Add context pointer to secrets functions.

(This used to be commit 873941d8a8dca8e7ace83f9af9939e4264f78c96)

diff --git a/source4/param/secrets.c b/source4/param/secrets.c
index bc4327188ad44c659af2d646b39638ac65a87d47..06dc850c8e6b317388c6e237775420ac89fa1a48 100644 (file)
--- a/source4/param/secrets.c
+++ b/source4/param/secrets.c
@@ -32,8 +32,6 @@
 #include "lib/util/util_ldb.h"
 #include "librpc/gen_ndr/ndr_security.h"
 
-static struct tdb_wrap *tdb;
-
 /**
  * Use a TDB to store an incrementing random seed.
  *
@@ -42,42 +40,31 @@ static struct tdb_wrap *tdb;
  * 
  * @note Not called by systems with a working /dev/urandom.
  */
-static void get_rand_seed(int *new_seed) 
+static void get_rand_seed(struct tdb_wrap *secretsdb, int *new_seed) 
 {
        *new_seed = getpid();
-       if (tdb != NULL) {
-               tdb_change_int32_atomic(tdb->tdb, "INFO/random_seed", new_seed, 1);
+       if (secretsdb != NULL) {
+               tdb_change_int32_atomic(secretsdb->tdb, "INFO/random_seed", new_seed, 1);
        }
 }
 
-/**
- * close the secrets database
- */
-void secrets_shutdown(void)
-{
-       talloc_free(tdb);
-}
-
 /**
  * open up the secrets database
  */
-bool secrets_init(struct loadparm_context *lp_ctx)
+struct tdb_wrap *secrets_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
 {
        char *fname;
        uint8_t dummy;
+       struct tdb_wrap *tdb;
 
-       if (tdb != NULL)
-               return true;
+       fname = private_path(mem_ctx, lp_ctx, "secrets.tdb");
 
-       fname = private_path(NULL, lp_ctx, "secrets.tdb");
-
-       tdb = tdb_wrap_open(talloc_autofree_context(), fname, 0, TDB_DEFAULT, 
-                                               O_RDWR|O_CREAT, 0600);
+       tdb = tdb_wrap_open(mem_ctx, fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
 
        if (!tdb) {
                DEBUG(0,("Failed to open %s\n", fname));
                talloc_free(fname);
-               return false;
+               return NULL;
        }
        talloc_free(fname);
 
@@ -87,12 +74,12 @@ bool secrets_init(struct loadparm_context *lp_ctx)
         * This avoids a problem where systems without /dev/urandom
         * could send the same challenge to multiple clients
         */
-       set_rand_reseed_callback(get_rand_seed);
+       set_rand_reseed_callback((void (*) (void *, int *))get_rand_seed, tdb);
 
        /* Ensure that the reseed is done now, while we are root, etc */
        generate_random_buffer(&dummy, sizeof(dummy));
 
-       return true;
+       return tdb;
 }
 
 /**

diff --git a/source4/param/secrets.h b/source4/param/secrets.h
index 4a9eb25e7e034939a12795c55d387d09609de3bf..bd6ff4a4015ec1a70d39d794cbfecfcc4abdf21d 100644 (file)
--- a/source4/param/secrets.h
+++ b/source4/param/secrets.h
@@ -43,8 +43,7 @@ struct machine_acct_pass {
  * @note Not called by systems with a working /dev/urandom.
  */
 struct loadparm_context;
-void secrets_shutdown(void);
-bool secrets_init(struct loadparm_context *lp_ctx);
+struct tdb_wrap *secrets_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
 struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
 struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, const char *domain);
 

diff --git a/source4/smbd/process_standard.c b/source4/smbd/process_standard.c
index deb44c0a6860529f4d0b61bec7efb44d35ed5f06..820859400e7e0ef503c20dd8711b2779a494bd6d 100644 (file)
--- a/source4/smbd/process_standard.c
+++ b/source4/smbd/process_standard.c
@@ -204,9 +204,6 @@ _NORETURN_ static void standard_terminate(struct event_context *ev, const char *
           which makes leak checking easier */
        reload_charcnv(global_loadparm);
 
-       /* the secrets db should really hang off the connection structure */
-       secrets_shutdown();
-
        talloc_free(ev);
 
        /* terminate this process */

diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index fe38a4e5aba9d4ca52d6046a707473a165581c4a..d6e2fb19e4ad94eb0de130934fe8457901939aa2 100644 (file)
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -278,7 +278,7 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[
        /* Do *not* remove this, until you have removed
         * passdb/secrets.c, and proved that Samba still builds... */
        /* Setup the SECRETS subsystem */
-       if (!secrets_init(cmdline_lp_ctx)) {
+       if (secrets_init(talloc_autofree_context(), cmdline_lp_ctx) == NULL) {
                exit(1);
        }