s4:kdc: Pass ldb context into samba_kdc_message2entry_keys()

author Jo Sutton <josutton@catalyst.net.nz>

Mon, 15 Apr 2024 02:39:45 +0000 (14:39 +1200)

committer Andrew Bartlett <abartlet@samba.org>

Wed, 24 Apr 2024 05:16:29 +0000 (05:16 +0000)
author Jo Sutton <josutton@catalyst.net.nz>
Mon, 15 Apr 2024 02:39:45 +0000 (14:39 +1200)
committer Andrew Bartlett <abartlet@samba.org>
Wed, 24 Apr 2024 05:16:29 +0000 (05:16 +0000)
diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c

index d12045d8e1c1aa6953a6857db84d0c225bb3b565..099d10e791757f858167941f1b64291c2f011906 100644 (file)
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -400,6 +400,7 @@ static NTSTATUS authsam_password_check_and_record(struct auth4_context *auth_con
  
                 krb5_ret = dsdb_extract_aes_256_key(smb_krb5_context->krb5_context,
                                                     tmp_ctx,
+                                                   sam_ctx,
                                                     msg,
                                                     userAccountControl,
                                                     NULL, /* kvno */
@@ -551,6 +552,7 @@ static NTSTATUS authsam_password_check_and_record(struct auth4_context *auth_con
  
                         krb5_ret = dsdb_extract_aes_256_key(smb_krb5_context->krb5_context,
                                                             tmp_ctx,
+                                                           sam_ctx,
                                                             msg,
                                                             userAccountControl,
                                                             &request_kvno, /* kvno */
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c

index c352eb9f5dcdfc37e7d5d9a612d88746606311c7..5783e67eddf914dbe84244e473502b260bf83f68 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -3164,6 +3164,7 @@ static int check_password_restrictions(struct setup_password_fields_io *io, WERR
                  */
                 krb5_ret = dsdb_extract_aes_256_key(io->smb_krb5_context->krb5_context,
                                                     io->ac,
+                                                   ldb,
                                                     io->ac->search_res->message,
                                                     io->u.userAccountControl,
                                                     &request_kvno, /* kvno */
@@ -4066,6 +4067,7 @@ static int setup_io(struct ph_context *ac,
                  */
                 krb5_ret = dsdb_extract_aes_256_key(io->smb_krb5_context->krb5_context,
                                                     io->ac,
+                                                   ldb,
                                                     existing_msg,
                                                     io->u.userAccountControl,
                                                     NULL, /* kvno */
diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c

index 783602d8e0089c7e82d9aa782068181ed5eceeaa..b08f196d2257686b419954d10325bdca16b83d17 100644 (file)
--- a/source4/kdc/db-glue.c
+++ b/source4/kdc/db-glue.c
@@ -577,6 +577,7 @@ fail:
  
  krb5_error_code samba_kdc_message2entry_keys(krb5_context context,
                                              TALLOC_CTX *mem_ctx,
+                                            struct ldb_context *ldb,
                                              const struct ldb_message *msg,
                                              bool is_krbtgt,
                                              bool is_rodc,
@@ -1670,7 +1671,8 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
         supported_session_etypes &= kdc_enctypes;
  
         /* Get keys from the db */
-       ret = samba_kdc_message2entry_keys(context, p, msg,
+       ret = samba_kdc_message2entry_keys(context, p,
+                                          kdc_db_ctx->samdb, msg,
                                            is_krbtgt, is_rodc,
                                            userAccountControl,
                                            ent_type, flags, kvno, entry,
@@ -1696,7 +1698,8 @@ static krb5_error_code samba_kdc_message2entry(krb5_context context,
             (kdc_enctypes & ENC_RC4_HMAC_MD5) != 0)
         {
                 supported_enctypes = ENC_RC4_HMAC_MD5;
-               ret = samba_kdc_message2entry_keys(context, p, msg,
+               ret = samba_kdc_message2entry_keys(context, p,
+                                                  kdc_db_ctx->samdb, msg,
                                                    is_krbtgt, is_rodc,
                                                    userAccountControl,
                                                    ent_type, flags, kvno, entry,
@@ -3790,6 +3793,7 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
  
  krb5_error_code dsdb_extract_aes_256_key(krb5_context context,
                                          TALLOC_CTX *mem_ctx,
+                                        struct ldb_context *ldb,
                                          const struct ldb_message *msg,
                                          uint32_t user_account_control,
                                          const uint32_t *kvno,
@@ -3808,6 +3812,7 @@ krb5_error_code dsdb_extract_aes_256_key(krb5_context context,
  
         krb5_ret = samba_kdc_message2entry_keys(context,
                                                 mem_ctx,
+                                               ldb,
                                                 msg,
                                                 false, /* is_krbtgt */
                                                 false, /* is_rodc */
diff --git a/source4/kdc/db-glue.h b/source4/kdc/db-glue.h

index fb74726b40c08548cc08339e1eb7b5427063404c..1ac692eb8208e9f445c8d92fb67d4955c28ea899 100644 (file)
--- a/source4/kdc/db-glue.h
+++ b/source4/kdc/db-glue.h
@@ -42,6 +42,7 @@ enum samba_kdc_ent_type {
   */
  krb5_error_code samba_kdc_message2entry_keys(krb5_context context,
                                              TALLOC_CTX *mem_ctx,
+                                            struct ldb_context *ldb,
                                              const struct ldb_message *msg,
                                              bool is_krbtgt,
                                              bool is_rodc,
@@ -105,6 +106,7 @@ NTSTATUS samba_kdc_setup_db_ctx(TALLOC_CTX *mem_ctx, struct samba_kdc_base_conte
  
  krb5_error_code dsdb_extract_aes_256_key(krb5_context context,
                                          TALLOC_CTX *mem_ctx,
+                                        struct ldb_context *ldb,
                                          const struct ldb_message *msg,
                                          uint32_t user_account_control,
                                          const uint32_t *kvno,
author	Jo Sutton <josutton@catalyst.net.nz>
	Mon, 15 Apr 2024 02:39:45 +0000 (14:39 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Wed, 24 Apr 2024 05:16:29 +0000 (05:16 +0000)
source4/auth/ntlm/auth_sam.c		patch \| blob \| history
source4/dsdb/samdb/ldb_modules/password_hash.c		patch \| blob \| history
source4/kdc/db-glue.c		patch \| blob \| history
source4/kdc/db-glue.h		patch \| blob \| history