NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
+
+       server_info->full_name = NULL;
+
+       server_info->logon_script = talloc_strdup(server_info, "");
+       NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
+
+       server_info->profile_path = talloc_strdup(server_info, "");
+       NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
+
+       server_info->home_directory = talloc_strdup(server_info, "");
+       NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
+
+       server_info->home_drive = talloc_strdup(server_info, "");
+       NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
+
+       server_info->last_logon = 0;
+       server_info->last_logoff = 0;
+       server_info->acct_expiry = 0;
+       server_info->last_password_change = 0;
+       server_info->allow_password_change = 0;
+       server_info->force_password_change = 0;
+
+       server_info->logon_count = 0;
+       server_info->bad_password_count = 0;
+
+       server_info->acct_flags = ACB_NORMAL;
+
+       server_info->authenticated = false;
+
+       *_server_info = server_info;
+
+       return nt_status;
+}
+
+static const struct auth_operations server_auth_ops = {
+       .name           = "server",
+       .get_challenge  = server_get_challenge,
+       .want_check     = server_want_check,
+       .check_password = server_check_password
+};
+
+_PUBLIC_ NTSTATUS auth_server_init(void)
+{
+       NTSTATUS ret;
+
+       ret = auth_register(&server_auth_ops);
+       if (!NT_STATUS_IS_OK(ret)) {
+               DEBUG(0,("Failed to register 'server' auth backend!\n"));
+               return ret;
+       }
+
+       return ret;
+}
similarity index 96%
rename from source4/auth/auth_simple.c
rename to source4/auth/ntlm/auth_simple.c
index 50be02a35334e86c549ca254d41e92cf49e22a7b..e7039c36575fb529e3ede16318eb017636438f6c 100644 (file)
@@ -90,7 +90,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
        }
 
        if (session_info) {
-               nt_status = auth_generate_session_info(tmp_ctx, lp_ctx, server_info, session_info);
+               nt_status = auth_generate_session_info(tmp_ctx, ev, lp_ctx, server_info, session_info);
 
                if (NT_STATUS_IS_OK(nt_status)) {
                        talloc_steal(mem_ctx, *session_info);
similarity index 99%
rename from source4/auth/auth_unix.c
rename to source4/auth/ntlm/auth_unix.c
index a4171070257e5b55ba4cb2786be65c5c8a441531..1717b9d0e180954caf1d85694bfd4c01b9c675e9 100644 (file)
 
 #include "includes.h"
 #include "auth/auth.h"
-#include "auth/auth_proto.h"
+#include "auth/ntlm/auth_proto.h"
 #include "system/passwd.h" /* needed by some systems for struct passwd */
 #include "lib/socket/socket.h" 
-#include "auth/pam_errors.h"
+#include "auth/ntlm/pam_errors.h"
 #include "param/param.h"
 
 /* TODO: look at how to best fill in parms retrieveing a struct passwd info
similarity index 99%
rename from source4/auth/auth_winbind.c
rename to source4/auth/ntlm/auth_winbind.c
index 149f549afa129ec7718f2dff0ed495155d85d9e1..ac63b242e49901d3c43ce8699c5646eabbe4c018 100644 (file)
@@ -23,7 +23,7 @@
 
 #include "includes.h"
 #include "auth/auth.h"
-#include "auth/auth_proto.h"
+#include "auth/ntlm/auth_proto.h"
 #include "auth/session_proto.h"
 #include "nsswitch/winbind_client.h"
 #include "librpc/gen_ndr/ndr_netlogon.h"
diff --git a/source4/auth/ntlm/config.mk b/source4/auth/ntlm/config.mk
new file mode 100644 (file)
index 0000000..f31c2b7
--- /dev/null
@@ -0,0 +1,86 @@
+# NTLM auth server subsystem
+
+[SUBSYSTEM::ntlm_check]
+PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL
+
+ntlm_check_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, ntlm_check.o)
+
+#######################
+# Start MODULE auth_sam
+[MODULE::auth_sam_module]
+# gensec_krb5 and gensec_gssapi depend on it
+INIT_FUNCTION = auth_sam_init
+SUBSYSTEM = auth
+PRIVATE_DEPENDENCIES = \
+               SAMDB auth_sam ntlm_check
+# End MODULE auth_sam
+#######################
+
+auth_sam_module_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth_sam.o)
+
+#######################
+# Start MODULE auth_anonymous
+[MODULE::auth_anonymous]
+INIT_FUNCTION = auth_anonymous_init
+SUBSYSTEM = auth
+# End MODULE auth_anonymous
+#######################
+
+auth_anonymous_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth_anonymous.o)
+
+#######################
+# Start MODULE auth_anonymous
+[MODULE::auth_server]
+INIT_FUNCTION = auth_server_init
+SUBSYSTEM = auth
+PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL LIBCLI_SMB
+OUTPUT_TYPE = SHARED_LIBRARY
+# End MODULE auth_server
+#######################
+
+auth_server_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth_server.o)
+
+#######################
+# Start MODULE auth_winbind
+[MODULE::auth_winbind]
+INIT_FUNCTION = auth_winbind_init
+SUBSYSTEM = auth
+PRIVATE_DEPENDENCIES = NDR_WINBIND MESSAGING LIBWINBIND-CLIENT
+# End MODULE auth_winbind
+#######################
+
+auth_winbind_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth_winbind.o)
+
+#######################
+# Start MODULE auth_developer
+[MODULE::auth_developer]
+INIT_FUNCTION = auth_developer_init
+SUBSYSTEM = auth
+# End MODULE auth_developer
+#######################
+
+auth_developer_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth_developer.o)
+
+[MODULE::auth_unix]
+INIT_FUNCTION = auth_unix_init
+SUBSYSTEM = auth
+PRIVATE_DEPENDENCIES = CRYPT PAM PAM_ERRORS NSS_WRAPPER
+
+auth_unix_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth_unix.o)
+
+[SUBSYSTEM::PAM_ERRORS]
+
+#VERSION = 0.0.1
+#SO_VERSION = 0
+PAM_ERRORS_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, pam_errors.o)
+
+[MODULE::auth]
+INIT_FUNCTION = server_service_auth_init
+SUBSYSTEM = service
+PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL LIBSECURITY SAMDB CREDENTIALS 
+
+auth_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth.o auth_util.o auth_simple.o)
+$(eval $(call proto_header_template,$(authsrcdir)/auth_proto.h,$(auth_OBJ_FILES:.o=.c)))
+
+# PUBLIC_HEADERS += auth/auth.h
+
similarity index 99%
rename from source4/auth/ntlm_check.c
rename to source4/auth/ntlm/ntlm_check.c
index 55f2595f44bab88a11543f456514ac61f1641efd..0dbbce0edc5c09e63f9a26d3f97d810f994e0c86 100644 (file)
@@ -24,6 +24,7 @@
 #include "librpc/gen_ndr/netlogon.h"
 #include "libcli/auth/libcli_auth.h"
 #include "param/param.h"
+#include "auth/ntlm/ntlm_check.h"
 
