int mit_samba_context_init(struct mit_samba_context **_ctx)
{
NTSTATUS status;
struct mit_samba_context *ctx;
const char *s4_conf_file;
int ret;
struct samba_kdc_base_context base_ctx;
ctx = talloc_zero(NULL, struct mit_samba_context);
if (!ctx) {
ret = ENOMEM;
goto done;
}
base_ctx.ev_ctx = tevent_context_init(ctx);
if (!base_ctx.ev_ctx) {
ret = ENOMEM;
goto done;
}
tevent_loop_allow_nesting(base_ctx.ev_ctx);
base_ctx.lp_ctx = loadparm_init_global(false);
if (!base_ctx.lp_ctx) {
ret = ENOMEM;
goto done;
}
setup_logging("mitkdc", DEBUG_STDOUT);
/* init s4 configuration */
s4_conf_file = lpcfg_configfile(base_ctx.lp_ctx);
if (s4_conf_file) {
lpcfg_load(base_ctx.lp_ctx, s4_conf_file);
} else {
lpcfg_load_default(base_ctx.lp_ctx);
}
status = samba_kdc_setup_db_ctx(ctx, &base_ctx, &ctx->db_ctx);
if (!NT_STATUS_IS_OK(status)) {
ret = EINVAL;
goto done;
}
/* init heimdal's krb_context and log facilities */
ret = smb_krb5_init_context_basic(ctx,
ctx->db_ctx->lp_ctx,
&ctx->context);
if (ret) {
goto done;
}
ret = 0;
done:
if (ret) {
mit_samba_context_free(ctx);
} else {
*_ctx = ctx;
}
return ret;
}
NTSTATUS hdb_samba4_create_kdc(struct samba_kdc_base_context *base_ctx,
krb5_context context, struct HDB **db)
{
struct samba_kdc_db_context *kdc_db_ctx;
NTSTATUS nt_status;
if (hdb_interface_version != HDB_INTERFACE_VERSION) {
krb5_set_error_message(context, EINVAL, "Heimdal HDB interface version mismatch between build-time and run-time libraries!");
return NT_STATUS_ERROR_DS_INCOMPATIBLE_VERSION;
}
*db = talloc(base_ctx, HDB);
if (!*db) {
krb5_set_error_message(context, ENOMEM, "malloc: out of memory");
return NT_STATUS_NO_MEMORY;
}
(*db)->hdb_master_key_set = 0;
(*db)->hdb_db = NULL;
(*db)->hdb_capability_flags = HDB_CAP_F_HANDLE_ENTERPRISE_PRINCIPAL;
nt_status = samba_kdc_setup_db_ctx(*db, base_ctx, &kdc_db_ctx);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(*db);
return nt_status;
}
(*db)->hdb_db = kdc_db_ctx;
(*db)->hdb_dbc = NULL;
(*db)->hdb_open = hdb_samba4_open;
(*db)->hdb_close = hdb_samba4_close;
(*db)->hdb_fetch_kvno = hdb_samba4_fetch_kvno;
(*db)->hdb_store = hdb_samba4_store;
(*db)->hdb_remove = hdb_samba4_remove;
(*db)->hdb_firstkey = hdb_samba4_firstkey;
(*db)->hdb_nextkey = hdb_samba4_nextkey;
(*db)->hdb_lock = hdb_samba4_lock;
(*db)->hdb_unlock = hdb_samba4_unlock;
(*db)->hdb_rename = hdb_samba4_rename;
/* we don't implement these, as we are not a lockable database */
(*db)->hdb__get = NULL;
(*db)->hdb__put = NULL;
/* kadmin should not be used for deletes - use other tools instead */
(*db)->hdb__del = NULL;
(*db)->hdb_destroy = hdb_samba4_destroy;
(*db)->hdb_auth_status = hdb_samba4_auth_status;
(*db)->hdb_check_constrained_delegation = hdb_samba4_check_constrained_delegation;
(*db)->hdb_check_pkinit_ms_upn_match = hdb_samba4_check_pkinit_ms_upn_match;
(*db)->hdb_check_s4u2self = hdb_samba4_check_s4u2self;
return NT_STATUS_OK;
}
