auth: Make check_password and generate_session_info hook generic

gensec_ntlmssp does not need to know the internal form of the struct user_info_dc or auth_serversupplied_info. This will allow the calling logic to be put in common. Andrew Bartlett
author: Andrew Bartlett <abartlet@samba.org> 2012-01-30 11:17:44 +1100
committer: Andrew Bartlett <abartlet@samba.org> 2012-01-30 08:05:14 +0100
commit: a647df4607cb6d916cd689f92cd27995ca0f9ab4 (patch)
tree: a1a8a5ac0455b62fcd427e75ccebe65251686bcb /source4/auth
parent: 7c6713e78ff22ebf0aa1caa10697bad9d4cc885e (diff)
download: samba-a647df4607cb6d916cd689f92cd27995ca0f9ab4.tar.gz
samba-a647df4607cb6d916cd689f92cd27995ca0f9ab4.tar.bz2
samba-a647df4607cb6d916cd689f92cd27995ca0f9ab4.zip
3 files changed, 51 insertions, 21 deletions
diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index a7fc413ecc..1b22701499 100644
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -152,9 +152,15 @@ NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx,
 			     struct loadparm_context *lp_ctx,
 			     struct auth4_context **auth_ctx);
 
+NTSTATUS auth_check_password_wrapper(struct auth4_context *auth_ctx,
+			     TALLOC_CTX *mem_ctx,
+			     const struct auth_usersupplied_info *user_info, 
+			     void **server_returned_info,
+			     DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key);
+
 NTSTATUS auth_check_password(struct auth4_context *auth_ctx,
 			     TALLOC_CTX *mem_ctx,
-			     const struct auth_usersupplied_info *user_info,
+			     const struct auth_usersupplied_info *user_info, 
 			     struct auth_user_info_dc **user_info_dc);
 NTSTATUS auth4_init(void);
 NTSTATUS auth_register(const struct auth_operations *ops);
diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c
index 95bdd84837..a654fab096 100644
--- a/source4/auth/ntlm/auth.c
+++ b/source4/auth/ntlm/auth.c
@@ -35,7 +35,7 @@
 
 static NTSTATUS auth_generate_session_info_wrapper(TALLOC_CTX *mem_ctx,
                                                   struct auth4_context *auth_context,
-                                                  struct auth_user_info_dc *user_info_dc,
+						   void *server_returned_info,
                                                   uint32_t session_info_flags,
 						   struct auth_session_info **session_info);
 
@@ -208,6 +208,38 @@ _PUBLIC_ NTSTATUS auth_check_password(struct auth4_context *auth_ctx,
 	return status;
 }
 
+_PUBLIC_ NTSTATUS auth_check_password_wrapper(struct auth4_context *auth_ctx,
+					      TALLOC_CTX *mem_ctx,
+					      const struct auth_usersupplied_info *user_info, 
+					      void **server_returned_info,
+					      DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key)
+{
+	struct auth_user_info_dc *user_info_dc;
+	NTSTATUS status = auth_check_password(auth_ctx, mem_ctx, user_info, &user_info_dc);
+
+	if (NT_STATUS_IS_OK(status)) {
+		*server_returned_info = user_info_dc;
+
+		if (user_session_key) {
+			DEBUG(10, ("Got NT session key of length %u\n",
+				   (unsigned)user_info_dc->user_session_key.length));
+			*user_session_key = user_info_dc->user_session_key;
+			talloc_steal(mem_ctx, user_session_key->data);
+			user_info_dc->user_session_key = data_blob_null;
+		}
+
+		if (lm_session_key) {
+			DEBUG(10, ("Got LM session key of length %u\n",
+				   (unsigned)user_info_dc->lm_session_key.length));
+			*lm_session_key = user_info_dc->lm_session_key;
+			talloc_steal(mem_ctx, lm_session_key->data);
+			user_info_dc->lm_session_key = data_blob_null;
+		}
+	}
+
+	return status;
+}
+
 struct auth_check_password_state {
 	struct auth4_context *auth_ctx;
 	const struct auth_usersupplied_info *user_info;
@@ -433,10 +465,11 @@ _PUBLIC_ NTSTATUS auth_check_password_recv(struct tevent_req *req,
   * generation of unix tokens via IRPC */
 static NTSTATUS auth_generate_session_info_wrapper(TALLOC_CTX *mem_ctx,
                                                   struct auth4_context *auth_context,
-                                                  struct auth_user_info_dc *user_info_dc,
+						   void *server_returned_info,
                                                   uint32_t session_info_flags,
                                                   struct auth_session_info **session_info)
 {
+	struct auth_user_info_dc *user_info_dc = talloc_get_type_abort(server_returned_info, struct auth_user_info_dc);
 	NTSTATUS status = auth_generate_session_info(mem_ctx, auth_context->lp_ctx,
 						     auth_context->sam_ctx, user_info_dc,
 						     session_info_flags, session_info);
@@ -562,7 +595,7 @@ _PUBLIC_ NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **
 		DLIST_ADD_END(ctx->methods, method, struct auth_method_context *);
 	}
 
