r15297: Move create_security_token() to samdb as it requires SAMDB (and the rest...

Make the ldb password_hash module only depend on some keys manipulation code, not full heimdal
Some other dependency fixes
(This used to be commit 5b3ab728edfc9cdd9eee16ad0fe6dfd4b5ced630)

diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 3de2723aee9563e31aa2886fd96e404da6b8fdb0..22e093581c3f955daf0e3dab958f0d4d29b8d69d 100644 (file)
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -229,7 +229,7 @@ NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx,
                        DEBUG(10,("sam_account_ok: checking for workstation match '%s' and '%s'\n",
                                  workstations[i], logon_workstation));
 
-                       if (strequal(workstations[i], logon_workstation)) {
+                       if (strequal(workstations[i], logon_workstation) == 0) {
                                invalid_ws = False;
                                break;
                        }

diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c
index 4c6bf04fcbb9d9436084ee63cc4055d9f1904c3d..2f2a2f0b83fcb7949f4171115199260d6bb72744 100644 (file)
--- a/source4/auth/auth_util.c
+++ b/source4/auth/auth_util.c
@@ -26,6 +26,7 @@
 #include "auth/auth.h"
 #include "libcli/security/security.h"
 #include "libcli/auth/libcli_auth.h"
+#include "dsdb/samdb/samdb.h"
 
 /* this default function can be used by mostly all backends
  * which don't want to set a challenge

diff --git a/source4/auth/config.mk b/source4/auth/config.mk
index 3d42da6d615c1f353647595739b18c4991e2e475..6586fbfe5dc5313ac204617425d14fd46218cb1a 100644 (file)
--- a/source4/auth/config.mk
+++ b/source4/auth/config.mk
@@ -13,7 +13,8 @@ PRIVATE_PROTO_HEADER = auth_sam.h
 INIT_FUNCTION = auth_sam_init
 SUBSYSTEM = auth
 OBJ_FILES = \
-               auth_sam.o
+               auth_sam.o \
+               auth_sam_reply.o
 PUBLIC_DEPENDENCIES = \
                SAMDB
 # End MODULE auth_sam
@@ -24,8 +25,7 @@ PUBLIC_DEPENDENCIES = \
 [MODULE::auth_anonymous]
 INIT_FUNCTION = auth_anonymous_init
 SUBSYSTEM = auth
-OBJ_FILES = \
-               auth_anonymous.o
+OBJ_FILES = auth_anonymous.o
 # End MODULE auth_anonymous
 #######################
 
@@ -34,8 +34,7 @@ OBJ_FILES = \
 [MODULE::auth_winbind]
 INIT_FUNCTION = auth_winbind_init
 SUBSYSTEM = auth
-OBJ_FILES = \
-               auth_winbind.o
+OBJ_FILES = auth_winbind.o
 PUBLIC_DEPENDENCIES = \
                LIBWINBIND-CLIENT \
                NDR_NETLOGON LIBNDR
@@ -47,8 +46,7 @@ PUBLIC_DEPENDENCIES = \
 [MODULE::auth_developer]
 INIT_FUNCTION = auth_developer_init
 SUBSYSTEM = auth
-OBJ_FILES = \
-               auth_developer.o
+OBJ_FILES = auth_developer.o
 # End MODULE auth_developer
 #######################
 
@@ -57,10 +55,8 @@ OBJ_FILES = \
 [MODULE::auth_unix]
 INIT_FUNCTION = auth_unix_init
 SUBSYSTEM = auth
-OBJ_FILES = \
-               auth_unix.o
-PUBLIC_DEPENDENCIES = \
-               CRYPT PAM PAM_ERRORS
+OBJ_FILES = auth_unix.o
+PUBLIC_DEPENDENCIES = CRYPT PAM PAM_ERRORS
 # End MODULE auth_unix
 #######################
 