 /****************************************************************************
  Core of smb password checking routine.
diff --git a/source4/auth/ntlm/ntlm_check.h b/source4/auth/ntlm/ntlm_check.h
new file mode 100644 (file)
index 0000000..eb115b7
--- /dev/null
@@ -0,0 +1,75 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Password and authentication handling
+   Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2004
+   Copyright (C) Gerald Carter                             2003
+   Copyright (C) Luke Kenneth Casson Leighton         1996-2000
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+
+/**
+ * Compare password hashes against those from the SAM
+ *
+ * @param mem_ctx talloc context
+ * @param client_lanman LANMAN password hash, as supplied by the client
+ * @param client_nt NT (MD4) password hash, as supplied by the client
+ * @param username internal Samba username, for log messages
+ * @param client_username username the client used
+ * @param client_domain domain name the client used (may be mapped)
+ * @param stored_lanman LANMAN password hash, as stored on the SAM
+ * @param stored_nt NT (MD4) password hash, as stored on the SAM
+ * @param user_sess_key User session key
+ * @param lm_sess_key LM session key (first 8 bytes of the LM hash)
+ */
+
+NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
+                            struct loadparm_context *lp_ctx, 
+                            const struct samr_Password *client_lanman,
+                            const struct samr_Password *client_nt,
+                            const char *username, 
+                            const struct samr_Password *stored_lanman, 
+                            const struct samr_Password *stored_nt);
+
+/**
+ * Check a challenge-response password against the value of the NT or
+ * LM password hash.
+ *
+ * @param mem_ctx talloc context
+ * @param challenge 8-byte challenge.  If all zero, forces plaintext comparison
+ * @param nt_response 'unicode' NT response to the challenge, or unicode password
+ * @param lm_response ASCII or LANMAN response to the challenge, or password in DOS code page
+ * @param username internal Samba username, for log messages
+ * @param client_username username the client used
+ * @param client_domain domain name the client used (may be mapped)
+ * @param stored_lanman LANMAN ASCII password from our passdb or similar
+ * @param stored_nt MD4 unicode password from our passdb or similar
+ * @param user_sess_key User session key
+ * @param lm_sess_key LM session key (first 8 bytes of the LM hash)
+ */
+
+NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
+                            struct loadparm_context *lp_ctx,
+                            uint32_t logon_parameters,
+                            const DATA_BLOB *challenge,
+                            const DATA_BLOB *lm_response,
+                            const DATA_BLOB *nt_response,
+                            const char *username, 
+                            const char *client_username, 
+                            const char *client_domain,
+                            const struct samr_Password *stored_lanman, 
+                            const struct samr_Password *stored_nt, 
+                            DATA_BLOB *user_sess_key, 
+                            DATA_BLOB *lm_sess_key);
diff --git a/source4/auth/ntlm/pam_errors.h b/source4/auth/ntlm/pam_errors.h
new file mode 100644 (file)
index 0000000..959e1f3
--- /dev/null
@@ -0,0 +1,47 @@
+/* 
+ *  Unix SMB/CIFS implementation.
+ *  PAM error mapping functions
+ *  Copyright (C) Andrew Bartlett 2002
+ *  
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 3 of the License, or
+ *  (at your option) any later version.
+ *  
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *  
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef __AUTH_NTLM_PAM_ERRORS_H__
+#define __AUTH_NTLM_PAM_ERRORS_H__
+
+/* The following definitions come from auth/pam_errors.c  */
+
+
+/*****************************************************************************
+convert a PAM error to a NT status32 code
+ *****************************************************************************/
+NTSTATUS pam_to_nt_status(int pam_error);
+
+/*****************************************************************************
+convert an NT status32 code to a PAM error
+ *****************************************************************************/
+int nt_status_to_pam(NTSTATUS nt_status);
+
+/*****************************************************************************
+convert a PAM error to a NT status32 code
+ *****************************************************************************/
+NTSTATUS pam_to_nt_status(int pam_error);
+
+/*****************************************************************************
+convert an NT status32 code to a PAM error
+ *****************************************************************************/
+int nt_status_to_pam(NTSTATUS nt_status);
+
+#endif /* __AUTH_NTLM_PAM_ERRORS_H__ */
+
index 9033384b1f73e5d7e3ab121f463790e5d04c50ed..129f58de8303ac3f553c137c72ef4c808aeeeacc 100644 (file)
@@ -1,18 +1,19 @@
 [SUBSYSTEM::MSRPC_PARSE]
-PRIVATE_PROTO_HEADER = msrpc_parse.h
-OBJ_FILES = ntlmssp_parse.o
+
+MSRPC_PARSE_OBJ_FILES = $(addprefix $(authsrcdir)/ntlmssp/, ntlmssp_parse.o)
+
+$(eval $(call proto_header_template,$(authsrcdir)/ntlmssp/msrpc_parse.h,$(MSRPC_PARSE_OBJ_FILES:.o=.c)))
 
