return 0;
}
-static void *kdb_samba_db_alloc(krb5_context context, void *ptr, size_t size)
+static void kdb_samba_db_free_principal_e_data(krb5_context context,
+ krb5_octet *e_data)
{
- return realloc(ptr, size);
-}
+ struct samba_kdc_entry *skdc_entry;
-static void kdb_samba_db_free(krb5_context context, void *ptr)
-{
- free(ptr);
+ skdc_entry = talloc_get_type_abort(e_data,
+ struct samba_kdc_entry);
+ talloc_set_destructor(skdc_entry, NULL);
+ TALLOC_FREE(skdc_entry);
}
kdb_vftabl kdb_function_table = {
- KRB5_KDB_DAL_MAJOR_VERSION, /* major version number */
- 0, /* minor version number */
- kdb_samba_init_library, /* init_library */
- kdb_samba_fini_library, /* fini_library */
- kdb_samba_init_module, /* init_module */
- kdb_samba_fini_module, /* fini_module */
-
- kdb_samba_db_create, /* db_create */
- kdb_samba_db_destroy, /* db_destroy */
- kdb_samba_db_get_age, /* db_get_age */
- kdb_samba_db_lock, /* db_lock */
- kdb_samba_db_unlock, /* db_unlock */
-
- kdb_samba_db_get_principal, /* db_get_principal */
- kdb_samba_db_free_principal, /* db_free_principal */
- kdb_samba_db_put_principal, /* db_put_principal */
- kdb_samba_db_delete_principal, /* db_delete_principal */
- kdb_samba_db_iterate, /* db_iterate */
-
- NULL, /* create_policy */
- NULL, /* get_policy */
- NULL, /* put_policy */
- NULL, /* iter_policy */
- NULL, /* delete_policy */
- NULL, /* free_policy */
-
- kdb_samba_db_alloc, /* db_alloc */
- kdb_samba_db_free, /* db_free */
-
- kdb_samba_fetch_master_key, /* fetch_master_key */
- kdb_samba_fetch_master_key_list, /* fetch_master_key_list */
- NULL, /* store_master_key_list */
- NULL, /* dbe_search_enctype */
- kdb_samba_change_pwd, /* change_pwd */
- NULL, /* promote_db */
- kdb_samba_dbekd_decrypt_key_data, /* decrypt_key_data */
- kdb_samba_dbekd_encrypt_key_data, /* encrypt_key_data */
-
- kdb_samba_db_sign_auth_data, /* sign_authdata */
- NULL, /* check_transited_realms */
- kdb_samba_db_check_policy_as, /* check_policy_as */
- NULL, /* check_policy_tgs */
- kdb_samba_db_audit_as_req, /* audit_as_req */
- NULL, /* refresh_config */
- kdb_samba_db_check_allowed_to_delegate
+ .maj_ver = KRB5_KDB_DAL_MAJOR_VERSION,
+ .min_ver = 1,
+
+ .init_library = kdb_samba_init_library,
+ .fini_library = kdb_samba_fini_library,
+ .init_module = kdb_samba_init_module,
+ .fini_module = kdb_samba_fini_module,
+
+ .create = kdb_samba_db_create,
+ .destroy = kdb_samba_db_destroy,
+ .get_age = kdb_samba_db_get_age,
+ .lock = kdb_samba_db_lock,
+ .unlock = kdb_samba_db_unlock,
+
+ .get_principal = kdb_samba_db_get_principal,
+ .put_principal = kdb_samba_db_put_principal,
+ .delete_principal = kdb_samba_db_delete_principal,
+
+ .iterate = kdb_samba_db_iterate,
+
+ .fetch_master_key = kdb_samba_fetch_master_key,
+ .fetch_master_key_list = kdb_samba_fetch_master_key_list,
+
+ .change_pwd = kdb_samba_change_pwd,
+
+ .decrypt_key_data = kdb_samba_dbekd_decrypt_key_data,
+ .encrypt_key_data = kdb_samba_dbekd_encrypt_key_data,
+
+ .sign_authdata = kdb_samba_db_sign_auth_data,
+ .check_policy_as = kdb_samba_db_check_policy_as,
+ .audit_as_req = kdb_samba_db_audit_as_req,
+ .check_allowed_to_delegate = kdb_samba_db_check_allowed_to_delegate,
+
+ .free_principal_e_data = kdb_samba_db_free_principal_e_data,
};
struct mit_samba_context *ks_get_context(krb5_context kcontext);
-void ks_free_krb5_db_entry(krb5_context context,
- krb5_db_entry *entry);
-
bool ks_data_eq_string(krb5_data d, const char *s);
krb5_data ks_make_data(void *data, unsigned int len);
unsigned int kflags,
krb5_db_entry **kentry);
-void kdb_samba_db_free_principal(krb5_context context,
- krb5_db_entry *entry);
-
krb5_error_code kdb_samba_db_put_principal(krb5_context context,
krb5_db_entry *entry,