@@ -76,9 +72,8 @@ PUBLIC_PROTO_HEADER = auth_proto.h
 OBJ_FILES = \
                auth.o \
                auth_util.o \
-               auth_sam_reply.o \
                ntlm_check.o \
                auth_simple.o
-PUBLIC_DEPENDENCIES = LIB_SECURITY process_model
+PUBLIC_DEPENDENCIES = LIBSECURITY process_model SAMDB
 # End SUBSYSTEM auth
 #######################

diff --git a/source4/auth/credentials/config.mk b/source4/auth/credentials/config.mk
index b1212e596338d15409bf6ba6a03a866ba1a11b00..1f6a07ae01e45a08f25f9c9bb507da0acf61d5d2 100644 (file)
--- a/source4/auth/credentials/config.mk
+++ b/source4/auth/credentials/config.mk
@@ -8,7 +8,7 @@ OBJ_FILES = credentials.o \
                credentials_krb5.o \
                credentials_ntlm.o
 PUBLIC_DEPENDENCIES = \
-               HEIMDAL LIBCLI_AUTH ldb SECRETS
+               HEIMDAL LIBCLI_AUTH SECRETS
 # End SUBSYSTEM CREDENTIALS
 #################################
 

diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index 8f487571f3ba053bbf3ad24e8e0c722f5d3ca65f..4cc067ffde31d595395e0d3686be14ccb72342af 100644 (file)
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -252,7 +252,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
                DEBUG(2, ("Cannot do GSSAPI to an IP address\n"));
                return NT_STATUS_INVALID_PARAMETER;
        }
-       if (strequal(hostname, "localhost")) {
+       if (strcmp(hostname, "localhost") == 0) {
                DEBUG(2, ("GSSAPI to 'localhost' does not make sense\n"));
                return NT_STATUS_INVALID_PARAMETER;
        }

diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index f2f3361bf95dbe2d72cc07b653222f54f95f8c69..c07b5c95e3f0ea584cec84e39ab08e7ab619ac3f 100644 (file)
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -230,7 +230,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
                DEBUG(2, ("Cannot do krb5 to an IP address"));
                return NT_STATUS_INVALID_PARAMETER;
        }
-       if (strequal(hostname, "localhost")) {
+       if (strcmp(hostname, "localhost") == 0) {
                DEBUG(2, ("krb5 to 'localhost' does not make sense"));
                return NT_STATUS_INVALID_PARAMETER;
        }

diff --git a/source4/auth/kerberos/config.mk b/source4/auth/kerberos/config.mk
index 2a729ef2394db958729e59ed11bd285d382e0904..9a7ace6ab587c0f8f2c7a41be6f28ba066ae0937 100644 (file)
--- a/source4/auth/kerberos/config.mk
+++ b/source4/auth/kerberos/config.mk
@@ -9,6 +9,7 @@ OBJ_FILES = kerberos.o \
                        kerberos_pac.o \
                        gssapi_parse.o \
                        krb5_init_context.o
-PUBLIC_DEPENDENCIES = HEIMDAL_KRB5 NDR_KRB5PAC SOCKET HEIMDAL_ROKEN_ADDRINFO
+PUBLIC_DEPENDENCIES = HEIMDAL_KRB5 NDR_KRB5PAC SOCKET
+PRIVATE_DEPENDENCIES = ASN1_UTIL HEIMDAL_ROKEN_ADDRINFO auth_sam
 # End SUBSYSTEM KERBEROS
 #################################

diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c
index 4712166ea7aca9d8c2d5aba5d21a4860adb8c65a..673137fd5ce202976aa2608570ffddd7466b56ad 100644 (file)
--- a/source4/auth/kerberos/kerberos_pac.c
+++ b/source4/auth/kerberos/kerberos_pac.c
@@ -28,7 +28,7 @@
 #include "system/kerberos.h"
 #include "auth/kerberos/kerberos.h"
 #include "librpc/gen_ndr/ndr_krb5pac.h"
-#include "auth/auth.h"
+#include "auth/auth_sam.h"
 
 static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, 
                                          DATA_BLOB pac_data,