 ################################################
 # Start MODULE gensec_ntlmssp
 [MODULE::gensec_ntlmssp]
 SUBSYSTEM = gensec
 INIT_FUNCTION = gensec_ntlmssp_init
-PRIVATE_PROTO_HEADER = proto.h
-OBJ_FILES = ntlmssp.o \
-               ntlmssp_sign.o \
-               ntlmssp_client.o \
-               ntlmssp_server.o
-PRIVATE_DEPENDENCIES = MSRPC_PARSE CREDENTIALS
+PRIVATE_DEPENDENCIES = MSRPC_PARSE CREDENTIALS auth
 OUTPUT_TYPE = MERGED_OBJ
 # End MODULE gensec_ntlmssp
 ################################################
+
+gensec_ntlmssp_OBJ_FILES = $(addprefix $(authsrcdir)/ntlmssp/, ntlmssp.o ntlmssp_sign.o ntlmssp_client.o ntlmssp_server.o) 
+
+$(eval $(call proto_header_template,$(authsrcdir)/ntlmssp/proto.h,$(gensec_ntlmssp_OBJ_FILES:.o=.c)))
index 64bfebd3d1fde597badc357881154b22aee2f7dc..0b7f0da9afc8c4e369cb1d37745e65bfa96286a2 100644 (file)
@@ -29,7 +29,7 @@
 #include "auth/gensec/gensec.h"
 #include "auth/gensec/gensec_proto.h"
 #include "auth/auth.h"
-#include "auth/auth_proto.h"
+#include "auth/ntlm/auth_proto.h"
 #include "param/param.h"
 
 /**
index 12802b7e79c0d9b90e4130006676a377ed79032a..dfc5940d992f4204f584951e76af6985b9837912 100644 (file)
@@ -30,7 +30,7 @@
 #include "auth/credentials/credentials.h"
 #include "auth/gensec/gensec.h"
 #include "auth/auth.h"
-#include "auth/auth_proto.h"
+#include "auth/ntlm/auth_proto.h"
 #include "param/param.h"
 #include "auth/session_proto.h"
 
@@ -725,7 +725,7 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security,
        NTSTATUS nt_status;
        struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
 
-       nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->lp_ctx, gensec_ntlmssp_state->server_info, session_info);
+       nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->lp_ctx, gensec_ntlmssp_state->server_info, session_info);
        NT_STATUS_NOT_OK_RETURN(nt_status);
 
        (*session_info)->session_key = data_blob_talloc(*session_info, 
index ed44754993b36e9fedf1130d1d2012b10b6a8208..a2090afcdc53372ee1e1e559b2b668ccaa4506a0 100644 (file)
@@ -428,6 +428,7 @@ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
                                   
 /* Used in the gensec_gssapi and gensec_krb5 server-side code, where the PAC isn't available */
 NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx, 
+                                      struct event_context *event_ctx,
                                       struct loadparm_context *lp_ctx,
                                       const char *principal,
                                       struct auth_serversupplied_info **server_info)
@@ -445,7 +446,7 @@ NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx,
                return NT_STATUS_NO_MEMORY;
        }
 
-       sam_ctx = samdb_connect(tmp_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx));
+       sam_ctx = samdb_connect(tmp_ctx, event_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx));
        if (sam_ctx == NULL) {
                talloc_free(tmp_ctx);
                return NT_STATUS_INVALID_SYSTEM_SERVICE;
index 112eac95d84aec38c4a60c526a7cff1058f8846a..8f5e8d6c5612685b7c04512cd733efad4b0d2025 100644 (file)
 #include "auth/session_proto.h"
 
 _PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx, 
+                                           struct event_context *event_ctx, 
                                            struct loadparm_context *lp_ctx) 
 {
        NTSTATUS nt_status;
        struct auth_session_info *session_info = NULL;
-       nt_status = auth_anonymous_session_info(mem_ctx, lp_ctx, &session_info);
+       nt_status = auth_anonymous_session_info(mem_ctx, event_ctx, lp_ctx, &session_info);
        if (!NT_STATUS_IS_OK(nt_status)) {
                return NULL;
        }
@@ -43,6 +44,7 @@ _PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
 }
 
