}
static krb5_error_code LDB_message2entry_keys(krb5_context context,
+ struct smb_iconv_convenience *iconv_convenience,
TALLOC_CTX *mem_ctx,
struct ldb_message *msg,
unsigned int userAccountControl,
/* supplementalCredentials if present */
if (sc_val) {
- ndr_err = ndr_pull_struct_blob_all(sc_val, mem_ctx, &scb,
+ ndr_err = ndr_pull_struct_blob_all(sc_val, mem_ctx, iconv_convenience, &scb,
(ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
dump_data(0, sc_val->data, sc_val->length);
talloc_steal(mem_ctx, blob.data);
/* TODO: use ndr_pull_struct_blob_all(), when the ndr layer handles it correct with relative pointers */
- ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, &_pkb,
+ ndr_err = ndr_pull_struct_blob(&blob, mem_ctx, iconv_convenience, &_pkb,
(ndr_pull_flags_fn_t)ndr_pull_package_PrimaryKerberosBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
krb5_set_error_string(context, "LDB_message2entry_keys: could not parse package_PrimaryKerberosBlob");
krb5_boolean is_computer = FALSE;
const char *dnsdomain = ldb_msg_find_attr_as_string(realm_ref_msg, "dnsRoot", NULL);
char *realm = strupper_talloc(mem_ctx, dnsdomain);
+ struct loadparm_context *lp_ctx = ldb_get_opaque((struct ldb_context *)db->hdb_db, "loadparm");
struct ldb_dn *domain_dn = samdb_result_dn((struct ldb_context *)db->hdb_db,
mem_ctx,
realm_ref_msg,
}
private->entry_ex = entry_ex;
+ private->iconv_convenience = lp_iconv_convenience(lp_ctx);
+ private->netbios_name = lp_netbios_name(lp_ctx);
talloc_set_destructor(private, hdb_ldb_destrutor);
entry_ex->entry.flags.ok_as_delegate = 1;
}
- if (lp_parm_bool(global_loadparm, NULL, "kdc", "require spn for service", true)) {
+ if (lp_parm_bool(lp_ctx, NULL, "kdc", "require spn for service", true)) {
if (!is_computer && !ldb_msg_find_attr_as_string(msg, "servicePrincipalName", NULL)) {
entry_ex->entry.flags.server = 0;
}
entry_ex->entry.generation = NULL;
/* Get keys from the db */
- ret = LDB_message2entry_keys(context, private, msg, userAccountControl, entry_ex);
+ ret = LDB_message2entry_keys(context, private->iconv_convenience, private, msg, userAccountControl, entry_ex);
if (ret) {
/* Could be bougus data in the entry, or out of memory */
goto out;
* code */
NTSTATUS kdc_hdb_ldb_create(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
krb5_context context, struct HDB **db, const char *arg)
{
NTSTATUS nt_status;
(*db)->hdb_master_key_set = 0;
(*db)->hdb_db = NULL;
- nt_status = auth_system_session_info(*db, &session_info);
+ nt_status = auth_system_session_info(*db, lp_ctx, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}
CRED_DONT_USE_KERBEROS);
/* Setup the link to LDB */
- (*db)->hdb_db = samdb_connect(*db, global_loadparm, session_info);
+ (*db)->hdb_db = samdb_connect(*db, lp_ctx, session_info);
if ((*db)->hdb_db == NULL) {
DEBUG(1, ("hdb_ldb_create: Cannot open samdb for KDC backend!"));
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
krb5_error_code hdb_ldb_create(krb5_context context, struct HDB **db, const char *arg)
{
NTSTATUS nt_status;
- /* The global kdc_mem_ctx, Disgusting, ugly hack, but it means one less private hook */
- nt_status = kdc_hdb_ldb_create(kdc_mem_ctx, context, db, arg);
+ /* The global kdc_mem_ctx and kdc_lp_ctx, Disgusting, ugly hack, but it means one less private hook */
+ nt_status = kdc_hdb_ldb_create(kdc_mem_ctx, kdc_lp_ctx,
+ context, db, arg);
if (NT_STATUS_IS_OK(nt_status)) {
return 0;