diff --git a/source4/client/config.mk b/source4/client/config.mk
index 369d2a658aafcde57d59c0b704b28984d3fe217e..b38be8da3dd6414a05c0a2a41a452d3cc2ecda95 100644 (file)
--- a/source4/client/config.mk
+++ b/source4/client/config.mk
@@ -8,7 +8,7 @@ OBJ_FILES = \
                client.o
 PRIVATE_DEPENDENCIES = \
                LIBSAMBA-CONFIG \
-               LIBREADLINE \
+               SMBREADLINE \
                LIBSAMBA-UTIL \
                LIBSMB \
                RPC_NDR_SRVSVC \

diff --git a/source4/dsdb/config.mk b/source4/dsdb/config.mk
index 15aa9fd0aa50156f205f1bd10ec500921376098f..e0426167e3ace29dd537bdc34f2a7258af6ba492 100644 (file)
--- a/source4/dsdb/config.mk
+++ b/source4/dsdb/config.mk
@@ -7,7 +7,7 @@ include samdb/ldb_modules/config.mk
 [SUBSYSTEM::SAMDB]
 PUBLIC_PROTO_HEADER = samdb/samdb_proto.h
 PUBLIC_HEADERS = samdb/samdb.h
-PUBLIC_DEPENDENCIES = DB_WRAP LIBCLI_LDAP
+PUBLIC_DEPENDENCIES = ldb LIBCLI_LDAP
 OBJ_FILES = \
                samdb/samdb.o \
                samdb/samdb_privilege.o \

diff --git a/source4/dsdb/samdb/ldb_modules/config.mk b/source4/dsdb/samdb/ldb_modules/config.mk
index 207fdf82011af63d6f0cc8d0f7e2c5e7cab57fca..20f6e182e5646a1699ec31705e8fd731eabd8f45 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/config.mk
+++ b/source4/dsdb/samdb/ldb_modules/config.mk
@@ -17,7 +17,6 @@ SUBSYSTEM = ldb
 INIT_FUNCTION = samldb_module_init
 OBJ_FILES = \
                samldb.o
-PUBLIC_DEPENDENCIES = SAMDB
 #
 # End MODULE ldb_samldb
 ################################################
@@ -62,10 +61,9 @@ OBJ_FILES = \
 [MODULE::ldb_password_hash]
 SUBSYSTEM = ldb
 INIT_FUNCTION = password_hash_module_init
-OBJ_FILES = \
-               password_hash.o
-PUBLIC_DEPENDENCIES = \
-               HEIMDAL_HDB HEIMDAL_KRB5
+OBJ_FILES = password_hash.o
+PUBLIC_DEPENDENCIES = HEIMDAL_KRB5
+PRIVATE_DEPENDENCIES = HEIMDAL_HDB_KEYS
 #
 # End MODULE ldb_rootdse
 ################################################
@@ -78,7 +76,7 @@ INIT_FUNCTION = ldb_kludge_acl_init
 OBJ_FILES = \
                kludge_acl.o
 PUBLIC_DEPENDENCIES = \
-               LIB_SECURITY
+               LIBSECURITY
 #
 # End MODULE ldb_rootdse
 ################################################