 _PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, 
+                                    struct event_context *event_ctx, 
                                     struct loadparm_context *lp_ctx,
                                     struct auth_session_info **_session_info) 
 {
@@ -60,7 +62,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
        }
 
        /* references the server_info into the session_info */
-       nt_status = auth_generate_session_info(parent_ctx, lp_ctx, server_info, &session_info);
+       nt_status = auth_generate_session_info(parent_ctx, event_ctx, lp_ctx, server_info, &session_info);
        talloc_free(mem_ctx);
 
        NT_STATUS_NOT_OK_RETURN(nt_status);
@@ -151,6 +153,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
 }
 
 _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, 
+                                   struct event_context *event_ctx, 
                                    struct loadparm_context *lp_ctx,
                                    struct auth_serversupplied_info *server_info, 
                                    struct auth_session_info **_session_info) 
@@ -168,6 +171,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
        session_info->session_key = server_info->user_session_key;
 
        nt_status = security_token_create(session_info,
+                                         event_ctx,
                                          lp_ctx,
                                          server_info->account_sid,
                                          server_info->primary_group_sid,
index 87fc47791a9e446dd7569e3f2bfd4eef007886ca..933b14a1b4481dc96e93b34277c02473e5221193 100644 (file)
@@ -1,6 +1,6 @@
 /* 
    Unix SMB/CIFS implementation.
-   Auth session handling
+   Process and provide the logged on user's authorization token
    Copyright (C) Andrew Bartlett   2001
    Copyright (C) Stefan Metzmacher 2005
    
@@ -30,12 +30,23 @@ struct auth_session_info {
 
 #include "librpc/gen_ndr/netlogon.h"
 
-struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
+/* Create a security token for a session SYSTEM (the most
+ * trusted/prvilaged account), including the local machine account as
+ * the off-host credentials */
 struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx) ;
+
+/*
+ * Create a system session, but with anonymous credentials (so we do
+ * not need to open secrets.ldb) 
+ */
+struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
+
+
 NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx, 
                                    const char *netbios_name,
                                    struct auth_serversupplied_info **_server_info) ;
 NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, 
+                                   struct event_context *event_ctx,
                                    struct loadparm_context *lp_ctx,
                                    struct auth_serversupplied_info *server_info, 
                                    struct auth_session_info **_session_info) ;
@@ -46,10 +57,12 @@ NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
                                              union netr_Validation *validation,
                                              struct auth_serversupplied_info **_server_info);
 NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, 
+                                    struct event_context *ev_ctx,
                                     struct loadparm_context *lp_ctx,
                                     struct auth_session_info **_session_info);
 
 struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx, 
+                                           struct event_context *event_ctx,
                                            struct loadparm_context *lp_ctx);
 
 
index e99bbbb1abbd9309421b3ba832c4fdd845f29256..1d227fe46822fffd3363a510156a29984aa0b2fe 100644 (file)
@@ -147,9 +147,10 @@ static NTSTATUS generate_session_info(TALLOC_CTX *mem_ctx,
 
 
 
-/**
-  Create a system session, with machine account credentials
-*/
+/* Create a security token for a session SYSTEM (the most
+ * trusted/prvilaged account), including the local machine account as
+ * the off-host credentials
+ */ 
 _PUBLIC_ struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx) 
 {
        NTSTATUS nt_status;
index 4a4b12bf69e77670dfdabd4343c87225ce67dfb3..b7a5994675961ed294de59c84c17def56efd4a3f 100644 (file)
@@ -24,7 +24,7 @@ the functionality, that's already done in other tests.
 """
 
 import unittest
-import auth
+from samba import auth
 
 class AuthTests(unittest.TestCase):
     def test_system_session(self):
index 0d0742e5d22a8bc99178c30b970e5905a5ea2b93..3a74ffc239505b6a080f08d3dab3920f14b3eb0b 100644 (file)
@@ -151,36 +151,12 @@ if test $BLDSHARED = true; then
                                ac_cv_shmod_works=yes
                        rm -f shlib.${SHLIBEXT} shlib.o
        ])
-       if test $ac_cv_shlib_works = no -o $ac_cv_shmod_works = no; then
-               BLDSHARED=false
+       if test $ac_cv_shlib_works = no; then
+               AC_MSG_ERROR(unable to build shared libraries)
+       fi
+       if test $ac_cv_shmod_works = no; then
+               AC_MSG_ERROR(unable to build shared modules)
        fi
-fi
-
-if test $BLDSHARED != true; then
-       SHLD="shared-libraries-disabled"
-       SHLD_FLAGS="shared-libraries-disabled"
-       MDLD="shared-modules-disabled"
-       MDLD_FLAGS="shared-modules-disabled"
-       SHLIBEXT="shared_libraries_disabled"
-       SONAMEFLAG="shared-libraries-disabled"
-       PICFLAG=""
-       AC_MSG_CHECKING([SHLD])
-       AC_MSG_RESULT([$SHLD])
-       AC_MSG_CHECKING([SHLD_FLAGS])
-       AC_MSG_RESULT([$SHLD_FLAGS])
-
-       AC_MSG_CHECKING([MDLD])
-       AC_MSG_RESULT([$MDLD])
-       AC_MSG_CHECKING([MDLD_FLAGS])
-       AC_MSG_RESULT([$MDLD_FLAGS])
-
-       AC_MSG_CHECKING([SHLIBEXT])
-       AC_MSG_RESULT([$SHLIBEXT])
-       AC_MSG_CHECKING([SONAMEFLAG])
-       AC_MSG_RESULT([$SONAMEFLAG])
-
-       AC_MSG_CHECKING([PICFLAG])
-       AC_MSG_RESULT([$PICFLAG])
 fi
 
