From 8beaa2924205cf6b01bc6183f7795571a3966ba5 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 20 Sep 2010 14:49:39 +1000
Subject: [PATCH] s4-libcli/security Use seperate subsystem for session related
 functions

The merged I plan in this area require spliting security.h into
two header files, a common header and a session.h for the
remaining source4-specific code.

Andrew Bartlett
---
 .../dsdb/samdb/ldb_modules/repl_meta_data.c   |  1 +
 source4/dsdb/samdb/ldb_modules/rootdse.c      |  1 +
 source4/dsdb/samdb/ldb_modules/util.c         |  1 +
 source4/dsdb/samdb/ldb_modules/wscript_build  |  6 ++--
 source4/libcli/security/security.h            | 11 -------
 source4/libcli/security/session.c             |  1 +
 source4/libcli/security/session.h             | 33 +++++++++++++++++++
 source4/libcli/security/wscript_build         |  8 ++++-
 source4/rpc_server/drsuapi/addentry.c         |  1 +
 source4/rpc_server/drsuapi/dcesrv_drsuapi.c   |  1 +
 source4/rpc_server/drsuapi/drsutil.c          |  1 +
 source4/rpc_server/drsuapi/getncchanges.c     |  1 +
 source4/rpc_server/drsuapi/updaterefs.c       |  1 +
 source4/rpc_server/lsa/dcesrv_lsa.c           |  1 +
 source4/rpc_server/winreg/rpc_winreg.c        |  2 +-
 source4/rpc_server/wscript_build              |  6 ++--
 16 files changed, 57 insertions(+), 19 deletions(-)
 create mode 100644 source4/libcli/security/session.h

diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index fdb194104fc..3361a1c0301 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -49,6 +49,7 @@
 #include "dsdb/samdb/ldb_modules/util.h"
 #include "lib/util/binsearch.h"
 #include "libcli/security/security.h"
+#include "libcli/security/session.h"
 #include "lib/util/tsort.h"
 
 struct replmd_private {
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 6c2a1e630d6..7334bf3bc50 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -28,6 +28,7 @@
 #include "version.h"
 #include "dsdb/samdb/ldb_modules/util.h"
 #include "libcli/security/security.h"
+#include "libcli/security/session.h"
 #include "librpc/ndr/libndr.h"
 #include "auth/auth.h"
 #include "param/param.h"
diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
index d7bf807c24e..2380e02ac21 100644
--- a/source4/dsdb/samdb/ldb_modules/util.c
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -28,6 +28,7 @@
 #include "util.h"
 #include "libcli/security/security.h"
 #include "lib/ldb/include/ldb_private.h"
+#include "libcli/security/session.h"
 
 /*
   search for attrs on one DN, in the modules below
diff --git a/source4/dsdb/samdb/ldb_modules/wscript_build b/source4/dsdb/samdb/ldb_modules/wscript_build
index 95c327364c7..dc143f5a4c3 100644
--- a/source4/dsdb/samdb/ldb_modules/wscript_build
+++ b/source4/dsdb/samdb/ldb_modules/wscript_build
@@ -3,7 +3,7 @@
 bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPERS',
 	source='util.c acl_util.c',
 	autoproto='util_proto.h',
-	deps='ldb LIBNDR SAMDB_COMMON'
+	deps='ldb LIBNDR SAMDB_COMMON LIBSECURITY_SESSION'
 	)
 
 bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPER_RIDALLOC',
@@ -50,7 +50,7 @@ bld.SAMBA_MODULE('ldb_repl_meta_data',
 	subsystem='ldb',
 	init_function='LDB_MODULE(repl_meta_data)',
 	internal_module=False,
-	deps='SAMDB talloc LIBEVENTS LIBNDR NDR_DRSUAPI NDR_DRSBLOBS LIBNDR DSDB_MODULE_HELPERS'
+	deps='SAMDB talloc LIBEVENTS LIBNDR NDR_DRSUAPI NDR_DRSBLOBS LIBNDR DSDB_MODULE_HELPERS LIBSECURITY_SESSION'
 	)
 