diff --git a/source4/dsdb/samdb/samdb.c b/source4/dsdb/samdb/samdb.c
index bd133c87452f53d29d1e194fa8f674a0c0c8a933..5dbfd4ee87c06bfaf95ac3c6c815d9aa6d2c58ba 100644 (file)
--- a/source4/dsdb/samdb/samdb.c
+++ b/source4/dsdb/samdb/samdb.c
@@ -1353,3 +1353,79 @@ _PUBLIC_ NTSTATUS samdb_set_password_sid(struct ldb_context *ctx, TALLOC_CTX *me
        }
        return NT_STATUS_OK;
 }
+
+/****************************************************************************
+ Create the SID list for this user.
+****************************************************************************/
+NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, 
+                              struct dom_sid *user_sid,
+                              struct dom_sid *group_sid, 
+                              int n_groupSIDs,
+                              struct dom_sid **groupSIDs, 
+                              BOOL is_authenticated,
+                              struct security_token **token)
+{
+       struct security_token *ptoken;
+       int i;
+       NTSTATUS status;
+
+       ptoken = security_token_initialise(mem_ctx);
+       NT_STATUS_HAVE_NO_MEMORY(ptoken);
+
+       ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 5);
+       NT_STATUS_HAVE_NO_MEMORY(ptoken->sids);
+
+       ptoken->user_sid = talloc_reference(ptoken, user_sid);
+       ptoken->group_sid = talloc_reference(ptoken, group_sid);
+       ptoken->privilege_mask = 0;
+
+       ptoken->sids[0] = ptoken->user_sid;
+       ptoken->sids[1] = ptoken->group_sid;
+
+       /*
+        * Finally add the "standard" SIDs.
+        * The only difference between guest and "anonymous"
+        * is the addition of Authenticated_Users.
+        */
+       ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD);
+       NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]);
+       ptoken->sids[3] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK);
+       NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[3]);
+       ptoken->num_sids = 4;
+
+       if (is_authenticated) {
+               ptoken->sids[4] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS);
+               NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[4]);
+               ptoken->num_sids++;
+       }
+
+       for (i = 0; i < n_groupSIDs; i++) {
+               size_t check_sid_idx;
+               for (check_sid_idx = 1; 
+                    check_sid_idx < ptoken->num_sids; 
+                    check_sid_idx++) {
+                       if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) {
+                               break;
+                       }
+               }
+
+               if (check_sid_idx == ptoken->num_sids) {
+                       ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]);
+               }
+       }
+
+       /* setup the privilege mask for this token */
+       status = samdb_privilege_setup(ptoken);
+       if (!NT_STATUS_IS_OK(status)) {
+               talloc_free(ptoken);
+               return status;
+       }
+
+       security_token_debug(10, ptoken);
+
+       *token = ptoken;
+
+       return NT_STATUS_OK;
+}
+
+

diff --git a/source4/heimdal_build/config.mk b/source4/heimdal_build/config.mk
index 8d1b6c5781059ed597e48ff27b8057b9915c3a1d..f6215a30724b8ea7e33bf6b526e70e6e35af691a 100644 (file)
--- a/source4/heimdal_build/config.mk
+++ b/source4/heimdal_build/config.mk
@@ -16,6 +16,14 @@ PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_KRB5 HEIMDAL_HDB
 # End SUBSYSTEM HEIMDAL_KDC
 #######################
 
+[SUBSYSTEM::HEIMDAL_HDB_KEYS]
+CFLAGS = -Iheimdal_build -Iheimdal/lib/hdb
+OBJ_FILES = \
+       ../heimdal/lib/hdb/keys.o \
+       ../heimdal/lib/hdb/asn1_Key.o \
+       ../heimdal/lib/hdb/asn1_Salt.o
+PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_KRB5
+
 #######################
 # Start SUBSYSTEM HEIMDAL_HDB
 [SUBSYSTEM::HEIMDAL_HDB]
@@ -24,7 +32,6 @@ OBJ_FILES = \
        ../heimdal/lib/hdb/db.o \
        ../heimdal/lib/hdb/hdb.o \
        ../heimdal/lib/hdb/ext.o \
-       ../heimdal/lib/hdb/keys.o \
        ../heimdal/lib/hdb/keytab.o \
        ../heimdal/lib/hdb/mkey.o \
        ../heimdal/lib/hdb/ndbm.o \
@@ -39,11 +46,9 @@ OBJ_FILES = \
        ../heimdal/lib/hdb/asn1_HDB_Ext_Password.o \
        ../heimdal/lib/hdb/asn1_HDB_extension.o \
        ../heimdal/lib/hdb/asn1_HDB_extensions.o \
-       ../heimdal/lib/hdb/asn1_Key.o \
-       ../heimdal/lib/hdb/asn1_Salt.o \
        ../heimdal/lib/hdb/asn1_hdb_entry.o \
        ../heimdal/lib/hdb/hdb_err.o
-PUBLIC_DEPENDENCIES = HDB_LDB
+PUBLIC_DEPENDENCIES = HDB_LDB HEIMDAL_HDB_KEYS HEIMDAL_ROKEN
 # End SUBSYSTEM HEIMDAL_HDB
 #######################
 