 AC_DEFINE_UNQUOTED(SHLIBEXT, "$SHLIBEXT", [Shared library extension])
index eb673446c7af1e1d5024184b8718f3d8e5576f1a..d932f09a694e71a404b4dcfbf0f824837da24edf 100644 (file)
@@ -4,8 +4,6 @@ dnl Copyright (C) 2004 Stefan Metzmacher
 dnl Copyright (C) 2004-2005 Jelmer Vernooij
 dnl Published under the GPL
 dnl
-dnl SMB_SUBSYSTEM(name,obj_files,required_subsystems)
-dnl
 dnl SMB_EXT_LIB_FROM_PKGCONFIG(name,pkg-config name,[ACTION-IF-FOUND],[ACTION-IF-NOT-FOUND])
 dnl
 dnl SMB_EXT_LIB(name,libs,cflags,cppflags,ldflags)
@@ -14,6 +12,10 @@ dnl SMB_ENABLE(name,default_build)
 dnl
 dnl SMB_INCLUDE_MK(file)
 dnl
+dnl SMB_WRITE_MAKEVARS(file)
+dnl
+dnl SMB_WRITE_PERLVARS(file)
+dnl
 dnl #######################################################
 dnl ### And now the implementation                     ###
 dnl #######################################################
@@ -22,16 +24,15 @@ dnl SMB_SUBSYSTEM(name,obj_files,required_subsystems,cflags)
 AC_DEFUN([SMB_SUBSYSTEM],
 [
 MAKE_SETTINGS="$MAKE_SETTINGS
-$1_OBJ_FILES = $2
 $1_CFLAGS = $4
 $1_ENABLE = YES
+$1_OBJ_FILES = $2
 "
 
 SMB_INFO_SUBSYSTEMS="$SMB_INFO_SUBSYSTEMS
 ###################################
 # Start Subsystem $1
 @<:@SUBSYSTEM::$1@:>@
-OBJ_FILES = \$($1_OBJ_FILES)
 PRIVATE_DEPENDENCIES = $3
 CFLAGS = \$($1_CFLAGS)
 ENABLE = YES
@@ -40,24 +41,21 @@ ENABLE = YES
 "
 ])
 
-dnl SMB_LIBRARY(name,obj_files,required_subsystems,version,so_version,cflags,ldflags)
+dnl SMB_LIBRARY(name,obj_files,required_subsystems,cflags,ldflags)
 AC_DEFUN([SMB_LIBRARY],
 [
 MAKE_SETTINGS="$MAKE_SETTINGS
-$1_OBJ_FILES = $2
 $1_CFLAGS = $6
 $1_LDFLAGS = $7
-$1_ENABLE = YES
+n1_ENABLE = YES
+$1_OBJ_FILES = $2
 "
 
