summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-04-05 16:15:27 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-04-05 23:46:04 +0200
commit663dc94e630910b0b5b61801a03622641b2b83b4 (patch)
tree3d74a050420ec92dd686f618b3b3ad40b647fc86 /source3
parentf261266c9d66d7143a867f4719d1549f58915036 (diff)
downloadsamba-663dc94e630910b0b5b61801a03622641b2b83b4.tar.gz
samba-663dc94e630910b0b5b61801a03622641b2b83b4.tar.bz2
samba-663dc94e630910b0b5b61801a03622641b2b83b4.zip
auth: Move auth_session_info into IDL
This changes auth_session_info_transport to just be a wrapper, rather than a copy that has to be kept in sync. As auth_session_info was already wrapped in python, this required changes to the existing pyauth wrapper and it's users. Andrew Bartlett
Diffstat (limited to 'source3')
-rw-r--r--source3/Makefile.in2
-rw-r--r--source3/rpc_server/rpc_ncacn_np.c33
-rw-r--r--source3/rpc_server/rpc_server.c18
3 files changed, 33 insertions, 20 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 108bfefe06..f70eb63a70 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -711,7 +711,7 @@ RPC_EVENTLOG_OBJ = rpc_server/eventlog/srv_eventlog_nt.o \
NPA_TSTREAM_OBJ = ../libcli/named_pipe_auth/npa_tstream.o \
librpc/gen_ndr/ndr_named_pipe_auth.o \
- ../auth/auth_sam_reply.o librpc/gen_ndr/ndr_auth.o
+ ../auth/auth_sam_reply.o librpc/gen_ndr/ndr_auth.o ../librpc/ndr/ndr_auth.o
RPC_NCACN_NP = rpc_server/srv_pipe_register.o rpc_server/rpc_ncacn_np.o \
rpc_server/rpc_handles.o rpc_server/srv_access_check.o
diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c
index f000b64f71..e89a366f9e 100644
--- a/source3/rpc_server/rpc_ncacn_np.c
+++ b/source3/rpc_server/rpc_ncacn_np.c
@@ -607,6 +607,7 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
struct tevent_context *ev;
struct tevent_req *subreq;
struct auth_session_info_transport *session_info_t;
+ struct auth_session_info *session_info_npa;
struct auth_user_info_dc *user_info_dc;
union netr_Validation val;
NTSTATUS status;
@@ -651,20 +652,20 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
goto fail;
}
- session_info_t = talloc_zero(talloc_tos(), struct auth_session_info_transport);
- if (session_info_t == NULL) {
+ session_info_npa = talloc_zero(talloc_tos(), struct auth_session_info);
+ if (session_info_npa == NULL) {
DEBUG(0, ("talloc failed\n"));
goto fail;
}
/* Send the named_pipe_auth server the user's full token */
- session_info_t->security_token = session_info->security_token;
- session_info_t->session_key = session_info->session_key;
+ session_info_npa->security_token = session_info->security_token;
+ session_info_npa->session_key = session_info->session_key;
val.sam3 = session_info->info3;
/* Convert into something we can build a struct
- * auth_session_info_transport from. Most of the work here
+ * auth_session_info from. Most of the work here
* will be to convert the SIDS, which we will then ignore, but
* this is the easier way to handle it */
status = make_user_info_dc_netlogon_validation(talloc_tos(), "", 3, &val, &user_info_dc);
@@ -673,9 +674,17 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
goto fail;
}
- session_info_t->info = talloc_move(session_info_t, &user_info_dc->info);
+ session_info_npa->info = talloc_move(session_info_npa, &user_info_dc->info);
talloc_free(user_info_dc);
+ session_info_t = talloc_zero(talloc_tos(), struct auth_session_info_transport);
+ if (session_info_npa == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ goto fail;
+ }
+
+ session_info_t->session_info = talloc_steal(session_info_t, session_info_npa);
+
become_root();
subreq = tstream_npa_connect_send(talloc_tos(), ev,
socket_np_dir,
@@ -689,8 +698,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
unbecome_root();
DEBUG(0, ("tstream_npa_connect_send to %s for pipe %s and "
"user %s\\%s failed\n",
- socket_np_dir, pipe_name, session_info_t->info->domain_name,
- session_info_t->info->account_name));
+ socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name,
+ session_info_t->session_info->info->account_name));
goto fail;
}
ok = tevent_req_poll(subreq, ev);
@@ -698,8 +707,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
if (!ok) {
DEBUG(0, ("tevent_req_poll to %s for pipe %s and user %s\\%s "
"failed for tstream_npa_connect: %s\n",
- socket_np_dir, pipe_name, session_info_t->info->domain_name,
- session_info_t->info->account_name,
+ socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name,
+ session_info_t->session_info->info->account_name,
strerror(errno)));
goto fail;
@@ -714,8 +723,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
if (ret != 0) {
DEBUG(0, ("tstream_npa_connect_recv to %s for pipe %s and "
"user %s\\%s failed: %s\n",
- socket_np_dir, pipe_name, session_info_t->info->domain_name,
- session_info_t->info->account_name,
+ socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name,
+ session_info_t->session_info->info->account_name,
strerror(sys_errno)));
goto fail;
}
diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c
index 2fa2a77112..c7c77f0375 100644
--- a/source3/rpc_server/rpc_server.c
+++ b/source3/rpc_server/rpc_server.c
@@ -32,15 +32,15 @@
#define SERVER_TCP_HIGH_PORT 1300
static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx,
- struct auth_session_info_transport **session_info)
+ struct auth_session_info **session_info)
{
- struct auth_session_info_transport *i;
+ struct auth_session_info *i;
struct auth_serversupplied_info *s;
struct auth_user_info_dc *u;
union netr_Validation val;
NTSTATUS status;
- i = talloc_zero(mem_ctx, struct auth_session_info_transport);
+ i = talloc_zero(mem_ctx, struct auth_session_info);
if (i == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -81,7 +81,7 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
bool ncalrpc_as_system,
const char *client_address,
const char *server_address,
- struct auth_session_info_transport *session_info,
+ struct auth_session_info *session_info,
struct pipes_struct **_p,
int *perrno)
{
@@ -355,7 +355,7 @@ struct named_pipe_client {
char *client_name;
struct tsocket_address *server;
char *server_name;
- struct auth_session_info_transport *session_info;
+ struct auth_session_info *session_info;
struct pipes_struct *p;
@@ -433,6 +433,7 @@ static void named_pipe_packet_done(struct tevent_req *subreq);
static void named_pipe_accept_done(struct tevent_req *subreq)
{
+ struct auth_session_info_transport *session_info_transport;
struct named_pipe_client *npc =
tevent_req_callback_data(subreq, struct named_pipe_client);
const char *cli_addr;
@@ -445,7 +446,10 @@ static void named_pipe_accept_done(struct tevent_req *subreq)
&npc->client_name,
&npc->server,
&npc->server_name,
- &npc->session_info);
+ &session_info_transport);
+
+ npc->session_info = talloc_move(npc, &session_info_transport->session_info);
+
TALLOC_FREE(subreq);
if (ret != 0) {
DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
@@ -996,7 +1000,7 @@ struct dcerpc_ncacn_conn {
char *client_name;
struct tsocket_address *server;
char *server_name;
- struct auth_session_info_transport *session_info;
+ struct auth_session_info *session_info;
struct iovec *iov;
size_t count;