 
@@ -141,7 +141,7 @@ bld.SAMBA_MODULE('ldb_rootdse',
 	subsystem='ldb',
 	init_function='LDB_MODULE(rootdse)',
 	internal_module=False,
-	deps='talloc LIBEVENTS SAMDB MESSAGING'
+	deps='talloc LIBEVENTS SAMDB MESSAGING LIBSECURITY_SESSION'
 	)
 
 
diff --git a/source4/libcli/security/security.h b/source4/libcli/security/security.h
index 12c95f1d83d..009ad64959d 100644
--- a/source4/libcli/security/security.h
+++ b/source4/libcli/security/security.h
@@ -25,17 +25,6 @@
 #define PRIMARY_USER_SID_INDEX 0
 #define PRIMARY_GROUP_SID_INDEX 1
 
-enum security_user_level {
-	SECURITY_ANONYMOUS            = 0,
-	SECURITY_USER                 = 10,
-	SECURITY_RO_DOMAIN_CONTROLLER = 20,
-	SECURITY_DOMAIN_CONTROLLER    = 30,
-	SECURITY_ADMINISTRATOR        = 40,
-	SECURITY_SYSTEM               = 50
-};
-
-struct auth_session_info;
-
 struct object_tree {
 	uint32_t remaining_access;
 	struct GUID guid;
diff --git a/source4/libcli/security/session.c b/source4/libcli/security/session.c
index cd09b6d403a..401e11c489f 100644
--- a/source4/libcli/security/session.c
+++ b/source4/libcli/security/session.c
@@ -21,6 +21,7 @@
 
 #include "includes.h"
 #include "auth/session.h"
+#include "libcli/security/session.h"
 #include "libcli/security/security.h"
 
 enum security_user_level security_session_user_level(struct auth_session_info *session_info,
diff --git a/source4/libcli/security/session.h b/source4/libcli/security/session.h
new file mode 100644
index 00000000000..851a37d7eb9
--- /dev/null
+++ b/source4/libcli/security/session.h
@@ -0,0 +1,33 @@
+/*
+   Unix SMB/CIFS implementation.
+
+   session_info utility functions
+
+   Copyright (C) Andrew Bartlett 2008-2010
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "libcli/security/session_proto.h"
+
+enum security_user_level {
+	SECURITY_ANONYMOUS            = 0,
+	SECURITY_USER                 = 10,
+	SECURITY_RO_DOMAIN_CONTROLLER = 20,
+	SECURITY_DOMAIN_CONTROLLER    = 30,
+	SECURITY_ADMINISTRATOR        = 40,
+	SECURITY_SYSTEM               = 50
+};
+
+struct auth_session_info;
diff --git a/source4/libcli/security/wscript_build b/source4/libcli/security/wscript_build
index 4187bcbebe0..02d79428d09 100644
--- a/source4/libcli/security/wscript_build
+++ b/source4/libcli/security/wscript_build
@@ -1,7 +1,13 @@
 #!/usr/bin/env python
 
+bld.SAMBA_SUBSYSTEM('LIBSECURITY_SESSION',
+	source='session.c',
+	autoproto='session_proto.h',
+	public_deps='LIBSECURITY_COMMON'
+	)
+
 bld.SAMBA_SUBSYSTEM('LIBSECURITY',
-	source='access_check.c create_descriptor.c object_tree.c session.c',
+	source='access_check.c create_descriptor.c object_tree.c',
 	autoproto='proto.h',
 	public_deps='LIBNDR LIBSECURITY_COMMON'
 	)
diff --git a/source4/rpc_server/drsuapi/addentry.c b/source4/rpc_server/drsuapi/addentry.c
index bb254cb3ee4..c4f33d7d4f8 100644
--- a/source4/rpc_server/drsuapi/addentry.c
+++ b/source4/rpc_server/drsuapi/addentry.c
@@ -28,6 +28,7 @@
 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "libcli/security/security.h"
+#include "libcli/security/session.h"
 
 /*
   add special SPNs needed for DRS replication to machine accounts when
diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
index 7b48521a6d4..c6faf75ad55 100644
--- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
+++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c
@@ -27,6 +27,7 @@
 #include "dsdb/samdb/samdb.h"
 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
 #include "libcli/security/security.h"
+#include "libcli/security/session.h"
 #include "auth/auth.h"
 #include "param/param.h"
 #include "lib/messaging/irpc.h"
diff --git a/source4/rpc_server/drsuapi/drsutil.c b/source4/rpc_server/drsuapi/drsutil.c
index 0a4bd1ffcc0..41f300bbed3 100644
--- a/source4/rpc_server/drsuapi/drsutil.c
+++ b/source4/rpc_server/drsuapi/drsutil.c
@@ -23,6 +23,7 @@
 #include "rpc_server/dcerpc_server.h"
 #include "dsdb/samdb/samdb.h"
 #include "libcli/security/security.h"
+#include "libcli/security/session.h"
 #include "param/param.h"
 #include "auth/session.h"
 
diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c
index 453247279ad..0f6c08d6e28 100644
--- a/source4/rpc_server/drsuapi/getncchanges.c
+++ b/source4/rpc_server/drsuapi/getncchanges.c
@@ -31,6 +31,7 @@
 #include "rpc_server/dcerpc_server_proto.h"
 #include "../libcli/drsuapi/drsuapi.h"
 #include "libcli/security/security.h"
+#include "libcli/security/session.h"
 #include "lib/util/binsearch.h"
 #include "lib/util/tsort.h"
 #include "auth/session.h"
diff --git a/source4/rpc_server/drsuapi/updaterefs.c b/source4/rpc_server/drsuapi/updaterefs.c
index a089586d24f..649980763ea 100644
--- a/source4/rpc_server/drsuapi/updaterefs.c
+++ b/source4/rpc_server/drsuapi/updaterefs.c
@@ -23,6 +23,7 @@
 #include "rpc_server/dcerpc_server.h"
 #include "dsdb/samdb/samdb.h"
 #include "rpc_server/drsuapi/dcesrv_drsuapi.h"
+#include "libcli/security/session.h"
 #include "libcli/security/security.h"
 #include "auth/session.h"
 #include "librpc/gen_ndr/ndr_drsuapi.h"
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 8a50588f58d..2e4373471c9 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -30,6 +30,7 @@
 #include "../lib/crypto/crypto.h"
 #include "lib/util/tsort.h"
 #include "dsdb/common/util.h"
+#include "libcli/security/session.h"
 
 /*
   this type allows us to distinguish handle types
diff --git a/source4/rpc_server/winreg/rpc_winreg.c b/source4/rpc_server/winreg/rpc_winreg.c
index a39a7d14831..6007686a561 100644
--- a/source4/rpc_server/winreg/rpc_winreg.c
+++ b/source4/rpc_server/winreg/rpc_winreg.c
@@ -25,7 +25,7 @@
 #include "lib/registry/registry.h"
 #include "librpc/gen_ndr/ndr_winreg.h"
 #include "librpc/gen_ndr/ndr_security.h"
-#include "libcli/security/security.h"
+#include "libcli/security/session.h"
 
 enum handle_types { HTYPE_REGVAL, HTYPE_REGKEY };
 
diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build
index 0d630a302a4..a041003f5e3 100644
--- a/source4/rpc_server/wscript_build
+++ b/source4/rpc_server/wscript_build
@@ -71,7 +71,7 @@ bld.SAMBA_MODULE('dcerpc_winreg',
 	source='winreg/rpc_winreg.c',
 	subsystem='dcerpc_server',
 	init_function='dcerpc_server_winreg_init',
-	deps='registry NDR_STANDARD',
+	deps='registry NDR_STANDARD LIBSECURITY_SESSION',
 	internal_module=True
 	)
 
@@ -89,7 +89,7 @@ bld.SAMBA_MODULE('dcerpc_lsarpc',
 	autoproto='lsa/proto.h',
 	subsystem='dcerpc_server',
 	init_function='dcerpc_server_lsa_init',
-	deps='SAMDB DCERPC_COMMON NDR_STANDARD LIBCLI_AUTH NDR_DSSETUP com_err'
+	deps='SAMDB DCERPC_COMMON NDR_STANDARD LIBCLI_AUTH NDR_DSSETUP com_err LIBSECURITY_SESSION'
 	)
 
 
@@ -106,7 +106,7 @@ bld.SAMBA_MODULE('dcerpc_drsuapi',
 	source='drsuapi/dcesrv_drsuapi.c drsuapi/updaterefs.c drsuapi/getncchanges.c drsuapi/addentry.c drsuapi/writespn.c drsuapi/drsutil.c',
 	subsystem='dcerpc_server',
 	init_function='dcerpc_server_drsuapi_init',
-	deps='SAMDB DCERPC_COMMON NDR_DRSUAPI'
+	deps='SAMDB DCERPC_COMMON NDR_DRSUAPI LIBSECURITY_SESSION'
 	)
 
 
-- 
2.34.1