 SMB_INFO_LIBRARIES="$SMB_INFO_LIBRARIES
 ###################################
 # Start Library $1
 @<:@LIBRARY::$1@:>@
-OBJ_FILES = \$($1_OBJ_FILES)
 PRIVATE_DEPENDENCIES = $3
-VERSION = $4
-SO_VERSION = $5 
 CFLAGS = \$($1_CFLAGS)
 LDFLAGS = \$($1_LDFLAGS)
 ENABLE = YES
@@ -156,3 +154,70 @@ $1_ENABLE = $2
 SMB_INFO_ENABLES="$SMB_INFO_ENABLES
 \$enabled{$1} = \"$2\";"
 ])
+
+dnl SMB_WRITE_MAKEVARS(path)
+AC_DEFUN([SMB_WRITE_MAKEVARS],
+[
+echo "configure: creating $1"
+cat >$1<<CEOF
+# $1 - Autogenerated by configure, DO NOT EDIT!
+AC_FOREACH([AC_Var], m4_defn([_AC_SUBST_VARS]), [
+AC_Var = $AC_Var])
+$MAKE_SETTINGS
+CEOF
+])
+
+dnl SMB_WRITE_PERLVARS(path)
+AC_DEFUN([SMB_WRITE_PERLVARS],
+[
+echo "configure: creating $1"
+cat >$1<<CEOF
+# config.pm - Autogenerate by configure. DO NOT EDIT!
+
+package config;
+require Exporter;
+@ISA = qw(Exporter);
+@EXPORT_OK = qw(%enabled %config);
+use strict;
+
+use vars qw(%enabled %config);
+
+%config = (AC_FOREACH([AC_Var], m4_defn([_AC_SUBST_VARS]), [
+       AC_Var => '$AC_Var',])
+);
+
+$SMB_INFO_ENABLES
+1;
+CEOF
+])
+
+dnl SMB_BUILD_RUN(OUTPUT_FILE)
+AC_DEFUN([SMB_BUILD_RUN],
+[
+AC_OUTPUT_COMMANDS(
+[
+test "x$ac_abs_srcdir" != "x$ac_abs_builddir" && (
+       cd $builddir;
+       # NOTE: We *must* use -R so we don't follow symlinks (at least on BSD
+       # systems).
+       test -d heimdal || cp -R $srcdir/heimdal $builddir/
+       test -d heimdal_build || cp -R $srcdir/heimdal_build $builddir/
+       test -d build || builddir="$builddir" \
+                       srcdir="$srcdir" \
+                       $PERL ${srcdir}/script/buildtree.pl
+ )
+
+$PERL -I${builddir} -I${builddir}/build \
+    -I${srcdir} -I${srcdir}/build \
+    ${srcdir}/build/smb_build/main.pl --output=$1 main.mk || exit $?
+],
+[
+srcdir="$srcdir"
+builddir="$builddir"
+PERL="$PERL"
+
+export PERL
+export srcdir
+export builddir
+])
+])
diff --git a/source4/build/make/python.mk b/source4/build/make/python.mk
new file mode 100644 (file)
index 0000000..66e5def
--- /dev/null
@@ -0,0 +1,66 @@
+pythonbuilddir = $(builddir)/bin/python
+
+installpython::
+       mkdir -p $(DESTDIR)$(pythondir)
+
+# Install Python
+# Arguments: Module path
+define python_module_template
+
+installpython:: $$(pythonbuilddir)/$(1) ;
+       mkdir -p $$(DESTDIR)$$(pythondir)/$$(dir $(1))
+       cp $$< $$(DESTDIR)$$(pythondir)/$(1)
+
+uninstallpython:: 
+       rm -f $$(DESTDIR)$$(pythondir)/$(1) ;
+
+pythonmods:: $$(pythonbuilddir)/$(1) ;
+
+endef
+
+define python_py_module_template
+
+$$(pythonbuilddir)/$(1): $(2) ;
+       mkdir -p $$(@D)
+       cp $$< $$@
+
+$(call python_module_template,$(1))
+
+endef
+
+# Python C module
+# Arguments: File name, dependencies, link list
+define python_c_module_template
+
+$$(pythonbuilddir)/$(1): $(2) ; 
+       @echo Linking $$@
+       @mkdir -p $$(@D)
+       @$$(MDLD) $$(LDFLAGS) $$(MDLD_FLAGS) $$(INTERN_LDFLAGS) -o $$@ $$(INSTALL_LINK_FLAGS) $(3)
+
+$(call python_module_template,$(1))
+endef
+
+# Swig extensions
+swig:: pythonmods
+
+.SUFFIXES: _wrap.c .i .py
+
+%_wrap.c %.py: %.i
+       [ "$(SWIG)" == "no" ] || $(SWIG) -O -Wall -I$(srcdir)/scripting/swig -python -keyword $<
+
+realdistclean::
+       @echo "Removing SWIG output files"
+       # FIXME: Remove _wrap.c files
+
+pythonmods::
+
+clean::
+       @echo "Removing python modules"
+       @rm -rf $(pythonbuilddir)
+
+pydoctor:: pythonmods
+       LD_LIBRARY_PATH=bin/shared PYTHONPATH=$(pythonbuilddir) pydoctor --project-name=Samba --project-url=http://www.samba.org --make-html --docformat=restructuredtext --add-package $(pythonbuilddir)/samba
+
+bin/python/%.py: 
+       mkdir -p $(@D)
+       cp $< $@
similarity index 87%
rename from source4/rules.mk
rename to source4/build/make/rules.mk
index 5f91f8132e98cab1d9b22f3d22e8b3f8125747d1..176e67a691b77f40e85568b6bab9f9fbef9eb86c 100644 (file)
@@ -1,3 +1,6 @@
+# Rules file for Samba 4
+# This relies on GNU make.
+#
 # Dependencies command
 DEPENDS = $(CC) -M -MG -MP -MT $(<:.c=.o) -MT $@ \
     $(CFLAGS) $(CPPFLAGS) $< -o $@
@@ -26,22 +29,14 @@ PCHCOMPILE = @$(CC) -Ilib/replace \
 # Partial linking
 PARTLINK = @$(PROG_LD) -r
 
+make_utility_dir = $(srcdir)/build/make/
+
 include/config.h:
        @echo "include/config.h not present"
        @echo "You need to rerun ./autogen.sh and ./configure"
        @/bin/false
 
-$(srcdir)/version.h: $(srcdir)/VERSION
-       @$(SHELL) script/mkversion.sh VERSION $(srcdir)/version.h $(srcdir)/
-
-regen_version::
-       @$(SHELL) script/mkversion.sh VERSION $(srcdir)/version.h $(srcdir)/
-
-clean_pch::
-       @echo "Removing precompiled headers"
-       @-rm -f include/includes.h.gch
-
-pch:: clean_pch include/includes.h.gch
+pch::
 
 clean:: clean_pch
        @echo Removing objects
@@ -51,7 +46,7 @@ clean:: clean_pch
        @echo Removing binaries
        @-rm -f $(BIN_PROGS) $(SBIN_PROGS) $(BINARIES) $(TORTURE_PROGS)
        @echo Removing libraries
-       @-rm -f $(STATIC_LIBRARIES) $(SHARED_LIBRARIES)
+       @-rm -f $(STATIC_LIBS) $(SHARED_LIBS)
        @-rm -f bin/static/*.a bin/shared/*.$(SHLIBEXT) bin/mergedobj/*.o
        @echo Removing modules
        @-rm -f bin/modules/*/*.$(SHLIBEXT)
@@ -61,8 +56,6 @@ clean:: clean_pch
        @echo Removing generated files
        @-rm -f bin/*_init_module.c
        @-rm -rf librpc/gen_* 
-       @echo Removing proto headers
-       @-rm -f $(PROTO_HEADERS)
 
 distclean:: clean
        -rm -f include/config.h include/config_tmp.h include/build.h
@@ -93,6 +86,8 @@ unused_macros:
        @mkdir -p $(@D)
        @$(STLD) $(STLD_FLAGS) $@ $^
 
