diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2004-06-05 01:39:08 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:28 -0500 |
| commit | 0d466258be1fc7156de469daec07b79701557168 (patch) | |
| tree | ec4af23d2117cafbf39a062f44eebc8b68182324 /source4/smb_server | |
| parent | b553acce4b426e1a2e4fda3a9acbfbf41003154a (diff) | |
| download | samba-0d466258be1fc7156de469daec07b79701557168.tar.gz samba-0d466258be1fc7156de469daec07b79701557168.tar.bz2 samba-0d466258be1fc7156de469daec07b79701557168.zip | |
r1019: Push the auth subsystem away from using typedef, and over to the 'all
goodness and light' struct ;-)
Break apart the auth subsystem's return strucutres, into the parts
that a netlogon call cares about, and the parts that are for a local
session. This is the 'struct session_info' and it will almost
completly replace the current information stored on a vuid, but be
generic to all login methods (RPC over TCP, for example).
Andrew Bartlett
(This used to be commit d199697014d9562f9439a30b950fda798c5ef419)
Diffstat (limited to 'source4/smb_server')
| -rw-r--r-- | source4/smb_server/password.c | 21 | ||||
| -rw-r--r-- | source4/smb_server/sesssetup.c | 38 |
2 files changed, 23 insertions, 36 deletions
diff --git a/source4/smb_server/password.c b/source4/smb_server/password.c index ca89003cf1..075638852c 100644 --- a/source4/smb_server/password.c +++ b/source4/smb_server/password.c @@ -55,12 +55,10 @@ void invalidate_vuid(struct server_context *smb, uint16_t vuid) if (vuser == NULL) return; - - data_blob_free(&vuser->session_key); session_yield(vuser); - free_server_info(&vuser->server_info); + talloc_destroy(vuser->session_info->mem_ctx); DLIST_REMOVE(smb->users.validated_users, vuser); @@ -101,8 +99,7 @@ void invalidate_all_vuids(struct server_context *smb) */ int register_vuid(struct server_context *smb, - struct auth_serversupplied_info *server_info, - DATA_BLOB *session_key, + struct auth_session_info *session_info, const char *smb_name) { user_struct *vuser = NULL; @@ -135,18 +132,8 @@ int register_vuid(struct server_context *smb, vuser->vuid = smb->users.next_vuid; - vuser->session_key = *session_key; - - if (!server_info->ptok) { - DEBUG(1, ("server_info does not contain a user_token - cannot continue\n")); - free_server_info(&server_info); - - SAFE_FREE(vuser); - return UID_FIELD_INVALID; - } - /* use this to keep tabs on all our info from the authentication */ - vuser->server_info = server_info; + vuser->session_info = session_info; smb->users.next_vuid++; smb->users.num_validated_vuids++; @@ -156,7 +143,7 @@ int register_vuid(struct server_context *smb, if (!session_claim(smb, vuser)) { DEBUG(1,("Failed to claim session for vuid=%d\n", vuser->vuid)); invalidate_vuid(smb, vuser->vuid); - return -1; + return UID_FIELD_INVALID; } return vuser->vuid; diff --git a/source4/smb_server/sesssetup.c b/source4/smb_server/sesssetup.c index fdcc1d298a..12b17c366a 100644 --- a/source4/smb_server/sesssetup.c +++ b/source4/smb_server/sesssetup.c @@ -41,10 +41,10 @@ static void sesssetup_common_strings(struct request_context *req, static NTSTATUS sesssetup_old(struct request_context *req, union smb_sesssetup *sess) { NTSTATUS status; - auth_usersupplied_info *user_info = NULL; - auth_serversupplied_info *server_info = NULL; + struct auth_usersupplied_info *user_info = NULL; + struct auth_serversupplied_info *server_info = NULL; + struct auth_session_info *session_info; DATA_BLOB null_blob; - DATA_BLOB session_key; if (!req->smb->negotiate.done_sesssetup) { req->smb->negotiate.max_send = sess->old.in.bufsize; @@ -67,14 +67,13 @@ static NTSTATUS sesssetup_old(struct request_context *req, union smb_sesssetup * return nt_status_squash(status); } - if (server_info->user_session_key.data) { - session_key = data_blob(server_info->user_session_key.data, server_info->user_session_key.length); - } else { - session_key = data_blob(NULL, 0); + status = make_session_info(server_info, &session_info); + if (!NT_STATUS_IS_OK(status)) { + return nt_status_squash(status); } sess->old.out.action = 0; - sess->old.out.vuid = register_vuid(req->smb, server_info, &session_key, sess->old.in.user); + sess->old.out.vuid = register_vuid(req->smb, session_info, sess->old.in.user); sesssetup_common_strings(req, &sess->old.out.os, &sess->old.out.lanman, @@ -90,9 +89,9 @@ static NTSTATUS sesssetup_old(struct request_context *req, union smb_sesssetup * static NTSTATUS sesssetup_nt1(struct request_context *req, union smb_sesssetup *sess) { NTSTATUS status; - auth_usersupplied_info *user_info = NULL; - auth_serversupplied_info *server_info = NULL; - DATA_BLOB session_key; + struct auth_usersupplied_info *user_info = NULL; + struct auth_serversupplied_info *server_info = NULL; + struct auth_session_info *session_info; if (!req->smb->negotiate.done_sesssetup) { req->smb->negotiate.max_send = sess->nt1.in.bufsize; @@ -114,21 +113,22 @@ static NTSTATUS sesssetup_nt1(struct request_context *req, union smb_sesssetup * return nt_status_squash(status); } - if (server_info->user_session_key.data) { - session_key = data_blob(server_info->user_session_key.data, server_info->user_session_key.length); - } else { - session_key = data_blob(NULL, 0); + status = make_session_info(server_info, &session_info); + if (!NT_STATUS_IS_OK(status)) { + return nt_status_squash(status); } sess->nt1.out.action = 0; - sess->nt1.out.vuid = register_vuid(req->smb, server_info, &session_key, sess->old.in.user); + sess->nt1.out.vuid = register_vuid(req->smb, session_info, sess->old.in.user); + if (sess->nt1.out.vuid == UID_FIELD_INVALID) { + return NT_STATUS_ACCESS_DENIED; + } sesssetup_common_strings(req, &sess->nt1.out.os, &sess->nt1.out.lanman, &sess->nt1.out.domain); - - srv_setup_signing(req->smb, &session_key, &sess->nt1.in.password2); - + + srv_setup_signing(req->smb, &session_info->session_key, &sess->nt1.in.password2); return NT_STATUS_OK; } |