summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-02-09 16:05:54 +1100
committerAndrew Tridgell <tridge@samba.org>2011-02-10 06:51:06 +0100
commit4cfee6f88e4befaae33095178c10932cd5337439 (patch)
tree4b2d888d583aefc243c0d2a800b52794a2f66add
parent8220a7ebae5c8b1fcc16b2565fbfd84c12b04984 (diff)
downloadsamba-4cfee6f88e4befaae33095178c10932cd5337439.tar.gz
samba-4cfee6f88e4befaae33095178c10932cd5337439.tar.bz2
samba-4cfee6f88e4befaae33095178c10932cd5337439.zip
auth Move auth_sam_reply into the top level.
These functions provide conversions between some netlogon.idl and auth.idl structures Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r--auth/auth_sam_reply.c (renamed from source4/auth/auth_sam_reply.c)26
-rw-r--r--auth/auth_sam_reply.h38
-rw-r--r--auth/wscript_build5
-rw-r--r--source4/auth/wscript_build7
-rw-r--r--wscript_build1
5 files changed, 57 insertions, 20 deletions
diff --git a/source4/auth/auth_sam_reply.c b/auth/auth_sam_reply.c
index eb9a83418a..52abb8a4df 100644
--- a/source4/auth/auth_sam_reply.c
+++ b/auth/auth_sam_reply.c
@@ -1,27 +1,27 @@
-/*
+/*
Unix SMB/CIFS implementation.
Convert a server info struct into the form for PAC and NETLOGON replies
Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004
Copyright (C) Stefan Metzmacher <metze@samba.org> 2005
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
-#include "auth/auth.h"
+#include "librpc/gen_ndr/auth.h"
#include "libcli/security/security.h"
#include "auth/auth_sam_reply.h"
@@ -94,8 +94,8 @@ NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx,
}
sam->groups.rids[sam->groups.count].rid =
group_sid->sub_auths[group_sid->num_auths-1];
-
- sam->groups.rids[sam->groups.count].attributes =
+
+ sam->groups.rids[sam->groups.count].attributes =
SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED;
sam->groups.count += 1;
}
@@ -118,11 +118,11 @@ NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx,
memcpy(sam->LMSessKey.key, user_info_dc->lm_session_key.data,
sizeof(sam->LMSessKey.key));
}
-
+
*_sam = sam;
return NT_STATUS_OK;
-}
+}
/* Note that the validity of the _sam3 structure is only as long as
* the user_info_dc it was generated from */
@@ -145,7 +145,7 @@ NTSTATUS auth_convert_user_info_dc_saminfo3(TALLOC_CTX *mem_ctx,
sam3->sidcount = 0;
sam3->sids = NULL;
-
+
sam3->sids = talloc_array(sam, struct netr_SidAttr,
user_info_dc->num_sids);
NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sam3->sids, sam3);
@@ -169,7 +169,7 @@ NTSTATUS auth_convert_user_info_dc_saminfo3(TALLOC_CTX *mem_ctx,
*_sam3 = sam3;
return NT_STATUS_OK;
-}
+}
/**
* Make a user_info_dc struct from the info3 returned by a domain logon
@@ -213,7 +213,7 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx,
/*
Here is where we should check the list of
- trusted domains, and verify that the SID
+ trusted domains, and verify that the SID
matches.
*/
if (!base->domain_sid) {
@@ -251,7 +251,7 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx,
}
/* Copy 'other' sids. We need to do sid filtering here to
- prevent possible elevation of privileges. See:
+ prevent possible elevation of privileges. See:
http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
*/
diff --git a/auth/auth_sam_reply.h b/auth/auth_sam_reply.h
new file mode 100644
index 0000000000..dea6501257
--- /dev/null
+++ b/auth/auth_sam_reply.h
@@ -0,0 +1,38 @@
+#ifndef __AUTH_AUTH_SAM_REPLY_H__
+#define __AUTH_AUTH_SAM_REPLY_H__
+
+#undef _PRINTF_ATTRIBUTE
+#define _PRINTF_ATTRIBUTE(a1, a2) PRINTF_ATTRIBUTE(a1, a2)
+/* this file contains prototypes for functions that are private
+ * to this subsystem or library. These functions should not be
+ * used outside this particular subsystem! */
+
+
+/* The following definitions come from auth/auth_sam_reply.c */
+
+NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx,
+ struct auth_user_info_dc *user_info_dc,
+ struct netr_SamBaseInfo **_sam);
+NTSTATUS auth_convert_user_info_dc_saminfo3(TALLOC_CTX *mem_ctx,
+ struct auth_user_info_dc *user_info_dc,
+ struct netr_SamInfo3 **_sam3);
+
+/**
+ * Make a user_info_dc struct from the info3 returned by a domain logon
+ */
+NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx,
+ const char *account_name,
+ uint16_t validation_level,
+ union netr_Validation *validation,
+ struct auth_user_info_dc **_user_info_dc);
+
+/**
+ * Make a user_info_dc struct from the PAC_LOGON_INFO supplied in the krb5 logon
+ */
+NTSTATUS make_user_info_dc_pac(TALLOC_CTX *mem_ctx,
+ struct PAC_LOGON_INFO *pac_logon_info,
+ struct auth_user_info_dc **_user_info_dc);
+#undef _PRINTF_ATTRIBUTE
+#define _PRINTF_ATTRIBUTE(a1, a2)
+
+#endif /* __AUTH_AUTH_SAM_REPLY_H__ */
diff --git a/auth/wscript_build b/auth/wscript_build
new file mode 100644
index 0000000000..b124887aec
--- /dev/null
+++ b/auth/wscript_build
@@ -0,0 +1,5 @@
+bld.SAMBA_SUBSYSTEM('auth_sam_reply',
+ source='auth_sam_reply.c',
+ deps='talloc',
+ autoproto='auth_sam_reply.h'
+ )
diff --git a/source4/auth/wscript_build b/source4/auth/wscript_build
index c0701bf9f5..5bb51161f3 100644
--- a/source4/auth/wscript_build
+++ b/source4/auth/wscript_build
@@ -38,13 +38,6 @@ bld.SAMBA_SUBSYSTEM('auth_sam',
)
-bld.SAMBA_SUBSYSTEM('auth_sam_reply',
- source='auth_sam_reply.c',
- deps='talloc',
- autoproto='auth_sam_reply.h'
- )
-
-
bld.SAMBA_PYTHON('pyauth',
source='pyauth.c',
public_deps='auth_system_session',
diff --git a/wscript_build b/wscript_build
index de6ea98685..dea49b32c9 100644
--- a/wscript_build
+++ b/wscript_build
@@ -33,6 +33,7 @@ bld.RECURSE('source4/cluster')
bld.RECURSE('source4/smbd')
bld.RECURSE('source4/libnet')
bld.RECURSE('source4/auth')
+bld.RECURSE('auth')
bld.RECURSE('lib/iniparser/src')
bld.RECURSE('nsswitch')
bld.RECURSE('nsswitch/libwbclient')