+include build/make/templates.mk
+
 ###############################################################################
 # File types
 ###############################################################################
@@ -120,17 +115,15 @@ include/includes.d: include/includes.h
        @-mkdir -p `dirname $@`
        @$(COMPILE) && exit 0 ; \
                echo "The following command failed:" 1>&2;\
-               $(COMPILE) >/dev/null 2>&1
-
+               echo "$(subst ",\",$(COMPILE))" 1>&2 && exit 1
 
-#              echo "$(COMPILE)" 1>&2;\
 
 .c.ho:
        @echo "Compiling $< with host compiler"
        @-mkdir -p `dirname $@`
        @$(HCOMPILE) && exit 0;\
                echo "The following command failed:" 1>&2;\
-               echo "$(HCOMPILE)" 1>&2;\
+               echo "$(subst ",\",$(HCOMPILE))" 1>&2;\
                $(HCOMPILE) >/dev/null 2>&1
 
 .h.h.gch:
@@ -139,11 +132,18 @@ include/includes.d: include/includes.h
 
 .y.c:
        @echo "Building $< with $(YACC)"
-       @-$(srcdir)/script/yacc_compile.sh "$(YACC)" "$<" "$@"
+       @-$(make_utility_dir)/yacc_compile.sh "$(YACC)" "$<" "$@"
 
 .l.c:
        @echo "Building $< with $(LEX)"
-       @-$(srcdir)/script/lex_compile.sh "$(LEX)" "$<" "$@"
+       @-$(make_utility_dir)/lex_compile.sh "$(LEX)" "$<" "$@"
+
+%.a:
+       @echo Linking $@
+       @rm -f $@
+       @mkdir -p $(@D)
+       @$(STLD) $(STLD_FLAGS) $@ $^
+
 
 DOCBOOK_MANPAGE_URL = http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl
 
diff --git a/source4/build/make/templates.mk b/source4/build/make/templates.mk
new file mode 100644 (file)
index 0000000..41a7ccd
--- /dev/null
@@ -0,0 +1,108 @@
+# Templates file for Samba 4
+# This relies on GNU make.
+#
+# © 2008 Jelmer Vernooij <jelmer@samba.org>
+#
+###############################################################################
+# Templates
+###############################################################################
+
+# Partially link
+# Arguments: target object file, source object files
+define partial_link_template 
+$(1): $(2) ;
+       @echo Partially linking $$@
+       @mkdir -p $$(@D)
+       $$(PARTLINK) -o $$@ $$^
+endef
+
+# Link a binary
+# Arguments: target file, depends, flags
+define binary_link_template
+$(1): $(2) ;
+       @echo Linking $$@
+       @$$(BNLD) $$(BNLD_FLAGS) $$(INTERN_LDFLAGS) -o $$@ $$(INSTALL_LINK_FLAGS) $(3)
+endef
+
+# Link a host-machine binary
+# Arguments: target file, depends, flags
+define host_binary_link_template
+$(1): $(2) ;
+       @echo Linking $$@
+       @$$(HOSTLD) $$(HOSTLD_FLAGS) -L$${builddir}/bin/static -o $$@ $$(INSTALL_LINK_FLAGS) $(3)
+endef
+
+# Create a prototype header
+# Arguments: header file, c files
+define proto_header_template
+
+proto:: $(1) ;
+
+clean:: ;
+       rm -f $(1)
+
+$(1): $(2) ;
+       @echo "Creating $$@"
+       @$$(PERL) $$(srcdir)/script/mkproto.pl --srcdir=$$(srcdir) --builddir=$$(builddir) --public=/dev/null --private=$$@ $$^
+
+endef
+
+# Shared module
+# Arguments: Target, dependencies, objects
+define shared_module_template
+
+$(1): $(2) ;
+       @echo Linking $$@
+       @mkdir -p $$(@D)
+       @$$(MDLD) $$(LDFLAGS) $$(MDLD_FLAGS) $$(INTERN_LDFLAGS) -o $$@ $$(INSTALL_LINK_FLAGS) $(3)
+
+endef
+
+# Shared library
+# Arguments: Target, dependencies, link flags, soname
+define shared_library_template
+$(1): $(2)
+       @echo Linking $$@
+       @mkdir -p $$(@D)
+       @$$(SHLD) $$(LDFLAGS) $$(SHLD_FLAGS) $$(INTERN_LDFLAGS) -o $$@ $$(INSTALL_LINK_FLAGS) \
+               $(3) \
+               $$(if $$(SONAMEFLAG), $$(SONAMEFLAG)$(notdir $(4)))
+
+ifneq ($(notdir $(1)),$(notdir $(4)))
+$(4): $(1)
+       @echo "Creating symbolic link for $$@"
+       @ln -fs $$(<F) $$@
+endif
+
+ifneq ($(notdir $(1)),$(notdir $(5)))
+$(5): $(1)
+       @echo "Creating symbolic link for $$@"
+       @ln -fs $$(<F) $$@
+endif
+endef
+
+# Shared alias
+# Arguments: Target, subsystem name, alias name
+define shared_module_alias_template
+bin/modules/$(2)/$(3).$$(SHLIBEXT): $(1)
+       @ln -fs $$(<F) $$@
+
+PLUGINS += bin/modules/$(2)/$(3).$$(SHLIBEXT)
+
+uninstallplugins::
+       @-rm $$(DESTDIR)$$(modulesdir)/$(2)/$(3).$$(SHLIBEXT)
+installplugins::
+       @ln -fs $(notdir $(1)) $$(DESTDIR)$$(modulesdir)/$(2)/$(3).$$(SHLIBEXT)
+
+endef
+
+define shared_module_install_template
+installplugins:: bin/modules/$(1)/$(2)
+       @echo Installing $(2) as $$(DESTDIR)$$(modulesdir)/$(1)/$(2)
+       @mkdir -p $$(DESTDIR)$$(modulesdir)/$(1)/
+       @cp bin/modules/$(1)/$(2) $$(DESTDIR)$$(modulesdir)/$(1)/$(2)
+uninstallplugins::
+       @echo Uninstalling $$(DESTDIR)$$(modulesdir)/$(1)/$(2)
+       @-rm $$(DESTDIR)$$(modulesdir)/$(1)/$(2)
+
+endef
index d8ec646910a49472634ae0240019ce8c62d88556..652a52fa60520f61b48769d6d5329fb46da99409 100644 (file)
@@ -20,24 +20,19 @@ my $section_types = {
                "LDFLAGS"               => "list",
                },
        "PYTHON" => {
-               SWIG_FILE => "string",
+               "LIBRARY_REALNAME" => "string",
                "PRIVATE_DEPENDENCIES"  => "list",
                "PUBLIC_DEPENDENCIES"   => "list",
-               "OBJ_FILES" => "list",
                "ENABLE"                => "bool",
                "LDFLAGS"               => "list",
                "CFLAGS"                => "list",
        },
        "SUBSYSTEM" => {
-               "OBJ_FILES"             => "list",
-
                "PRIVATE_DEPENDENCIES"  => "list",
                "PUBLIC_DEPENDENCIES"   => "list",
 
