diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-12-31 22:45:51 +1100 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2012-01-11 08:59:34 +0100 |
commit | 14c8a13d3e2b2eb199e9eb26fa41f89bc380509e (patch) | |
tree | d6914966c03c312c15f45a6272cfebf9cec142b5 /auth | |
parent | b21351463192d72f0b4faeace81bea12b47f810e (diff) | |
download | samba-14c8a13d3e2b2eb199e9eb26fa41f89bc380509e.tar.gz samba-14c8a13d3e2b2eb199e9eb26fa41f89bc380509e.tar.bz2 samba-14c8a13d3e2b2eb199e9eb26fa41f89bc380509e.zip |
auth: make auth4_context common to provide access to generate_session_info_pac()
By providing this context, a function pointer for
generate_session_info_pac() can be inserted into gensec, allowing the
s3 PAC processing in an otherwise more generic gensec module.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'auth')
-rw-r--r-- | auth/common_auth.h | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/auth/common_auth.h b/auth/common_auth.h index e9c4bb5f63..ce3444ce7a 100644 --- a/auth/common_auth.h +++ b/auth/common_auth.h @@ -65,4 +65,63 @@ struct auth_usersupplied_info uint32_t flags; }; +struct auth_method_context; +struct tevent_context; +struct imessaging_context; +struct loadparm_context; +struct ldb_context; +struct smb_krb5_context; + +struct auth4_context { + struct { + /* Who set this up in the first place? */ + const char *set_by; + + bool may_be_modified; + + DATA_BLOB data; + } challenge; + + /* methods, in the order they should be called */ + struct auth_method_context *methods; + + /* the event context to use for calls that can block */ + struct tevent_context *event_ctx; + + /* the messaging context which can be used by backends */ + struct imessaging_context *msg_ctx; + + /* loadparm context */ + struct loadparm_context *lp_ctx; + + /* SAM database for this local machine - to fill in local groups, or to authenticate local NTLM users */ + struct ldb_context *sam_ctx; + + NTSTATUS (*check_password)(struct auth4_context *auth_ctx, + TALLOC_CTX *mem_ctx, + const struct auth_usersupplied_info *user_info, + struct auth_user_info_dc **user_info_dc); + + NTSTATUS (*get_challenge)(struct auth4_context *auth_ctx, uint8_t chal[8]); + + bool (*challenge_may_be_modified)(struct auth4_context *auth_ctx); + + NTSTATUS (*set_challenge)(struct auth4_context *auth_ctx, const uint8_t chal[8], const char *set_by); + + NTSTATUS (*generate_session_info)(TALLOC_CTX *mem_ctx, + struct auth4_context *auth_context, + struct auth_user_info_dc *user_info_dc, + uint32_t session_info_flags, + struct auth_session_info **session_info); + + NTSTATUS (*generate_session_info_pac)(struct auth4_context *auth_ctx, + TALLOC_CTX *mem_ctx, + struct smb_krb5_context *smb_krb5_context, + DATA_BLOB *pac_blob, + const char *principal_name, + const struct tsocket_address *remote_address, + uint32_t session_info_flags, + struct auth_session_info **session_info); +}; + #endif |