diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-02-08 16:53:13 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2011-02-09 01:11:06 +0100 |
commit | a2ce53c1f5301ffcf990dbab837c328ea22739b6 (patch) | |
tree | 52dde7c4bb16c0d885b8691a4c5c87f8213b0599 /source4/auth/ntlm/auth_developer.c | |
parent | f1c0e9532d8e3fb0d8942e4d4e1a122429266b16 (diff) | |
download | samba-a2ce53c1f5301ffcf990dbab837c328ea22739b6.tar.gz samba-a2ce53c1f5301ffcf990dbab837c328ea22739b6.tar.bz2 samba-a2ce53c1f5301ffcf990dbab837c328ea22739b6.zip |
s4-auth Rework auth subsystem to remove struct auth_serversupplied_info
This changes auth_serversupplied_info into the IDL-defined struct
auth_user_info_dc. This then in turn contains a struct
auth_user_info, which is the only part of the structure that is
mainted into the struct session_info.
The idea here is to avoid keeping the incomplete results of the
authentication (such as session keys, lists of SID memberships etc) in
a namespace where it may be confused for the finalised results.
Andrew Barltett
Diffstat (limited to 'source4/auth/ntlm/auth_developer.c')
-rw-r--r-- | source4/auth/ntlm/auth_developer.c | 82 |
1 files changed, 43 insertions, 39 deletions
diff --git a/source4/auth/ntlm/auth_developer.c b/source4/auth/ntlm/auth_developer.c index 6384d98986..255f97fd23 100644 --- a/source4/auth/ntlm/auth_developer.c +++ b/source4/auth/ntlm/auth_developer.c @@ -47,10 +47,11 @@ static NTSTATUS name_to_ntstatus_want_check(struct auth_method_context *ctx, static NTSTATUS name_to_ntstatus_check_password(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, - struct auth_serversupplied_info **_server_info) + struct auth_user_info_dc **_user_info_dc) { NTSTATUS nt_status; - struct auth_serversupplied_info *server_info; + struct auth_user_info_dc *user_info_dc; + struct auth_user_info *info; uint32_t error_num; const char *user; @@ -65,62 +66,65 @@ static NTSTATUS name_to_ntstatus_check_password(struct auth_method_context *ctx, } NT_STATUS_NOT_OK_RETURN(nt_status); - server_info = talloc(mem_ctx, struct auth_serversupplied_info); - NT_STATUS_HAVE_NO_MEMORY(server_info); + user_info_dc = talloc(mem_ctx, struct auth_user_info_dc); + NT_STATUS_HAVE_NO_MEMORY(user_info_dc); /* This returns a pointer to a struct dom_sid, which is the * same as a 1 element list of struct dom_sid */ - server_info->num_sids = 1; - server_info->sids = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS); - NT_STATUS_HAVE_NO_MEMORY(server_info->sids); + user_info_dc->num_sids = 1; + user_info_dc->sids = dom_sid_parse_talloc(user_info_dc, SID_NT_ANONYMOUS); + NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids); /* annoying, but the Anonymous really does have a session key, and it is all zeros! */ - server_info->user_session_key = data_blob_talloc(server_info, NULL, 16); - NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data); + user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16); + NT_STATUS_HAVE_NO_MEMORY(user_info_dc->user_session_key.data); - server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16); - NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data); + user_info_dc->lm_session_key = data_blob_talloc(user_info_dc, NULL, 16); + NT_STATUS_HAVE_NO_MEMORY(user_info_dc->lm_session_key.data); - data_blob_clear(&server_info->user_session_key); - data_blob_clear(&server_info->lm_session_key); + data_blob_clear(&user_info_dc->user_session_key); + data_blob_clear(&user_info_dc->lm_session_key); - server_info->account_name = talloc_asprintf(server_info, "NAME TO NTSTATUS %s ANONYMOUS LOGON", user); - NT_STATUS_HAVE_NO_MEMORY(server_info->account_name); + user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info); + NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info); - server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY"); - NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name); + info->account_name = talloc_asprintf(user_info_dc, "NAME TO NTSTATUS %s ANONYMOUS LOGON", user); + NT_STATUS_HAVE_NO_MEMORY(info->account_name); - server_info->full_name = talloc_asprintf(server_info, "NAME TO NTSTATUS %s Anonymous Logon", user); - NT_STATUS_HAVE_NO_MEMORY(server_info->full_name); + info->domain_name = talloc_strdup(user_info_dc, "NT AUTHORITY"); + NT_STATUS_HAVE_NO_MEMORY(info->domain_name); - server_info->logon_script = talloc_strdup(server_info, ""); - NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script); + info->full_name = talloc_asprintf(user_info_dc, "NAME TO NTSTATUS %s Anonymous Logon", user); + NT_STATUS_HAVE_NO_MEMORY(info->full_name); - server_info->profile_path = talloc_strdup(server_info, ""); - NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path); + info->logon_script = talloc_strdup(user_info_dc, ""); + NT_STATUS_HAVE_NO_MEMORY(info->logon_script); - server_info->home_directory = talloc_strdup(server_info, ""); - NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory); + info->profile_path = talloc_strdup(user_info_dc, ""); + NT_STATUS_HAVE_NO_MEMORY(info->profile_path); - server_info->home_drive = talloc_strdup(server_info, ""); - NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive); + info->home_directory = talloc_strdup(user_info_dc, ""); + NT_STATUS_HAVE_NO_MEMORY(info->home_directory); - server_info->last_logon = 0; - server_info->last_logoff = 0; - server_info->acct_expiry = 0; - server_info->last_password_change = 0; - server_info->allow_password_change = 0; - server_info->force_password_change = 0; + info->home_drive = talloc_strdup(user_info_dc, ""); + NT_STATUS_HAVE_NO_MEMORY(info->home_drive); - server_info->logon_count = 0; - server_info->bad_password_count = 0; + info->last_logon = 0; + info->last_logoff = 0; + info->acct_expiry = 0; + info->last_password_change = 0; + info->allow_password_change = 0; + info->force_password_change = 0; - server_info->acct_flags = ACB_NORMAL; + info->logon_count = 0; + info->bad_password_count = 0; - server_info->authenticated = false; + info->acct_flags = ACB_NORMAL; - *_server_info = server_info; + info->authenticated = true; + + *_user_info_dc = user_info_dc; return nt_status; } @@ -166,7 +170,7 @@ static NTSTATUS fixed_challenge_want_check(struct auth_method_context *ctx, static NTSTATUS fixed_challenge_check_password(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, - struct auth_serversupplied_info **_server_info) + struct auth_user_info_dc **_user_info_dc) { /* don't handle any users */ return NT_STATUS_NO_SUCH_USER; |