diff options
author | Andrew Bartlett <abartlet@samba.org> | 2002-01-01 03:10:32 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2002-01-01 03:10:32 +0000 |
commit | 4a6d1318bd9123f5a9c1d72721a9175320356fbe (patch) | |
tree | efa9b16c660b3abfdbcea6cc4b5c58c536cfd86c /source3/auth/auth_sam.c | |
parent | ef40945a5b206730e19713dfd3c50f9032a9e36c (diff) | |
download | samba-4a6d1318bd9123f5a9c1d72721a9175320356fbe.tar.gz samba-4a6d1318bd9123f5a9c1d72721a9175320356fbe.tar.bz2 samba-4a6d1318bd9123f5a9c1d72721a9175320356fbe.zip |
A farily large commit:
- Move rpc_client/cli_trust.c to smbd/change_trust_pw.c
- It hasn't been used by anything else since smbpasswd lost its -j
- Add a TALLOC_CTX to the auth subsytem. These are only valid for the length
of the calls to the individual modules, if you want a longer context hide it
in your private data.
Similarly, all returns (like the server_info) should still be malloced.
- Move the 'ntdomain' module (security=domain in oldspeak) over to use the new
libsmb domain logon code. Also rework much of the code to use some better
helper functions for the connection - getting us much better error returns
(the new code is NTSTATUS).
The only remaining thing to do is to figure out if tpot's 0xdead 0xbeef for
the LUID feilds is sufficient, or if we should do random LUIDs as per the old
code.
Similarly, I'll move winbind over to this when I get a chance.
This leaves the SPOOLSS code and some cli_pipe code as the only stuff still in
rpc_client, at least as far as smbd is concerned.
While I've given this a basic rundown, any testing is as always appriciated.
Andrew Bartlett
(This used to be commit d870edce76ecca259230fbdbdacd0c86793b4837)
Diffstat (limited to 'source3/auth/auth_sam.c')
-rw-r--r-- | source3/auth/auth_sam.c | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index d899006cf8..b75e300655 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -132,7 +132,8 @@ static BOOL smb_pwd_check_ntlmv2(const DATA_BLOB ntv2_response, Do a specific test for an smb password being correct, given a smb_password and the lanman and NT responses. ****************************************************************************/ -static NTSTATUS sam_password_ok(SAM_ACCOUNT *sampass, +static NTSTATUS sam_password_ok(TALLOC_CTX *mem_ctx, + SAM_ACCOUNT *sampass, const auth_usersupplied_info *user_info, const auth_authsupplied_info *auth_info, uint8 user_sess_key[16]) @@ -243,7 +244,9 @@ static NTSTATUS sam_password_ok(SAM_ACCOUNT *sampass, Do a specific test for a SAM_ACCOUNT being vaild for this connection (ie not disabled, expired and the like). ****************************************************************************/ -static NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_info *user_info) +static NTSTATUS sam_account_ok(TALLOC_CTX *mem_ctx, + SAM_ACCOUNT *sampass, + const auth_usersupplied_info *user_info) { uint16 acct_ctrl = pdb_get_acct_ctrl(sampass); char *workstation_list; @@ -286,7 +289,7 @@ static NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_inf /* Test workstation. Workstation list is comma separated. */ - workstation_list = strdup(pdb_get_workstations(sampass)); + workstation_list = talloc_strdup(mem_ctx, pdb_get_workstations(sampass)); if (!workstation_list) return NT_STATUS_NO_MEMORY; @@ -305,11 +308,8 @@ static NTSTATUS sam_account_ok(SAM_ACCOUNT *sampass, const auth_usersupplied_inf } } - SAFE_FREE(workstation_list); if (invalid_ws) return NT_STATUS_INVALID_WORKSTATION; - } else { - SAFE_FREE(workstation_list); } if (acct_ctrl & ACB_DOMTRUST) { @@ -338,9 +338,10 @@ return an NT_STATUS constant. ****************************************************************************/ static NTSTATUS check_sam_security(void *my_private_data, - const auth_usersupplied_info *user_info, - const auth_authsupplied_info *auth_info, - auth_serversupplied_info **server_info) + TALLOC_CTX *mem_ctx, + const auth_usersupplied_info *user_info, + const auth_authsupplied_info *auth_info, + auth_serversupplied_info **server_info) { SAM_ACCOUNT *sampass=NULL; BOOL ret; @@ -369,14 +370,14 @@ static NTSTATUS check_sam_security(void *my_private_data, return NT_STATUS_NO_SUCH_USER; } - nt_status = sam_password_ok(sampass, user_info, auth_info, user_sess_key); + nt_status = sam_password_ok(mem_ctx, sampass, user_info, auth_info, user_sess_key); if (!NT_STATUS_IS_OK(nt_status)) { pdb_free_sam(&sampass); return nt_status; } - nt_status = sam_account_ok(sampass, user_info); + nt_status = sam_account_ok(mem_ctx, sampass, user_info); if (!NT_STATUS_IS_OK(nt_status)) { pdb_free_sam(&sampass); @@ -415,9 +416,10 @@ return an NT_STATUS constant. ****************************************************************************/ static NTSTATUS check_samstrict_security(void *my_private_data, - const auth_usersupplied_info *user_info, - const auth_authsupplied_info *auth_info, - auth_serversupplied_info **server_info) + TALLOC_CTX *mem_ctx, + const auth_usersupplied_info *user_info, + const auth_authsupplied_info *auth_info, + auth_serversupplied_info **server_info) { if (!user_info || !auth_info) { @@ -432,7 +434,7 @@ static NTSTATUS check_samstrict_security(void *my_private_data, return NT_STATUS_NO_SUCH_USER; } - return check_sam_security(my_private_data, user_info, auth_info, server_info); + return check_sam_security(my_private_data, mem_ctx, user_info, auth_info, server_info); } BOOL auth_init_samstrict(auth_methods **auth_method) |