2 Unix SMB/CIFS implementation.
4 Database Glue between Samba and the KDC
6 Copyright (C) Guenther Deschner <gd@samba.org> 2014
7 Copyright (C) Andreas Schneider <asn@samba.org> 2014
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
28 #include "lib/krb5_wrap/krb5_samba.h"
29 #include "kdc/samba_kdc.h"
31 static void sdb_flags_to_hdb_flags(const struct SDBFlags *s,
34 SMB_ASSERT(sizeof(struct SDBFlags) == sizeof(HDBFlags));
36 h->initial = s->initial;
37 h->forwardable = s->forwardable;
38 h->proxiable = s->proxiable;
39 h->renewable = s->renewable;
40 h->postdate = s->postdate;
41 h->server = s->server;
42 h->client = s->client;
43 h->invalid = s->invalid;
44 h->require_preauth = s->require_preauth;
45 h->change_pw = s->change_pw;
46 h->require_hwauth = s->require_hwauth;
47 h->ok_as_delegate = s->ok_as_delegate;
48 h->user_to_user = s->user_to_user;
49 h->immutable = s->immutable;
50 h->trusted_for_delegation = s->trusted_for_delegation;
51 h->allow_kerberos4 = s->allow_kerberos4;
52 h->allow_digest = s->allow_digest;
53 h->locked_out = s->locked_out;
54 h->_unused18 = s->_unused18;
55 h->_unused19 = s->_unused19;
56 h->_unused20 = s->_unused20;
57 h->_unused21 = s->_unused21;
58 h->_unused22 = s->_unused22;
59 h->_unused23 = s->_unused23;
60 h->_unused24 = s->_unused24;
61 h->_unused25 = s->_unused25;
62 h->_unused26 = s->_unused26;
63 h->_unused27 = s->_unused27;
64 h->_unused28 = s->_unused28;
65 h->_unused29 = s->_unused29;
66 h->_unused30 = s->_unused30;
67 h->do_not_store = s->do_not_store;
70 static int sdb_salt_to_Salt(const struct sdb_salt *s, Salt *h)
75 ret = krb5_copy_data_contents(&h->salt, s->salt.data, s->salt.length);
85 static int sdb_key_to_Key(const struct sdb_key *s, Key *h)
89 if (s->mkvno != NULL) {
90 h->mkvno = malloc(sizeof(unsigned int));
91 if (h->mkvno == NULL) {
94 *h->mkvno = *s->mkvno;
99 h->key.keytype = s->key.keytype;
100 rc = krb5_copy_data_contents(&h->key.keyvalue,
101 s->key.keyvalue.data,
102 s->key.keyvalue.length);
107 if (s->salt != NULL) {
108 h->salt = malloc(sizeof(Salt));
109 if (h->salt == NULL) {
113 rc = sdb_salt_to_Salt(s->salt,
129 static int sdb_keys_to_Keys(const struct sdb_keys *s, Keys *h)
134 if (s->val != NULL) {
135 h->val = malloc(h->len * sizeof(Key));
136 if (h->val == NULL) {
139 for (i = 0; i < h->len; i++) {
140 ret = sdb_key_to_Key(&s->val[i],
154 static int sdb_event_to_Event(krb5_context context,
155 const struct sdb_event *s, Event *h)
159 if (s->principal != NULL) {
160 ret = krb5_copy_principal(context,
176 static int sdb_entry_to_hdb_entry(krb5_context context,
177 const struct sdb_entry *s,
185 rc = krb5_copy_principal(context,
194 rc = sdb_keys_to_Keys(&s->keys, &h->keys);
199 rc = sdb_event_to_Event(context,
206 if (s->modified_by) {
207 h->modified_by = malloc(sizeof(Event));
208 if (h->modified_by == NULL) {
213 rc = sdb_event_to_Event(context,
220 h->modified_by = NULL;
223 if (s->valid_start != NULL) {
224 h->valid_start = malloc(sizeof(KerberosTime));
225 if (h->valid_start == NULL) {
229 *h->valid_start = *s->valid_start;
231 h->valid_start = NULL;
234 if (s->valid_end != NULL) {
235 h->valid_end = malloc(sizeof(KerberosTime));
236 if (h->valid_end == NULL) {
240 *h->valid_end = *s->valid_end;
245 if (s->pw_end != NULL) {
246 h->pw_end = malloc(sizeof(KerberosTime));
247 if (h->pw_end == NULL) {
251 *h->pw_end = *s->pw_end;
256 if (s->max_life != NULL) {
257 h->max_life = malloc(sizeof(unsigned int));
258 if (h->max_life == NULL) {
262 *h->max_life = *s->max_life;
267 if (s->max_renew != NULL) {
268 h->max_renew = malloc(sizeof(unsigned int));
269 if (h->max_renew == NULL) {
273 *h->max_renew = *s->max_renew;
278 sdb_flags_to_hdb_flags(&s->flags, &h->flags);
281 h->etypes = malloc(sizeof(*h->etypes));
282 if (h->etypes == NULL) {
286 h->etypes->len = s->etypes->len;
287 h->etypes->val = calloc(h->etypes->len, sizeof(int));
288 if (h->etypes->val == NULL) {
292 for (i = 0; i < h->etypes->len; i++) {
293 h->etypes->val[i] = s->etypes->val[i];
298 h->generation = NULL;
299 h->extensions = NULL; /* really sure ? FIXME */
307 static int samba_kdc_hdb_entry_destructor(struct samba_kdc_entry *p)
309 struct hdb_entry_ex *entry_ex = p->entry_ex;
310 free_hdb_entry(&entry_ex->entry);
315 static void samba_kdc_free_hdb_entry(krb5_context context,
316 struct hdb_entry_ex *entry_ex)
318 /* this function is called only from hdb_free_entry().
319 * Make sure we neutralize the destructor or we will
320 * get a double free later when hdb_free_entry() will
321 * try to call free_hdb_entry() */
322 talloc_set_destructor(entry_ex->ctx, NULL);
324 /* now proceed to free the talloc part */
325 talloc_free(entry_ex->ctx);
328 int sdb_entry_ex_to_hdb_entry_ex(krb5_context context,
329 const struct sdb_entry_ex *s,
330 struct hdb_entry_ex *h)
332 struct samba_kdc_entry *skdc_entry;
336 if (s->ctx != NULL) {
337 skdc_entry = talloc_get_type(s->ctx, struct samba_kdc_entry);
340 h->free_entry = samba_kdc_free_hdb_entry;
342 talloc_set_destructor(skdc_entry,
343 samba_kdc_hdb_entry_destructor);
346 return sdb_entry_to_hdb_entry(context, &s->entry, &h->entry);