diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-12-22 17:17:07 +1100 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2011-01-14 16:39:32 +1100 |
commit | ece6eae4d8862a564c581a3f3808c04edab6cb19 (patch) | |
tree | 5989f3b1f029595076106811ff5e7c4d55d4b18a /source4/auth/session.c | |
parent | c82269cf862b00c987c02aefa78155c142f6d065 (diff) | |
download | samba-ece6eae4d8862a564c581a3f3808c04edab6cb19.tar.gz samba-ece6eae4d8862a564c581a3f3808c04edab6cb19.tar.bz2 samba-ece6eae4d8862a564c581a3f3808c04edab6cb19.zip |
s4-auth Add function to obtain any user's session_info from a given LDB
This will be a building block for a tokenGroups test, which can
compare against a remote server (in particular the rootDSE) against
what we would calculate the tokenGroups to be.
(this meant moving some parts out of the auth_sam code into the
containing library)
Andrew Bartlett
Diffstat (limited to 'source4/auth/session.c')
-rw-r--r-- | source4/auth/session.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/source4/auth/session.c b/source4/auth/session.c index c4bd351b0e..124fdb989b 100644 --- a/source4/auth/session.c +++ b/source4/auth/session.c @@ -23,6 +23,7 @@ #include "includes.h" #include "auth/auth.h" +#include "auth/auth_sam.h" #include "libcli/security/security.h" #include "libcli/auth/libcli_auth.h" #include "dsdb/samdb/samdb.h" @@ -195,6 +196,44 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } +/* Produce a session_info for an arbitary DN or principal in the local + * DB, assuming the local DB holds all the groups + * + * Supply either a principal or a DN + */ +NTSTATUS authsam_get_session_info_principal(TALLOC_CTX *mem_ctx, + struct loadparm_context *lp_ctx, + struct ldb_context *sam_ctx, + const char *principal, + struct ldb_dn *user_dn, + uint32_t session_info_flags, + struct auth_session_info **session_info) +{ + NTSTATUS nt_status; + struct auth_serversupplied_info *server_info; + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + if (!tmp_ctx) { + return NT_STATUS_NO_MEMORY; + } + nt_status = authsam_get_server_info_principal(tmp_ctx, lp_ctx, sam_ctx, + principal, user_dn, + &server_info); + if (!NT_STATUS_IS_OK(nt_status)) { + talloc_free(tmp_ctx); + return nt_status; + } + + nt_status = auth_generate_session_info(tmp_ctx, lp_ctx, sam_ctx, + server_info, session_info_flags, + session_info); + + if (NT_STATUS_IS_OK(nt_status)) { + talloc_steal(mem_ctx, *session_info); + } + talloc_free(tmp_ctx); + return NT_STATUS_OK; +} + /** * prints a struct auth_session_info security token to debug output. */ |