                "ENABLE"                => "bool",
 
-               "PRIVATE_PROTO_HEADER"  => "string",
-
                "CFLAGS"                => "list",
                "LDFLAGS"               => "list",
                "STANDARD_VISIBILITY"   => "string",
@@ -47,7 +42,6 @@ my $section_types = {
                "SUBSYSTEM"             => "string",
 
                "INIT_FUNCTION"         => "string",
-               "OBJ_FILES"             => "list",
 
                "PRIVATE_DEPENDENCIES"  => "list",
 
@@ -57,20 +51,15 @@ my $section_types = {
 
                "OUTPUT_TYPE"           => "list",
 
-               "PRIVATE_PROTO_HEADER"  => "string",
-
                "CFLAGS"                => "list"
                },
        "BINARY" => {
-               "OBJ_FILES"             => "list",
 
                "PRIVATE_DEPENDENCIES"  => "list",
 
                "ENABLE"                => "bool",
 
                "INSTALLDIR"            => "string",
-               "PRIVATE_PROTO_HEADER"  => "string",
-
                "CFLAGS"                => "list",
                "LDFLAGS"               => "list",
                "STANDARD_VISIBILITY"   => "string",
@@ -78,25 +67,17 @@ my $section_types = {
                "USE_HOSTCC"            => "bool"
                },
        "LIBRARY" => {
-               "VERSION"               => "string",
-               "SO_VERSION"            => "string",
                "LIBRARY_REALNAME" => "string",
 
-               "PC_FILE" => "string",
-               
                "INIT_FUNCTION_TYPE"    => "string",
                "INIT_FUNCTION_SENTINEL" => "string",
                "OUTPUT_TYPE"           => "list",
 
-               "OBJ_FILES"             => "list",
-
                "PRIVATE_DEPENDENCIES"  => "list",
                "PUBLIC_DEPENDENCIES"   => "list",
 
                "ENABLE"                => "bool",
 
-               "PRIVATE_PROTO_HEADER"  => "string",
-
                "CFLAGS"                => "list",
                "LDFLAGS"               => "list",
                "STANDARD_VISIBILITY"   => "string"
@@ -107,14 +88,11 @@ use vars qw(@parsed_files);
 
 @parsed_files = ();
 
-sub _read_config_file
+sub _read_config_file($$$)
 {
-       use File::Basename;
        use Cwd;
 
-       my $srcdir = shift;
-       my $builddir = shift;
-       my $filename = shift;
+       my ($srcdir, $builddir, $filename) = @_;
        my @dirlist;
 
        # We need to change our working directory because config.mk files can
@@ -219,10 +197,13 @@ sub run_config_mk($$$$)
                        $prev = "";
                }
 
-               if ($line =~ /^\[([-a-zA-Z0-9_:]+)\][\t ]*$/) 
+               if ($line =~ /^\[([-a-zA-Z0-9_.:]+)\][\t ]*$/) 
                {
                        $section = $1;
                        $infragment = 0;
+
+                       $result->{$section}{EXISTS}{KEY} = "EXISTS";
+                 &n