diff options
author | Andrew Bartlett <abartlet@samba.org> | 2002-01-05 04:55:41 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2002-01-05 04:55:41 +0000 |
commit | 2e28f8ff0e3bb50ac5b2742c7678c39cb65bcd95 (patch) | |
tree | 257e7ba36de49aca7039b32a8611fc8b6dea9555 /source3/auth/auth_winbind.c | |
parent | 5a9c2f74ab0285859a6942bbc06d9e726cc69d19 (diff) | |
download | samba-2e28f8ff0e3bb50ac5b2742c7678c39cb65bcd95.tar.gz samba-2e28f8ff0e3bb50ac5b2742c7678c39cb65bcd95.tar.bz2 samba-2e28f8ff0e3bb50ac5b2742c7678c39cb65bcd95.zip |
I've decided to move the auth code around a bit more...
The auth_authsupplied_info typedef is now just a plain struct - auth_context,
but it has been modified to contain the function pointers to the rest
of the auth subsystem's components.
(Who needs non-static functions anyway?)
In working all this mess out, I fixed a number of memory leaks and moved the
entire auth subsystem over to talloc().
Note that the TALLOC_CTX attached to the auth_context can be rather long-lived,
it is provided for things that are intended to live as long. (The
global_negprot_auth_context lasts the whole life of the smbd).
I've also adjusted a few things in auth_domain.c, mainly passing the domain as
a paramater to a few functions instead of looking up lp_workgroup(). I'm
hopign to make this entire thing a bit more trusted domains (as PDC) freindly
in the near future.
Other than that, I moved a bit of the code around, hence the rather messy diff.
Andrew Bartlett
(This used to be commit 12f5515f556cf39fea98134fe3e2ac4540501048)
Diffstat (limited to 'source3/auth/auth_winbind.c')
-rw-r--r-- | source3/auth/auth_winbind.c | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index 74654f8bba..175e14a9d6 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -33,10 +33,10 @@ NSS_STATUS winbindd_request(int req_type, /* Authenticate a user with a challenge/response */ -static NTSTATUS check_winbind_security(void *my_private_data, +static NTSTATUS check_winbind_security(const struct auth_context *auth_context, + void *my_private_data, TALLOC_CTX *mem_ctx, const auth_usersupplied_info *user_info, - const auth_authsupplied_info *auth_info, auth_serversupplied_info **server_info) { struct winbindd_request request; @@ -46,13 +46,13 @@ static NTSTATUS check_winbind_security(void *my_private_data, NTSTATUS nt_status; if (!user_info) { - return NT_STATUS_LOGON_FAILURE; + return NT_STATUS_UNSUCCESSFUL; } - if (!auth_info) { + if (!auth_context) { DEBUG(3,("Password for user %s cannot be checked because we have no auth_info to get the challenge from.\n", user_info->internal_username.str)); - return NT_STATUS_LOGON_FAILURE; + return NT_STATUS_UNSUCCESSFUL; } /* Send off request */ @@ -63,7 +63,7 @@ static NTSTATUS check_winbind_security(void *my_private_data, snprintf(request.data.auth_crap.user, sizeof(request.data.auth_crap.user), "%s\\%s", user_info->domain.str, user_info->smb_name.str); - memcpy(request.data.auth_crap.chal, auth_info->challenge.data, sizeof(request.data.auth_crap.chal)); + memcpy(request.data.auth_crap.chal, auth_context->challenge.data, sizeof(request.data.auth_crap.chal)); request.data.auth_crap.lm_resp_len = MIN(user_info->lm_resp.length, sizeof(request.data.auth_crap.lm_resp)); @@ -97,16 +97,13 @@ static NTSTATUS check_winbind_security(void *my_private_data, return nt_status; } -BOOL auth_init_winbind(auth_methods **auth_method) +/* module initialisation */ +BOOL auth_init_winbind(struct auth_context *auth_context, auth_methods **auth_method) { - if (!make_auth_methods(auth_method)) { + if (!make_auth_methods(auth_context, auth_method)) { return False; } (*auth_method)->auth = check_winbind_security; return True; } - - - - |