From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 13 Jan 2014 22:23:04 +0000 (+1300)
Subject: kdc: Add belts-and-braces check that we fail if the hdb version changes
X-Git-Tag: samba-4.0.15~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f847b5dba7b6646cd28751e22a4d2f30fda51917;p=thirdparty%2Fsamba.git

kdc: Add belts-and-braces check that we fail if the hdb version changes

This checks both if host system run-time Heimdal has changed version,
and that the build-time version is supported.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-By: Jelmer Vernooij <jelmer@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Jan 20 22:26:49 CET 2014 on sn-devel-104

(cherry picked from commit e758f4111356fafce5b5c8393648c9ea5c400601)

The last 3 patches address bug #10418 - INTERNAL ERROR: Signal 11 in the kdc
pid.
---

diff --git a/source4/kdc/hdb-samba4-plugin.c b/source4/kdc/hdb-samba4-plugin.c
index cc38a60152a..6f76124995d 100644
--- a/source4/kdc/hdb-samba4-plugin.c
+++ b/source4/kdc/hdb-samba4-plugin.c
@@ -60,6 +60,8 @@ static krb5_error_code hdb_samba4_create(krb5_context context, struct HDB **db,
 
 	if (NT_STATUS_IS_OK(nt_status)) {
 		return 0;
+	} else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_ERROR_DS_INCOMPATIBLE_VERSION)) {
+		return EINVAL;
 	} else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_CANT_ACCESS_DOMAIN_INFO)) {
 		
 		krb5_set_error_message(context, EINVAL, "Failed to open Samba4 LDB at %s", lpcfg_private_path(base_ctx, base_ctx->lp_ctx, "sam.ldb"));
@@ -70,6 +72,10 @@ static krb5_error_code hdb_samba4_create(krb5_context context, struct HDB **db,
 	return EINVAL;
 }
 
+#if (HDB_INTERFACE_VERSION != 8 && HDB_INTERFACE_VERSION != 7)
+#error "Unsupported Heimdal HDB version"
+#endif
+
 #if HDB_INTERFACE_VERSION >= 8
 static krb5_error_code hdb_samba4_init(krb5_context context, void **ctx)
 {
diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c
index 6a9e5587bfd..4519fb99dcc 100644
--- a/source4/kdc/hdb-samba4.c
+++ b/source4/kdc/hdb-samba4.c
@@ -176,6 +176,11 @@ NTSTATUS hdb_samba4_create_kdc(struct samba_kdc_base_context *base_ctx,
 	struct samba_kdc_db_context *kdc_db_ctx;
 	NTSTATUS nt_status;
 
+	if (hdb_interface_version != HDB_INTERFACE_VERSION) {
+		krb5_set_error_message(context, EINVAL, "Heimdal HDB interface version mismatch between build-time and run-time libraries!");
+		return NT_STATUS_ERROR_DS_INCOMPATIBLE_VERSION;
+	}
+
 	*db = talloc(base_ctx, HDB);
 	if (!*db) {
 		krb5_set_error_message(context, ENOMEM, "malloc: out of memory");