-	ctx->check_password = auth_check_password;
+	ctx->check_password = auth_check_password_wrapper;
 	ctx->get_challenge = auth_get_challenge;
 	ctx->set_challenge = auth_context_set_challenge;
 	ctx->challenge_may_be_modified = auth_challenge_may_be_modified;
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index dcd6123499..1a876e319f 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -189,25 +189,15 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
 		nt_status = auth_context->check_password(auth_context,
 							 gensec_ntlmssp,
 							 user_info,
-							 &gensec_ntlmssp->user_info_dc);
+							 &gensec_ntlmssp->server_returned_info,
+							 user_session_key, lm_session_key);
 	}
 	talloc_free(user_info);
 	NT_STATUS_NOT_OK_RETURN(nt_status);
 
-	if (gensec_ntlmssp->user_info_dc->user_session_key.length) {
-		DEBUG(10, ("Got NT session key of length %u\n",
-			   (unsigned)gensec_ntlmssp->user_info_dc->user_session_key.length));
-		*user_session_key = gensec_ntlmssp->user_info_dc->user_session_key;
-		talloc_steal(mem_ctx, user_session_key->data);
-		gensec_ntlmssp->user_info_dc->user_session_key = data_blob_null;
-	}
-	if (gensec_ntlmssp->user_info_dc->lm_session_key.length) {
-		DEBUG(10, ("Got LM session key of length %u\n",
-			   (unsigned)gensec_ntlmssp->user_info_dc->lm_session_key.length));
-		*lm_session_key = gensec_ntlmssp->user_info_dc->lm_session_key;
-		talloc_steal(mem_ctx, lm_session_key->data);
-		gensec_ntlmssp->user_info_dc->lm_session_key = data_blob_null;
-	}
+	talloc_steal(mem_ctx, user_session_key->data);
+	talloc_steal(mem_ctx, lm_session_key->data);
+	
 	return nt_status;
 }
 
@@ -229,10 +219,11 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security,
 	struct gensec_ntlmssp_context *gensec_ntlmssp =
 		talloc_get_type_abort(gensec_security->private_data,
 				      struct gensec_ntlmssp_context);
-
+	struct auth_user_info_dc *user_info_dc = talloc_get_type_abort(gensec_ntlmssp->server_returned_info,
+								       struct auth_user_info_dc);
 	nt_status = gensec_generate_session_info(mem_ctx,
 						 gensec_security,
-						 gensec_ntlmssp->user_info_dc,
+						 user_info_dc,
 						 session_info);
 	NT_STATUS_NOT_OK_RETURN(nt_status);
author	Andrew Bartlett <abartlet@samba.org>	2012-01-30 11:17:44 +1100
committer	Andrew Bartlett <abartlet@samba.org>	2012-01-30 08:05:14 +0100
commit	a647df4607cb6d916cd689f92cd27995ca0f9ab4 (patch)
tree	a1a8a5ac0455b62fcd427e75ccebe65251686bcb /source4/auth
parent	7c6713e78ff22ebf0aa1caa10697bad9d4cc885e (diff)
download	samba-a647df4607cb6d916cd689f92cd27995ca0f9ab4.tar.gz samba-a647df4607cb6d916cd689f92cd27995ca0f9ab4.tar.bz2 samba-a647df4607cb6d916cd689f92cd27995ca0f9ab4.zip