diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-02-09 16:05:54 +1100 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2011-02-10 06:51:06 +0100 |
commit | 4cfee6f88e4befaae33095178c10932cd5337439 (patch) | |
tree | 4b2d888d583aefc243c0d2a800b52794a2f66add | |
parent | 8220a7ebae5c8b1fcc16b2565fbfd84c12b04984 (diff) | |
download | samba-4cfee6f88e4befaae33095178c10932cd5337439.tar.gz samba-4cfee6f88e4befaae33095178c10932cd5337439.tar.bz2 samba-4cfee6f88e4befaae33095178c10932cd5337439.zip |
auth Move auth_sam_reply into the top level.
These functions provide conversions between some netlogon.idl and
auth.idl structures
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r-- | auth/auth_sam_reply.c (renamed from source4/auth/auth_sam_reply.c) | 26 | ||||
-rw-r--r-- | auth/auth_sam_reply.h | 38 | ||||
-rw-r--r-- | auth/wscript_build | 5 | ||||
-rw-r--r-- | source4/auth/wscript_build | 7 | ||||
-rw-r--r-- | wscript_build | 1 |
5 files changed, 57 insertions, 20 deletions
diff --git a/source4/auth/auth_sam_reply.c b/auth/auth_sam_reply.c index eb9a83418a..52abb8a4df 100644 --- a/source4/auth/auth_sam_reply.c +++ b/auth/auth_sam_reply.c @@ -1,27 +1,27 @@ -/* +/* Unix SMB/CIFS implementation. Convert a server info struct into the form for PAC and NETLOGON replies Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004 Copyright (C) Stefan Metzmacher <metze@samba.org> 2005 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ #include "includes.h" -#include "auth/auth.h" +#include "librpc/gen_ndr/auth.h" #include "libcli/security/security.h" #include "auth/auth_sam_reply.h" @@ -94,8 +94,8 @@ NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx, } sam->groups.rids[sam->groups.count].rid = group_sid->sub_auths[group_sid->num_auths-1]; - - sam->groups.rids[sam->groups.count].attributes = + + sam->groups.rids[sam->groups.count].attributes = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED; sam->groups.count += 1; } @@ -118,11 +118,11 @@ NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx, memcpy(sam->LMSessKey.key, user_info_dc->lm_session_key.data, sizeof(sam->LMSessKey.key)); } - + *_sam = sam; return NT_STATUS_OK; -} +} /* Note that the validity of the _sam3 structure is only as long as * the user_info_dc it was generated from */ @@ -145,7 +145,7 @@ NTSTATUS auth_convert_user_info_dc_saminfo3(TALLOC_CTX *mem_ctx, sam3->sidcount = 0; sam3->sids = NULL; - + sam3->sids = talloc_array(sam, struct netr_SidAttr, user_info_dc->num_sids); NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sam3->sids, sam3); @@ -169,7 +169,7 @@ NTSTATUS auth_convert_user_info_dc_saminfo3(TALLOC_CTX *mem_ctx, *_sam3 = sam3; return NT_STATUS_OK; -} +} /** * Make a user_info_dc struct from the info3 returned by a domain logon @@ -213,7 +213,7 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx, /* Here is where we should check the list of - trusted domains, and verify that the SID + trusted domains, and verify that the SID matches. */ if (!base->domain_sid) { @@ -251,7 +251,7 @@ NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx, } /* Copy 'other' sids. We need to do sid filtering here to - prevent possible elevation of privileges. See: + prevent possible elevation of privileges. See: http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp */ diff --git a/auth/auth_sam_reply.h b/auth/auth_sam_reply.h new file mode 100644 index 0000000000..dea6501257 --- /dev/null +++ b/auth/auth_sam_reply.h @@ -0,0 +1,38 @@ +#ifndef __AUTH_AUTH_SAM_REPLY_H__ +#define __AUTH_AUTH_SAM_REPLY_H__ + +#undef _PRINTF_ATTRIBUTE +#define _PRINTF_ATTRIBUTE(a1, a2) PRINTF_ATTRIBUTE(a1, a2) +/* this file contains prototypes for functions that are private + * to this subsystem or library. These functions should not be + * used outside this particular subsystem! */ + + +/* The following definitions come from auth/auth_sam_reply.c */ + +NTSTATUS auth_convert_user_info_dc_sambaseinfo(TALLOC_CTX *mem_ctx, + struct auth_user_info_dc *user_info_dc, + struct netr_SamBaseInfo **_sam); +NTSTATUS auth_convert_user_info_dc_saminfo3(TALLOC_CTX *mem_ctx, + struct auth_user_info_dc *user_info_dc, + struct netr_SamInfo3 **_sam3); + +/** + * Make a user_info_dc struct from the info3 returned by a domain logon + */ +NTSTATUS make_user_info_dc_netlogon_validation(TALLOC_CTX *mem_ctx, + const char *account_name, + uint16_t validation_level, + union netr_Validation *validation, + struct auth_user_info_dc **_user_info_dc); + +/** + * Make a user_info_dc struct from the PAC_LOGON_INFO supplied in the krb5 logon + */ +NTSTATUS make_user_info_dc_pac(TALLOC_CTX *mem_ctx, + struct PAC_LOGON_INFO *pac_logon_info, + struct auth_user_info_dc **_user_info_dc); +#undef _PRINTF_ATTRIBUTE +#define _PRINTF_ATTRIBUTE(a1, a2) + +#endif /* __AUTH_AUTH_SAM_REPLY_H__ */ diff --git a/auth/wscript_build b/auth/wscript_build new file mode 100644 index 0000000000..b124887aec --- /dev/null +++ b/auth/wscript_build @@ -0,0 +1,5 @@ +bld.SAMBA_SUBSYSTEM('auth_sam_reply', + source='auth_sam_reply.c', + deps='talloc', + autoproto='auth_sam_reply.h' + ) diff --git a/source4/auth/wscript_build b/source4/auth/wscript_build index c0701bf9f5..5bb51161f3 100644 --- a/source4/auth/wscript_build +++ b/source4/auth/wscript_build @@ -38,13 +38,6 @@ bld.SAMBA_SUBSYSTEM('auth_sam', ) -bld.SAMBA_SUBSYSTEM('auth_sam_reply', - source='auth_sam_reply.c', - deps='talloc', - autoproto='auth_sam_reply.h' - ) - - bld.SAMBA_PYTHON('pyauth', source='pyauth.c', public_deps='auth_system_session', diff --git a/wscript_build b/wscript_build index de6ea98685..dea49b32c9 100644 --- a/wscript_build +++ b/wscript_build @@ -33,6 +33,7 @@ bld.RECURSE('source4/cluster') bld.RECURSE('source4/smbd') bld.RECURSE('source4/libnet') bld.RECURSE('source4/auth') +bld.RECURSE('auth') bld.RECURSE('lib/iniparser/src') bld.RECURSE('nsswitch') bld.RECURSE('nsswitch/libwbclient') |