@@ -99,7 +104,7 @@ PUBLIC_DEPENDENCIES = KERBEROS HEIMDAL_KRB5
 # Start SUBSYSTEM HEIMDAL_KRB5
 [SUBSYSTEM::HEIMDAL_KRB5]
 CFLAGS = -Iheimdal_build -Iheimdal/lib/krb5 
-PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_ASN1
+PRIVATE_DEPENDENCIES = HEIMDAL_ROKEN HEIMDAL_DES HEIMDAL_ASN1 HEIMDAL_GLUE 
 OBJ_FILES = \
        ../heimdal/lib/krb5/acache.o \
        ../heimdal/lib/krb5/add_et_list.o \
@@ -480,7 +485,7 @@ CFLAGS = -Iheimdal_build
 OBJ_FILES = ../heimdal/lib/vers/print_version.o
 PUBLIC_DEPENDENCIES = \
                LIBREPLACE HEIMDAL_GSSAPI HEIMDAL_KRB5 KERBEROS \
-               HEIMDAL_GLUE RESOLV
+               RESOLV
 # End SUBSYSTEM HEIMDAL
 #######################
 

diff --git a/source4/kdc/config.mk b/source4/kdc/config.mk
index b6f613bf08e1740a4128a3a6692271b1bb7607b5..39cfc4299ee3cc77867226702a97f8a6da9e7919 100644 (file)
--- a/source4/kdc/config.mk
+++ b/source4/kdc/config.mk
@@ -19,7 +19,7 @@ OBJ_FILES = \
                hdb-ldb.o \
                pac-glue.o 
 PUBLIC_DEPENDENCIES = \
-               ldb KERBEROS_LIB HEIMDAL_HDB auth_sam 
+               ldb auth_sam 
 # End SUBSYSTEM KDC
 #######################
 

diff --git a/source4/libcli/auth/config.mk b/source4/libcli/auth/config.mk
index 756ea0ecbff993009e22facbf3ab140ec6dc489b..5a0b7e14dc911244ff79366a7e8b05ef9ddb57ca 100644 (file)
--- a/source4/libcli/auth/config.mk
+++ b/source4/libcli/auth/config.mk
@@ -8,6 +8,6 @@ OBJ_FILES = credentials.o \
                smbencrypt.o \
                smbdes.o
 PUBLIC_DEPENDENCIES = \
-               auth SCHANNELDB MSRPC_PARSE
+               SCHANNELDB MSRPC_PARSE
 # End SUBSYSTEM LIBCLI_AUTH
 #################################

diff --git a/source4/libcli/config.mk b/source4/libcli/config.mk
index e646985a7860257668d4617a94aaa108bf46b304..c62f30dd20cff88bf95c7c120acc8116e3e55e91 100644 (file)
--- a/source4/libcli/config.mk
+++ b/source4/libcli/config.mk
@@ -104,7 +104,7 @@ VERSION = 0.0.1
 SO_VERSION = 0
 DESCRIPTION = SMB/CIFS client library
 PUBLIC_DEPENDENCIES = LIBCLI_RAW LIBSAMBA-ERRORS LIBCLI_AUTH \
-       LIBCLI_SMB_COMPOSITE LIBCLI_NBT LIB_SECURITY LIBCLI_RESOLVE \
+       LIBCLI_SMB_COMPOSITE LIBCLI_NBT LIBSECURITY LIBCLI_RESOLVE \
        LIBCLI_DGRAM LIBCLI_SMB2 LIBCLI_FINDDCS
 
