diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-07-22 04:10:07 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:29:55 -0500 |
| commit | b16362fab65d0700bd6a8cf6569a9e21c7e6b069 (patch) | |
| tree | cd68807d497dac925038d03c3786308825b02e10 /source4/auth/auth.h | |
| parent | 176c0d1b771d0e81167a12eb81eddb40732b074a (diff) | |
| download | samba-b16362fab65d0700bd6a8cf6569a9e21c7e6b069.tar.gz samba-b16362fab65d0700bd6a8cf6569a9e21c7e6b069.tar.bz2 samba-b16362fab65d0700bd6a8cf6569a9e21c7e6b069.zip | |
r8700: Propmted by tridge's need to do plaintext auth in ejs, rework the
user_info strcture in auth/
This moves it to a pattern much like that found in ntvfs, with
functions to migrate between PAIN, HASH and RESPONSE passwords.
Instead of make_user_info*() functions, we simply fill in the control
block in the callers, per recent dicussions on the lists. This
removed a lot of data copies as well as error paths, as we can grab
much of it with talloc.
Andrew Bartlett
(This used to be commit ecbd2235a3e2be937440fa1dc0aecc5a047eda88)
Diffstat (limited to 'source4/auth/auth.h')
| -rw-r--r-- | source4/auth/auth.h | 42 |
1 files changed, 29 insertions, 13 deletions
diff --git a/source4/auth/auth.h b/source4/auth/auth.h index b4f08b2859..0b12328b3c 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -40,27 +40,38 @@ #define USER_INFO_CASE_INSENSITIVE_PASSWORD 0x02 /* password may be in any case */ #define USER_INFO_DONT_CHECK_UNIX_ACCOUNT 0x04 /* dont check unix account status */ +enum auth_password_state { + AUTH_PASSWORD_RESPONSE, + AUTH_PASSWORD_HASH, + AUTH_PASSWORD_PLAIN +}; + struct auth_usersupplied_info { - const char *account_name; - const char *domain_name; const char *workstation_name; const char *remote_host; + BOOL mapped_state; /* the values the client gives us */ struct { const char *account_name; const char *domain_name; - } client; - - BOOL encrypted; - - DATA_BLOB lm_resp; - DATA_BLOB nt_resp; - DATA_BLOB lm_interactive_password; - DATA_BLOB nt_interactive_password; - DATA_BLOB plaintext_password; - + } client, mapped; + + enum auth_password_state password_state; + + union { + struct { + DATA_BLOB lanman; + DATA_BLOB nt; + } response; + struct { + struct samr_Password *lanman; + struct samr_Password *nt; + } hash; + + char *plaintext; + } password; uint32_t flags; }; @@ -157,7 +168,12 @@ struct auth_critical_sizes { int sizeof_auth_context; int sizeof_auth_usersupplied_info; int sizeof_auth_serversupplied_info; - int sizeof_auth_str; }; + NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, + enum auth_password_state to_state, + const struct auth_usersupplied_info *user_info_in, + const struct auth_usersupplied_info **user_info_encrypted); + + #endif /* _SMBAUTH_H_ */ |