diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-04-05 16:15:27 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2011-04-05 23:46:04 +0200 |
commit | 663dc94e630910b0b5b61801a03622641b2b83b4 (patch) | |
tree | 3d74a050420ec92dd686f618b3b3ad40b647fc86 /source3 | |
parent | f261266c9d66d7143a867f4719d1549f58915036 (diff) | |
download | samba-663dc94e630910b0b5b61801a03622641b2b83b4.tar.gz samba-663dc94e630910b0b5b61801a03622641b2b83b4.tar.bz2 samba-663dc94e630910b0b5b61801a03622641b2b83b4.zip |
auth: Move auth_session_info into IDL
This changes auth_session_info_transport to just be a wrapper, rather
than a copy that has to be kept in sync.
As auth_session_info was already wrapped in python, this required
changes to the existing pyauth wrapper and it's users.
Andrew Bartlett
Diffstat (limited to 'source3')
-rw-r--r-- | source3/Makefile.in | 2 | ||||
-rw-r--r-- | source3/rpc_server/rpc_ncacn_np.c | 33 | ||||
-rw-r--r-- | source3/rpc_server/rpc_server.c | 18 |
3 files changed, 33 insertions, 20 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 108bfefe06..f70eb63a70 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -711,7 +711,7 @@ RPC_EVENTLOG_OBJ = rpc_server/eventlog/srv_eventlog_nt.o \ NPA_TSTREAM_OBJ = ../libcli/named_pipe_auth/npa_tstream.o \ librpc/gen_ndr/ndr_named_pipe_auth.o \ - ../auth/auth_sam_reply.o librpc/gen_ndr/ndr_auth.o + ../auth/auth_sam_reply.o librpc/gen_ndr/ndr_auth.o ../librpc/ndr/ndr_auth.o RPC_NCACN_NP = rpc_server/srv_pipe_register.o rpc_server/rpc_ncacn_np.o \ rpc_server/rpc_handles.o rpc_server/srv_access_check.o diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c index f000b64f71..e89a366f9e 100644 --- a/source3/rpc_server/rpc_ncacn_np.c +++ b/source3/rpc_server/rpc_ncacn_np.c @@ -607,6 +607,7 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, struct tevent_context *ev; struct tevent_req *subreq; struct auth_session_info_transport *session_info_t; + struct auth_session_info *session_info_npa; struct auth_user_info_dc *user_info_dc; union netr_Validation val; NTSTATUS status; @@ -651,20 +652,20 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, goto fail; } - session_info_t = talloc_zero(talloc_tos(), struct auth_session_info_transport); - if (session_info_t == NULL) { + session_info_npa = talloc_zero(talloc_tos(), struct auth_session_info); + if (session_info_npa == NULL) { DEBUG(0, ("talloc failed\n")); goto fail; } /* Send the named_pipe_auth server the user's full token */ - session_info_t->security_token = session_info->security_token; - session_info_t->session_key = session_info->session_key; + session_info_npa->security_token = session_info->security_token; + session_info_npa->session_key = session_info->session_key; val.sam3 = session_info->info3; /* Convert into something we can build a struct - * auth_session_info_transport from. Most of the work here + * auth_session_info from. Most of the work here * will be to convert the SIDS, which we will then ignore, but * this is the easier way to handle it */ status = make_user_info_dc_netlogon_validation(talloc_tos(), "", 3, &val, &user_info_dc); @@ -673,9 +674,17 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, goto fail; } - session_info_t->info = talloc_move(session_info_t, &user_info_dc->info); + session_info_npa->info = talloc_move(session_info_npa, &user_info_dc->info); talloc_free(user_info_dc); + session_info_t = talloc_zero(talloc_tos(), struct auth_session_info_transport); + if (session_info_npa == NULL) { + DEBUG(0, ("talloc failed\n")); + goto fail; + } + + session_info_t->session_info = talloc_steal(session_info_t, session_info_npa); + become_root(); subreq = tstream_npa_connect_send(talloc_tos(), ev, socket_np_dir, @@ -689,8 +698,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, unbecome_root(); DEBUG(0, ("tstream_npa_connect_send to %s for pipe %s and " "user %s\\%s failed\n", - socket_np_dir, pipe_name, session_info_t->info->domain_name, - session_info_t->info->account_name)); + socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name, + session_info_t->session_info->info->account_name)); goto fail; } ok = tevent_req_poll(subreq, ev); @@ -698,8 +707,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, if (!ok) { DEBUG(0, ("tevent_req_poll to %s for pipe %s and user %s\\%s " "failed for tstream_npa_connect: %s\n", - socket_np_dir, pipe_name, session_info_t->info->domain_name, - session_info_t->info->account_name, + socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name, + session_info_t->session_info->info->account_name, strerror(errno))); goto fail; @@ -714,8 +723,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, if (ret != 0) { DEBUG(0, ("tstream_npa_connect_recv to %s for pipe %s and " "user %s\\%s failed: %s\n", - socket_np_dir, pipe_name, session_info_t->info->domain_name, - session_info_t->info->account_name, + socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name, + session_info_t->session_info->info->account_name, strerror(sys_errno))); goto fail; } diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c index 2fa2a77112..c7c77f0375 100644 --- a/source3/rpc_server/rpc_server.c +++ b/source3/rpc_server/rpc_server.c @@ -32,15 +32,15 @@ #define SERVER_TCP_HIGH_PORT 1300 static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx, - struct auth_session_info_transport **session_info) + struct auth_session_info **session_info) { - struct auth_session_info_transport *i; + struct auth_session_info *i; struct auth_serversupplied_info *s; struct auth_user_info_dc *u; union netr_Validation val; NTSTATUS status; - i = talloc_zero(mem_ctx, struct auth_session_info_transport); + i = talloc_zero(mem_ctx, struct auth_session_info); if (i == NULL) { return NT_STATUS_NO_MEMORY; } @@ -81,7 +81,7 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, bool ncalrpc_as_system, const char *client_address, const char *server_address, - struct auth_session_info_transport *session_info, + struct auth_session_info *session_info, struct pipes_struct **_p, int *perrno) { @@ -355,7 +355,7 @@ struct named_pipe_client { char *client_name; struct tsocket_address *server; char *server_name; - struct auth_session_info_transport *session_info; + struct auth_session_info *session_info; struct pipes_struct *p; @@ -433,6 +433,7 @@ static void named_pipe_packet_done(struct tevent_req *subreq); static void named_pipe_accept_done(struct tevent_req *subreq) { + struct auth_session_info_transport *session_info_transport; struct named_pipe_client *npc = tevent_req_callback_data(subreq, struct named_pipe_client); const char *cli_addr; @@ -445,7 +446,10 @@ static void named_pipe_accept_done(struct tevent_req *subreq) &npc->client_name, &npc->server, &npc->server_name, - &npc->session_info); + &session_info_transport); + + npc->session_info = talloc_move(npc, &session_info_transport->session_info); + TALLOC_FREE(subreq); if (ret != 0) { DEBUG(2, ("Failed to accept named pipe connection! (%s)\n", @@ -996,7 +1000,7 @@ struct dcerpc_ncacn_conn { char *client_name; struct tsocket_address *server; char *server_name; - struct auth_session_info_transport *session_info; + struct auth_session_info *session_info; struct iovec *iov; size_t count; |