 [SUBSYSTEM::LIBSMB]

diff --git a/source4/libcli/ldap/config.mk b/source4/libcli/ldap/config.mk
index 26f230d7ef757628c431a461f4a6c5606b01e63d..ec5c48b48ce97e2b8d3c623ecf5168cb288915e3 100644 (file)
--- a/source4/libcli/ldap/config.mk
+++ b/source4/libcli/ldap/config.mk
@@ -10,7 +10,8 @@ OBJ_FILES = ldap.o \
                ldap_ndr.o \
                ldap_ildap.o \
                ldap_controls.o
-PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBEVENTS gensec SOCKET NDR_SAMR LIBTLS \
-                                         LIBPACKET ASN1_UTIL
+PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBEVENTS LIBPACKET
+PRIVATE_DEPENDENCIES = LIBCLI_COMPOSITE SOCKET NDR_SAMR LIBTLS ASN1_UTIL
+#PRIVATE_DEPENDENCIES = gensec
 # End SUBSYSTEM LIBCLI_LDAP
 #################################

diff --git a/source4/libcli/security/config.mk b/source4/libcli/security/config.mk
index fb4f1f71b7636435b1965f991988d42555e0a111..e19947203dba1d3047df44f58d0287806dd30611 100644 (file)
--- a/source4/libcli/security/config.mk
+++ b/source4/libcli/security/config.mk
@@ -1,6 +1,6 @@
 #################################
-# Start SUBSYSTEM LIB_SECURITY
-[SUBSYSTEM::LIB_SECURITY]
+# Start SUBSYSTEM LIBSECURITY
+[SUBSYSTEM::LIBSECURITY]
 PRIVATE_PROTO_HEADER = proto.h
 OBJ_FILES = security_token.o \
                security_descriptor.o \
@@ -8,6 +8,6 @@ OBJ_FILES = security_token.o \
                access_check.o \
                privilege.o \
                sddl.o
-PUBLIC_DEPENDENCIES = NDR_SECURITY
-# End SUBSYSTEM LIB_SECURITY
+PUBLIC_DEPENDENCIES = NDR_SECURITY 
+# End SUBSYSTEM LIBSECURITY
 #################################

diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c
index d872376bffd44d1149eda8e264583ee34a19606b..00436781442176bee8d92f032bae85d73c89d0af 100644 (file)
--- a/source4/libcli/security/security_token.c
+++ b/source4/libcli/security/security_token.c
@@ -47,80 +47,6 @@ struct security_token *security_token_initialise(TALLOC_CTX *mem_ctx)
        return st;
 }
 
