Fix include paths to new location of libutil.

[kai/samba-autobuild/.git] / source4 / kdc / kpasswdd.c

diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c
index 35697bef4e4708ae12a7b2f16de31205cafc5588..d662844c4eb287f3cbe4b87e70cce0b0f71b72e7 100644 (file)
--- a/source4/kdc/kpasswdd.c
+++ b/source4/kdc/kpasswdd.c
@@ -24,12 +24,9 @@
 #include "smbd/service_task.h"
 #include "lib/events/events.h"
 #include "lib/socket/socket.h"
-#include "kdc/kdc.h"
 #include "system/network.h"
-#include "lib/util/dlinklist.h"
+#include "../lib/util/dlinklist.h"
 #include "lib/ldb/include/ldb.h"
-#include "heimdal/lib/krb5/krb5_locl.h"
-#include "heimdal/lib/krb5/krb5-private.h"
 #include "auth/gensec/gensec.h"
 #include "auth/credentials/credentials.h"
 #include "auth/credentials/credentials_krb5.h"
@@ -39,6 +36,12 @@
 #include "rpc_server/samr/proto.h"
 #include "libcli/security/security.h"
 #include "param/param.h"
+#include "kdc/kdc.h"
+
+/* TODO: remove all SAMBA4_INTERNAL_HEIMDAL stuff from this file */
+#ifdef SAMBA4_INTERNAL_HEIMDAL
+#include "heimdal_build/kpasswdd-glue.h"
+#endif
 
 /* hold information about one kdc socket */
 struct kpasswd_socket {
@@ -62,7 +65,7 @@ static bool kpasswdd_make_error_reply(struct kdc_server *kdc,
        
        DEBUG(result_code ? 3 : 10, ("kpasswdd: %s\n", error_string));
 
-       len = push_utf8_talloc(mem_ctx, &error_string_utf8, error_string);
+       len = push_utf8_talloc(mem_ctx, lp_iconv_convenience(kdc->task->lp_ctx), &error_string_utf8, error_string);
        if (len == -1) {
                return false;
        }
@@ -180,7 +183,7 @@ static bool kpasswdd_change_password(struct kdc_server *kdc,
        struct samr_DomInfo1 *dominfo;
        struct ldb_context *samdb;
 
-       samdb = samdb_connect(mem_ctx, global_loadparm, system_session(mem_ctx));
+       samdb = samdb_connect(mem_ctx, kdc->task->event_ctx, kdc->task->lp_ctx, system_session(mem_ctx, kdc->task->lp_ctx));
        if (!samdb) {
                return kpasswdd_make_error_reply(kdc, mem_ctx, 
                                                KRB5_KPASSWD_HARDERROR,
@@ -283,6 +286,7 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
                                                        reply);
                }
                if (chpw.targname && chpw.targrealm) {
+#ifdef SAMBA4_INTERNAL_HEIMDAL
                        if (_krb5_principalname2krb5_principal(kdc->smb_krb5_context->krb5_context,
                                                               &principal, *chpw.targname, 
                                                               *chpw.targrealm) != 0) {
@@ -293,6 +297,12 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
                                                                reply);
                                
                        }
+#else /* SAMBA4_INTERNAL_HEIMDAL */
+                               return kpasswdd_make_error_reply(kdc, mem_ctx,
+                                                               KRB5_KPASSWD_BAD_VERSION,
+                                                               "Operation Not Implemented",
+                                                               reply);
+#endif /* SAMBA4_INTERNAL_HEIMDAL */
                } else {
                        free_ChangePasswdDataMS(&chpw);
                        return kpasswdd_change_password(kdc, mem_ctx, session_info, 
@@ -310,7 +320,7 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
                
                krb5_free_principal(context, principal);
                
-               samdb = samdb_connect(mem_ctx, global_loadparm, session_info);
+               samdb = samdb_connect(mem_ctx, kdc->task->event_ctx, kdc->task->lp_ctx, session_info);
                if (!samdb) {
                        return kpasswdd_make_error_reply(kdc, mem_ctx, 
                                                         KRB5_KPASSWD_HARDERROR,
@@ -458,7 +468,7 @@ bool kpasswdd_process(struct kdc_server *kdc,
        ap_req = data_blob_const(&input->data[header_len], ap_req_len);
        krb_priv_req = data_blob_const(&input->data[header_len + ap_req_len], krb_priv_len);
        
-       nt_status = gensec_server_start(tmp_ctx, kdc->task->event_ctx, kdc->task->msg_ctx, &gensec_security);
+       nt_status = gensec_server_start(tmp_ctx, kdc->task->event_ctx, kdc->task->lp_ctx, kdc->task->msg_ctx, &gensec_security);
        if (!NT_STATUS_IS_OK(nt_status)) {
                talloc_free(tmp_ctx);
                return false;
@@ -473,8 +483,8 @@ bool kpasswdd_process(struct kdc_server *kdc,
        /* We want the credentials subsystem to use the krb5 context
         * we already have, rather than a new context */        
        cli_credentials_set_krb5_context(server_credentials, kdc->smb_krb5_context);
-       cli_credentials_set_conf(server_credentials, global_loadparm);
-       nt_status = cli_credentials_set_stored_principal(server_credentials, "kadmin/changepw");
+       cli_credentials_set_conf(server_credentials, kdc->task->lp_ctx);
+       nt_status = cli_credentials_set_stored_principal(server_credentials, kdc->task->event_ctx, kdc->task->lp_ctx, "kadmin/changepw");
        if (!NT_STATUS_IS_OK(nt_status)) {
                ret = kpasswdd_make_unauth_error_reply(kdc, mem_ctx, 
                                                       KRB5_KPASSWD_HARDERROR,