auth: Move auth_session_info into IDL

This changes auth_session_info_transport to just be a wrapper, rather than a copy that has to be kept in sync. As auth_session_info was already wrapped in python, this required changes to the existing pyauth wrapper and it's users. Andrew Bartlett
author: Andrew Bartlett <abartlet@samba.org> 2011-04-05 16:15:27 +1000
committer: Andrew Bartlett <abartlet@samba.org> 2011-04-05 23:46:04 +0200
commit: 663dc94e630910b0b5b61801a03622641b2b83b4 (patch)
tree: 3d74a050420ec92dd686f618b3b3ad40b647fc86 /source4/auth
parent: f261266c9d66d7143a867f4719d1549f58915036 (diff)
download: samba-663dc94e630910b0b5b61801a03622641b2b83b4.tar.gz
samba-663dc94e630910b0b5b61801a03622641b2b83b4.tar.bz2
samba-663dc94e630910b0b5b61801a03622641b2b83b4.zip
4 files changed, 16 insertions, 104 deletions
diff --git a/source4/auth/gensec/pygensec.c b/source4/auth/gensec/pygensec.c
index 5fe3703138..fd9726eb75 100644
--- a/source4/auth/gensec/pygensec.c
+++ b/source4/auth/gensec/pygensec.c
@@ -271,7 +271,7 @@ static PyObject *py_gensec_session_info(PyObject *self)
 		return NULL;
 	}
 
-	py_session_info = py_return_ndr_struct("samba.auth", "AuthSession",
+	py_session_info = py_return_ndr_struct("samba.dcerpc.auth", "session_info",
 						 info, info);
 	return py_session_info;
 }
diff --git a/source4/auth/pyauth.c b/source4/auth/pyauth.c
index 9cb770b798..a4ba88c581 100644
--- a/source4/auth/pyauth.c
+++ b/source4/auth/pyauth.c
@@ -46,72 +46,9 @@ typedef intargfunc ssizeargfunc;
 #define Py_RETURN_NONE return Py_INCREF(Py_None), Py_None
 #endif
 
-static PyObject *py_auth_session_get_security_token(PyObject *self, void *closure)
+static PyObject *PyAuthSession_FromSession(struct auth_session_info *session)
 {
-	struct auth_session_info *session = py_talloc_get_type(self, struct auth_session_info);
-	PyObject *py_security_token;
-	py_security_token = py_return_ndr_struct("samba.dcerpc.security", "token",
-						 session->security_token, session->security_token);
-	return py_security_token;
-}
-
-static int py_auth_session_set_security_token(PyObject *self, PyObject *value, void *closure)
-{
-	struct auth_session_info *session = py_talloc_get_type(self, struct auth_session_info);
-	session->security_token = talloc_reference(session, py_talloc_get_ptr(value));
-	return 0;
-}
-
-static PyObject *py_auth_session_get_session_key(PyObject *self, void *closure)
-{
-	struct auth_session_info *session = py_talloc_get_type(self, struct auth_session_info);
-	return PyString_FromStringAndSize((char *)session->session_key.data, session->session_key.length);
-}
-
-static int py_auth_session_set_session_key(PyObject *self, PyObject *value, void *closure)
-{
-	DATA_BLOB val;
-	struct auth_session_info *session = py_talloc_get_type(self, struct auth_session_info);
-	val.data = (uint8_t *)PyString_AsString(value);
-	val.length = PyString_Size(value);
-
-	session->session_key = data_blob_talloc(session, val.data, val.length);
-	return 0;
-}
-
-static PyObject *py_auth_session_get_credentials(PyObject *self, void *closure)
-{
-	struct auth_session_info *session = py_talloc_get_type(self, struct auth_session_info);
-	PyObject *py_credentials;
-	/* This is evil, as the credentials are not IDL structures */
-	py_credentials = py_return_ndr_struct("samba.credentials", "Credentials", session->credentials, session->credentials);
-	return py_credentials;
-}
-
-static int py_auth_session_set_credentials(PyObject *self, PyObject *value, void *closure)
-{
-	struct auth_session_info *session = py_talloc_get_type(self, struct auth_session_info);
-	session->credentials = talloc_reference(session, PyCredentials_AsCliCredentials(value));
-	return 0;
-}
-
-static PyGetSetDef py_auth_session_getset[] = {
-	{ discard_const_p(char, "security_token"), (getter)py_auth_session_get_security_token, (setter)py_auth_session_set_security_token, NULL },
-	{ discard_const_p(char, "session_key"), (getter)py_auth_session_get_session_key, (setter)py_auth_session_set_session_key, NULL },
-	{ discard_const_p(char, "credentials"), (getter)py_auth_session_get_credentials, (setter)py_auth_session_set_credentials, NULL },
-	{ NULL }
-};
-
-static PyTypeObject PyAuthSession = {
-	.tp_name = "AuthSession",
-	.tp_basicsize = sizeof(py_talloc_Object),
-	.tp_flags = Py_TPFLAGS_DEFAULT,
-	.tp_getset = py_auth_session_getset,
-};
-
-PyObject *PyAuthSession_FromSession(struct auth_session_info *session)
-{
-	return py_talloc_reference(&PyAuthSession, session);
+	return py_return_ndr_struct("samba.dcerpc.auth", "session_info", session, session);
 }
 
 static PyObject *py_system_session(PyObject *module, PyObject *args)
@@ -378,13 +315,6 @@ void initauth(void)
 {
 	PyObject *m;
 