-/****************************************************************************
- Create the SID list for this user.
-****************************************************************************/
-NTSTATUS security_token_create(TALLOC_CTX *mem_ctx, 
-                              struct dom_sid *user_sid,
-                              struct dom_sid *group_sid, 
-                              int n_groupSIDs,
-                              struct dom_sid **groupSIDs, 
-                              BOOL is_authenticated,
-                              struct security_token **token)
-{
-       struct security_token *ptoken;
-       int i;
-       NTSTATUS status;
-
-       ptoken = security_token_initialise(mem_ctx);
-       NT_STATUS_HAVE_NO_MEMORY(ptoken);
-
-       ptoken->sids = talloc_array(ptoken, struct dom_sid *, n_groupSIDs + 5);
-       NT_STATUS_HAVE_NO_MEMORY(ptoken->sids);
-
-       ptoken->user_sid = talloc_reference(ptoken, user_sid);
-       ptoken->group_sid = talloc_reference(ptoken, group_sid);
-       ptoken->privilege_mask = 0;
-
-       ptoken->sids[0] = ptoken->user_sid;
-       ptoken->sids[1] = ptoken->group_sid;
-
-       /*
-        * Finally add the "standard" SIDs.
-        * The only difference between guest and "anonymous"
-        * is the addition of Authenticated_Users.
-        */
-       ptoken->sids[2] = dom_sid_parse_talloc(ptoken->sids, SID_WORLD);
-       NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[2]);
-       ptoken->sids[3] = dom_sid_parse_talloc(ptoken->sids, SID_NT_NETWORK);
-       NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[3]);
-       ptoken->num_sids = 4;
-
-       if (is_authenticated) {
-               ptoken->sids[4] = dom_sid_parse_talloc(ptoken->sids, SID_NT_AUTHENTICATED_USERS);
-               NT_STATUS_HAVE_NO_MEMORY(ptoken->sids[4]);
-               ptoken->num_sids++;
-       }
-
-       for (i = 0; i < n_groupSIDs; i++) {
-               size_t check_sid_idx;
-               for (check_sid_idx = 1; 
-                    check_sid_idx < ptoken->num_sids; 
-                    check_sid_idx++) {
-                       if (dom_sid_equal(ptoken->sids[check_sid_idx], groupSIDs[i])) {
-                               break;
-                       }
-               }
-
-               if (check_sid_idx == ptoken->num_sids) {
-                       ptoken->sids[ptoken->num_sids++] = talloc_reference(ptoken->sids, groupSIDs[i]);
-               }
-       }
-
-       /* setup the privilege mask for this token */
-       status = samdb_privilege_setup(ptoken);
-       if (!NT_STATUS_IS_OK(status)) {
-               talloc_free(ptoken);
-               return status;
-       }
-
-       security_token_debug(10, ptoken);
-
-       *token = ptoken;
-
-       return NT_STATUS_OK;
-}
-
 /****************************************************************************
  prints a struct security_token to debug output.
 ****************************************************************************/

diff --git a/source4/librpc/config.mk b/source4/librpc/config.mk
index fa4d5045f67e118a2cfcb359a2d8aa4928a9d6c6..e378f8474442fdba782d6527d3ffaf6b23dc761f 100644 (file)
--- a/source4/librpc/config.mk
+++ b/source4/librpc/config.mk
@@ -11,7 +11,7 @@ OBJ_FILES = \
                ndr/ndr_basic.o \
                ndr/ndr_string.o \
                ndr/ndr_misc.o
-PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBTALLOC LIBSAMBA-UTIL
+PUBLIC_DEPENDENCIES = LIBSAMBA-ERRORS LIBTALLOC LIBSAMBA-UTIL CHARSET
 # End SUBSYSTEM LIBNDR
 ################################################
 
@@ -332,12 +332,12 @@ PUBLIC_DEPENDENCIES = LIBNDR
 
 [SUBSYSTEM::NDR_SCHANNEL]
 OBJ_FILES = gen_ndr/ndr_schannel.o
-PUBLIC_DEPENDENCIES = LIBNDR
+PUBLIC_DEPENDENCIES = LIBNDR NDR_NBT
 
 [SUBSYSTEM::NDR_NBT]
 OBJ_FILES = gen_ndr/ndr_nbt.o
 PUBLIC_HEADERS = gen_ndr/nbt.h
-PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_NBT_BUF NDR_SVCCTL
+PUBLIC_DEPENDENCIES = LIBNDR NDR_MISC NDR_NBT_BUF NDR_SVCCTL NDR_SECURITY
 
 [LIBRARY::NDR_WINSREPL]
 VERSION = 0.0.1

diff --git a/source4/passdb/config.mk b/source4/passdb/config.mk
index 0172f572611850063ad6169d724b7ce6bff131df..51e2c4a83e700a99a0fe96db84466ea4e7dddd5f 100644 (file)
--- a/source4/passdb/config.mk
+++ b/source4/passdb/config.mk
@@ -1,4 +1,4 @@
 [SUBSYSTEM::SECRETS]
 PRIVATE_PROTO_HEADER = proto.h
 OBJ_FILES = secrets.o
-PUBLIC_DEPENDENCIES = SAMDB
+PRIVATE_DEPENDENCIES = DB_WRAP