s4-auth Rework auth subsystem to remove struct auth_serversupplied_info

This changes auth_serversupplied_info into the IDL-defined struct
auth_user_info_dc.  This then in turn contains a struct
auth_user_info, which is the only part of the structure that is
mainted into the struct session_info.

The idea here is to avoid keeping the incomplete results of the
authentication (such as session keys, lists of SID memberships etc) in
a namespace where it may be confused for the finalised results.

Andrew Barltett

1 files changed, 4 insertions, 4 deletions

diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index c732c6e8de..b9385debc3 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -1315,17 +1315,17 @@ const char *gensec_get_target_principal(struct gensec_security *gensec_security)
 
 NTSTATUS gensec_generate_session_info(TALLOC_CTX *mem_ctx,
 				      struct gensec_security *gensec_security,
-				      struct auth_serversupplied_info *server_info,
+				      struct auth_user_info_dc *user_info_dc,
 				      struct auth_session_info **session_info)
 {
 	NTSTATUS nt_status;
 	uint32_t flags = AUTH_SESSION_INFO_DEFAULT_GROUPS;
-	if (server_info->authenticated) {
+	if (user_info_dc->info->authenticated) {
 		flags |= AUTH_SESSION_INFO_AUTHENTICATED;
 	}
 	if (gensec_security->auth_context) {
 		nt_status = gensec_security->auth_context->generate_session_info(mem_ctx, gensec_security->auth_context,
-										 server_info,
+										 user_info_dc,
 										 flags,
 										 session_info);
 	} else {
@@ -1333,7 +1333,7 @@ NTSTATUS gensec_generate_session_info(TALLOC_CTX *mem_ctx,
 		nt_status = auth_generate_session_info(mem_ctx,
 						       NULL,
 						       NULL,
-						       server_info, flags,
+						       user_info_dc, flags,
 						       session_info);
 	}
 	return nt_status;