char **db_args);
return (struct mit_samba_context *)db_ctx;
}
-void ks_free_krb5_db_entry(krb5_context context,
- krb5_db_entry *entry)
-{
- krb5_tl_data *tl_data_next = NULL;
- krb5_tl_data *tl_data = NULL;
- int i, j;
-
- if (entry == NULL) {
- return;
- }
-
-#if 0 /* TODO FIXME do we have something to free? */
- if (entry->e_data != NULL) {
- /* FREE ME! */
- }
-#endif
-
- krb5_free_principal(context, entry->princ);
-
- for (tl_data = entry->tl_data; tl_data; tl_data = tl_data_next) {
- tl_data_next = tl_data->tl_data_next;
- if (tl_data->tl_data_contents != NULL)
- free(tl_data->tl_data_contents);
- free(tl_data);
- }
-
- if (entry->key_data != NULL) {
- for (i = 0; i < entry->n_key_data; i++) {
- for (j = 0; j < entry->key_data[i].key_data_ver; j++) {
- if (entry->key_data[i].key_data_length[j] != 0) {
- if (entry->key_data[i].key_data_contents[j] != NULL) {
- memset(entry->key_data[i].key_data_contents[j],
- 0,
- entry->key_data[i].key_data_length[j]);
- free(entry->key_data[i].key_data_contents[j]);
- }
- }
- entry->key_data[i].key_data_contents[j] = NULL;
- entry->key_data[i].key_data_length[j] = 0;
- entry->key_data[i].key_data_type[j] = 0;
- }
- }
- free(entry->key_data);
- }
-
- free(entry);
-}
-
bool ks_data_eq_string(krb5_data d, const char *s)
{
int rc;
code = krb5_copy_principal(context, princ, &kentry->princ);
}
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
code = krb5_dbe_update_mod_princ_data(context, kentry, now, kentry->princ);
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
kentry->n_key_data = 1;
kentry->key_data = calloc(1, sizeof(krb5_key_data));
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
key_data->key_data_kvno = 1;
key_data->key_data_type[0] = ENCTYPE_UNKNOWN;
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
code = krb5_copy_principal(context, princ, &kentry->princ);
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
code = krb5_dbe_update_mod_princ_data(context, kentry, now, kentry->princ);
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
code = mit_samba_generate_salt(&salt);
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
/* create a random password */
code = mit_samba_generate_random_password(&pwd);
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
}
code = krb5_c_string_to_key(context, enctype, &pwd, &salt, &key);
SAFE_FREE(pwd.data);
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
kentry->n_key_data = 1;
kentry->key_data = calloc(1, sizeof(krb5_key_data));
if (code != 0) {
- ks_free_krb5_db_entry(context, kentry);
+ krb5_db_free_principal(context, kentry);
return code;
}
return code;
}
-void kdb_samba_db_free_principal(krb5_context context,
- krb5_db_entry *entry)
-{
- struct mit_samba_context *mit_ctx;
-
- mit_ctx = ks_get_context(context);
- if (mit_ctx == NULL) {
- return;
- }
-
- ks_free_krb5_db_entry(context, entry);
-}
-
krb5_error_code kdb_samba_db_put_principal(krb5_context context,
krb5_db_entry *entry,
char **db_args)
krb5_error_code ret;
krb5_context context;
+ if (entry_ex->e_data != NULL) {
+ struct samba_kdc_entry *skdc_entry;
+
+ skdc_entry = talloc_get_type(entry_ex->e_data,
+ struct samba_kdc_entry);
+ talloc_set_destructor(skdc_entry, NULL);
+ entry_ex->e_data = NULL;
+ }
+
ret = krb5_init_context(&context);
if (ret) {
return ret;
}
- free_krb5_db_entry(context, entry_ex);
+ krb5_db_free_principal(context, entry_ex);
krb5_free_context(context);
return 0;
}
-
int sdb_entry_ex_to_kdb_entry_ex(krb5_context context,
const struct sdb_entry_ex *s,
krb5_db_entry *k)
{
- struct samba_kdc_entry *skdc_entry;
-
ZERO_STRUCTP(k);
if (s->ctx != NULL) {
+ struct samba_kdc_entry *skdc_entry;
+
skdc_entry = talloc_get_type(s->ctx, struct samba_kdc_entry);
k->e_data = (void *)skdc_entry;