s4-auth Rework auth subsystem to remove struct auth_serversupplied_info

This changes auth_serversupplied_info into the IDL-defined struct
auth_user_info_dc.  This then in turn contains a struct
auth_user_info, which is the only part of the structure that is
mainted into the struct session_info.

The idea here is to avoid keeping the incomplete results of the
authentication (such as session keys, lists of SID memberships etc) in
a namespace where it may be confused for the finalised results.

Andrew Barltett

2 files changed, 9 insertions, 9 deletions

diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 6ec078bd4e..5cd532ea13 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -3637,8 +3637,8 @@ static NTSTATUS dcesrv_lsa_GetUserName(struct dcesrv_call_state *dce_call, TALLO
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	account_name = talloc_reference(mem_ctx, dce_call->conn->auth_state.session_info->server_info->account_name);
-	authority_name = talloc_reference(mem_ctx, dce_call->conn->auth_state.session_info->server_info->domain_name);
+	account_name = talloc_reference(mem_ctx, dce_call->conn->auth_state.session_info->info->account_name);
+	authority_name = talloc_reference(mem_ctx, dce_call->conn->auth_state.session_info->info->domain_name);
 
 	_account_name = talloc(mem_ctx, struct lsa_String);
 	NT_STATUS_HAVE_NO_MEMORY(_account_name);
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index e060380402..4d5382f37e 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -602,7 +602,7 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
 {
 	struct auth_context *auth_context;
 	struct auth_usersupplied_info *user_info;
-	struct auth_serversupplied_info *server_info;
+	struct auth_user_info_dc *user_info_dc;
 	NTSTATUS nt_status;
 	static const char zeros[16];
 	struct netr_SamBaseInfo *sam;
@@ -734,13 +734,13 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	nt_status = auth_check_password(auth_context, mem_ctx, user_info, &server_info);
+	nt_status = auth_check_password(auth_context, mem_ctx, user_info, &user_info_dc);
 	/* TODO: set *r->out.authoritative = 0 on specific errors */
 	NT_STATUS_NOT_OK_RETURN(nt_status);
 
 	switch (r->in.validation_level) {
 	case 2:
-		nt_status = auth_convert_server_info_sambaseinfo(mem_ctx, server_info, &sam);
+		nt_status = auth_convert_user_info_dc_sambaseinfo(mem_ctx, user_info_dc, &sam);
 		NT_STATUS_NOT_OK_RETURN(nt_status);
 
 		sam2 = talloc_zero(mem_ctx, struct netr_SamInfo2);
@@ -755,8 +755,8 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
 		break;
 
 	case 3:
-		nt_status = auth_convert_server_info_saminfo3(mem_ctx,
-							      server_info,
+		nt_status = auth_convert_user_info_dc_saminfo3(mem_ctx,
+							      user_info_dc,
 							      &sam3);
 		NT_STATUS_NOT_OK_RETURN(nt_status);
 
@@ -766,8 +766,8 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
 		break;
 
 	case 6:
-		nt_status = auth_convert_server_info_saminfo3(mem_ctx,
-							   server_info,
+		nt_status = auth_convert_user_info_dc_saminfo3(mem_ctx,
+							   user_info_dc,
 							   &sam3);
 		NT_STATUS_NOT_OK_RETURN(nt_status);