--- /dev/null
+/*
+ Unix SMB/CIFS implementation.
+ Password and authentication handling
+ Copyright (C) Jeremy Allison 1996-2002
+ Copyright (C) Andrew Tridgell 2002
+ Copyright (C) Gerald (Jerry) Carter 2000
+ Copyright (C) Stefan (metze) Metzmacher 2002
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "auth/auth.h"
+#include "auth/auth_sam_reply.h"
+#include "s3_smbd_proto.h"
+#include "smbd/service.h"
+#include "libcli/security/dom_sid.h"
+#include "dsdb/samdb/samdb.h"
+
+/* NOTE! the global_sam_sid is the SID of our local SAM. This is only
+ equal to the domain SID when we are a DC, otherwise its our
+ workstation SID */
+
+/****************************************************************************
+ Read a SID from a file. This is for compatibility with the old MACHINE.SID
+ style of SID storage
+****************************************************************************/
+/* return our global_sam_sid */
+_PUBLIC_ const struct dom_sid *get_global_sam_sid(void)
+{
+
+ struct stream_connection *samba3_conn = s3compat_get_conn();
+ struct ldb_context *samdb = samdb_connect(samba3_conn, samba3_conn->event.ctx, samba3_conn->lp_ctx, system_session(samba3_conn->lp_ctx));
+
+ return samdb_domain_sid(samdb);
+}
+
+/**
+ * Force get_global_sam_sid to requery the backends
+ */
+_PUBLIC_ void reset_global_sam_sid(void)
+{
+
+}
+
+/*****************************************************************
+ Check if the SID is our domain SID (S-1-5-21-x-y-z).
+*****************************************************************/
+
+_PUBLIC_ bool sid_check_is_domain(const struct dom_sid *sid)
+{
+ return dom_sid_equal(sid, get_global_sam_sid());
+}
+
+/*****************************************************************
+ Check if the SID is our domain SID (S-1-5-21-x-y-z).
+*****************************************************************/
+
+_PUBLIC_ bool sid_check_is_in_our_domain(const struct dom_sid *sid)
+{
+ return dom_sid_in_domain(get_global_sam_sid(), sid);
+}
PDB_STATIC = 'passdb/pdb_tdb.c'
PASSDB_MODULES_SRC = '''passdb/pdb_wbc_sam.c passdb/pdb_ads.c
-passdb/pdb_smbpasswd.c passdb/secrets.c passdb/machine_sid.c'''
+passdb/pdb_smbpasswd.c passdb/secrets.c'''
#passdb/pdb_ldap.c passdb/pdb_nds.c'''
PASSDB_SRC = '''${PASSDB_GET_SET_SRC} passdb/passdb.c passdb/pdb_interface.c
hide_symbols=True)
bld.SAMBA_SUBSYSTEM('s3compat_authenticate',
- source='s3compat_authenticate.c',
+ source='s3compat_authenticate.c machine_sid.c',
autoproto='s3compat_authenticate.h',
deps='auth')