-	PyAuthSession.tp_base = PyTalloc_GetObjectType();
-	if (PyAuthSession.tp_base == NULL)
-		return;
-
-	if (PyType_Ready(&PyAuthSession) < 0)
-		return;
-
 	PyAuthContext.tp_base = PyTalloc_GetObjectType();
 	if (PyAuthContext.tp_base == NULL)
 		return;
@@ -397,8 +327,6 @@ void initauth(void)
 	if (m == NULL)
 		return;
 
-	Py_INCREF(&PyAuthSession);
-	PyModule_AddObject(m, "AuthSession", (PyObject *)&PyAuthSession);
 	Py_INCREF(&PyAuthContext);
 	PyModule_AddObject(m, "AuthContext", (PyObject *)&PyAuthContext);
 
diff --git a/source4/auth/pyauth.h b/source4/auth/pyauth.h
index 38fd2a56a8..60fd2e5d14 100644
--- a/source4/auth/pyauth.h
+++ b/source4/auth/pyauth.h
@@ -24,8 +24,6 @@
 #include "auth/session.h"
 
 #define PyAuthSession_AsSession(obj) py_talloc_get_type(obj, struct auth_session_info)
-#define PyAuthSession_Check(obj) PyObject_TypeCheck(obj, &PyAuthSession)
 struct auth_session_info *PyObject_AsSession(PyObject *obj);
-PyObject *PyAuthSession_FromSession(struct auth_session_info *session);
 
 #endif /* _PYAUTH_H */
diff --git a/source4/auth/session.c b/source4/auth/session.c
index 9475104569..7a4dc5426b 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -155,9 +155,8 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
 	return NT_STATUS_OK;
 }
 
-/* Create a session_info structure from the
- * auth_session_info_transport we were forwarded over named pipe
- * forwarding.
+/* Fill out the auth_session_info with a cli_credentials based on the
+ * auth_session_info we were forwarded over named pipe forwarding.
  *
  * NOTE: The stucture members of session_info_transport are stolen
  * with talloc_move() into auth_session_info for long term use
@@ -168,16 +167,7 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx,
 							   const char **reason)
 {
 	struct auth_session_info *session_info;
-	session_info = talloc_zero(mem_ctx, struct auth_session_info);
-	if (!session_info) {
-		*reason = "failed to allocate session_info";
-		return NULL;
-	}
-
-	session_info->security_token = talloc_move(session_info, &session_info_transport->security_token);
-	session_info->info = talloc_move(session_info, &session_info_transport->info);
-	session_info->session_key = session_info_transport->session_key;
-	session_info->session_key.data = talloc_move(session_info, &session_info_transport->session_key.data);
+	session_info = talloc_steal(mem_ctx, session_info_transport->session_info);
 
 	if (session_info_transport->exported_gssapi_credentials.length) {
 		struct cli_credentials *creds;
@@ -236,9 +226,8 @@ struct auth_session_info *auth_session_info_from_transport(TALLOC_CTX *mem_ctx,
 
 /* Create a auth_session_info_transport from an auth_session_info.
  *
- * NOTE: Members of the auth_session_info_transport structure are not talloc_referenced, but simply assigned.  They are only valid for the lifetime of the struct auth_session_info
- *
- * This isn't normally an issue, as the auth_session_info has a very long typical life
+ * NOTE: Members of the auth_session_info_transport structure are
+ * talloc_referenced() into this structure, and should not be changed.
  */
 NTSTATUS auth_session_info_transport_from_session(TALLOC_CTX *mem_ctx,
 						  struct auth_session_info *session_info,
@@ -247,18 +236,15 @@ NTSTATUS auth_session_info_transport_from_session(TALLOC_CTX *mem_ctx,
 						  struct auth_session_info_transport **transport_out)
 {
 
-	struct auth_session_info_transport *session_info_transport = talloc_zero(mem_ctx, struct auth_session_info_transport);
-	session_info_transport->security_token = talloc_reference(session_info, session_info->security_token);
-	NT_STATUS_HAVE_NO_MEMORY(session_info_transport->security_token);
-
-	session_info_transport->info = talloc_reference(session_info, session_info->info);
-	NT_STATUS_HAVE_NO_MEMORY(session_info_transport->info);
-
-	session_info_transport->session_key = session_info->session_key;
-	session_info_transport->session_key.data = talloc_reference(session_info, session_info->session_key.data);
-	if (!session_info_transport->session_key.data && session_info->session_key.length) {
+	struct auth_session_info_transport *session_info_transport
+		= talloc_zero(mem_ctx, struct auth_session_info_transport);
+	if (!session_info_transport) {
 		return NT_STATUS_NO_MEMORY;
-	}
+	};
+	session_info_transport->session_info = talloc_reference(session_info_transport, session_info);
+	if (!session_info_transport->session_info) {
+		return NT_STATUS_NO_MEMORY;
+	};
 
 	if (session_info->credentials) {
 		struct gssapi_creds_container *gcc;
author	Andrew Bartlett <abartlet@samba.org>	2011-04-05 16:15:27 +1000
committer	Andrew Bartlett <abartlet@samba.org>	2011-04-05 23:46:04 +0200
commit	663dc94e630910b0b5b61801a03622641b2b83b4 (patch)
tree	3d74a050420ec92dd686f618b3b3ad40b647fc86 /source4/auth
parent	f261266c9d66d7143a867f4719d1549f58915036 (diff)
download	samba-663dc94e630910b0b5b61801a03622641b2b83b4.tar.gz samba-663dc94e630910b0b5b61801a03622641b2b83b4.tar.bz2 samba-663dc94e630910b0b5b61801a03622641b2b83b4.zip