diff options
author | Andrew Bartlett <abartlet@samba.org> | 2011-02-10 20:21:11 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2011-02-22 16:20:11 +1100 |
commit | e3821f2c40691cc747d887bac14d4e3d37f0763b (patch) | |
tree | 8cfef9090749a0b93f0f6e24ee7b20b18aa7d2fa /source4 | |
parent | d7fa34905223ebbf02dadcea0720062a30c3bbab (diff) | |
download | samba-e3821f2c40691cc747d887bac14d4e3d37f0763b.tar.gz samba-e3821f2c40691cc747d887bac14d4e3d37f0763b.tar.bz2 samba-e3821f2c40691cc747d887bac14d4e3d37f0763b.zip |
s4-auth Move libcli/security/session.c to the top level
This code is now useful in common, as the elements of the
auth_session_info structure have now been defined in common IDL.
Andrew Bartlett
Diffstat (limited to 'source4')
-rw-r--r-- | source4/auth/auth.h | 1 | ||||
-rw-r--r-- | source4/auth/session.h | 9 | ||||
-rw-r--r-- | source4/dsdb/repl/drepl_out_helpers.c | 1 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/repl_meta_data.c | 1 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/rootdse.c | 1 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/util.c | 1 | ||||
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/wscript_build | 6 | ||||
-rw-r--r-- | source4/libcli/security/session.c | 65 | ||||
-rw-r--r-- | source4/libcli/security/session.h | 33 | ||||
-rw-r--r-- | source4/libcli/security/wscript_build | 9 | ||||
-rw-r--r-- | source4/libcli/wscript_build | 1 | ||||
-rw-r--r-- | source4/rpc_server/wscript_build | 6 |
12 files changed, 9 insertions, 125 deletions
diff --git a/source4/auth/auth.h b/source4/auth/auth.h index ccc5695a2e..70df694b1e 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -162,6 +162,7 @@ struct auth_critical_sizes { struct ldb_message; struct ldb_context; struct gensec_security; +struct cli_credentials; NTSTATUS auth_get_challenge(struct auth_context *auth_ctx, uint8_t chal[8]); NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, diff --git a/source4/auth/session.h b/source4/auth/session.h index 795497ea8f..8ab6288d64 100644 --- a/source4/auth/session.h +++ b/source4/auth/session.h @@ -21,14 +21,7 @@ #ifndef _SAMBA_AUTH_SESSION_H #define _SAMBA_AUTH_SESSION_H -struct auth_session_info { - struct security_token *security_token; - struct auth_user_info *info; - struct auth_user_info_torture *torture; - DATA_BLOB session_key; - struct cli_credentials *credentials; -}; - +#include "libcli/security/security.h" #include "librpc/gen_ndr/netlogon.h" #include "librpc/gen_ndr/auth.h" diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c index 893eb3bbcd..ebf2f77708 100644 --- a/source4/dsdb/repl/drepl_out_helpers.c +++ b/source4/dsdb/repl/drepl_out_helpers.c @@ -34,6 +34,7 @@ #include "auth/gensec/gensec.h" #include "param/param.h" #include "../lib/util/tevent_ntstatus.h" +#include "libcli/security/security.h" struct dreplsrv_out_drsuapi_state { struct tevent_context *ev; diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 53d53d9021..6fd6d7fa14 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -48,7 +48,6 @@ #include "lib/util/dlinklist.h" #include "dsdb/samdb/ldb_modules/util.h" #include "lib/util/binsearch.h" -#include "libcli/security/session.h" #include "lib/util/tsort.h" struct replmd_private { diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c index 98889125f3..be60d89638 100644 --- a/source4/dsdb/samdb/ldb_modules/rootdse.c +++ b/source4/dsdb/samdb/ldb_modules/rootdse.c @@ -28,7 +28,6 @@ #include "version.h" #include "dsdb/samdb/ldb_modules/util.h" #include "libcli/security/security.h" -#include "libcli/security/session.h" #include "librpc/ndr/libndr.h" #include "auth/auth.h" #include "param/param.h" diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c index 37ab4707f3..49939e2ff4 100644 --- a/source4/dsdb/samdb/ldb_modules/util.c +++ b/source4/dsdb/samdb/ldb_modules/util.c @@ -27,7 +27,6 @@ #include "dsdb/samdb/samdb.h" #include "util.h" #include "libcli/security/security.h" -#include "libcli/security/session.h" /* search for attrs on one DN, in the modules below diff --git a/source4/dsdb/samdb/ldb_modules/wscript_build b/source4/dsdb/samdb/ldb_modules/wscript_build index 5925165afd..4ff5bdfda9 100644 --- a/source4/dsdb/samdb/ldb_modules/wscript_build +++ b/source4/dsdb/samdb/ldb_modules/wscript_build @@ -9,7 +9,7 @@ bld.SAMBA_LIBRARY('dsdb-module', bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPERS', source='util.c acl_util.c schema_util.c', autoproto='util_proto.h', - deps='ldb ndr samdb-common security-session' + deps='ldb ndr samdb-common security' ) bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPER_RIDALLOC', @@ -60,7 +60,7 @@ bld.SAMBA_MODULE('ldb_repl_meta_data', init_function='ldb_repl_meta_data_module_init', module_init_name='ldb_init_module', internal_module=False, - deps='samdb talloc events ndr NDR_DRSUAPI NDR_DRSBLOBS ndr DSDB_MODULE_HELPERS security-session' + deps='samdb talloc events ndr NDR_DRSUAPI NDR_DRSBLOBS ndr DSDB_MODULE_HELPERS security' ) @@ -150,7 +150,7 @@ bld.SAMBA_MODULE('ldb_rootdse', init_function='ldb_rootdse_module_init', module_init_name='ldb_init_module', internal_module=False, - deps='talloc events samdb MESSAGING security-session DSDB_MODULE_HELPERS' + deps='talloc events samdb MESSAGING security DSDB_MODULE_HELPERS' ) diff --git a/source4/libcli/security/session.c b/source4/libcli/security/session.c deleted file mode 100644 index 401e11c489..0000000000 --- a/source4/libcli/security/session.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - session_info utility functions - - Copyright (C) Andrew Bartlett 2008-2010 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -#include "includes.h" -#include "auth/session.h" -#include "libcli/security/session.h" -#include "libcli/security/security.h" - -enum security_user_level security_session_user_level(struct auth_session_info *session_info, - const struct dom_sid *domain_sid) -{ - if (!session_info) { - return SECURITY_ANONYMOUS; - } - - if (security_token_is_system(session_info->security_token)) { - return SECURITY_SYSTEM; - } - - if (security_token_is_anonymous(session_info->security_token)) { - return SECURITY_ANONYMOUS; - } - - if (security_token_has_builtin_administrators(session_info->security_token)) { - return SECURITY_ADMINISTRATOR; - } - - if (domain_sid) { - struct dom_sid *rodc_dcs; - rodc_dcs = dom_sid_add_rid(session_info, domain_sid, DOMAIN_RID_READONLY_DCS); - if (security_token_has_sid(session_info->security_token, rodc_dcs)) { - talloc_free(rodc_dcs); - return SECURITY_RO_DOMAIN_CONTROLLER; - } - talloc_free(rodc_dcs); - } - - if (security_token_has_enterprise_dcs(session_info->security_token)) { - return SECURITY_DOMAIN_CONTROLLER; - } - - if (security_token_has_nt_authenticated_users(session_info->security_token)) { - return SECURITY_USER; - } - - return SECURITY_ANONYMOUS; -} diff --git a/source4/libcli/security/session.h b/source4/libcli/security/session.h deleted file mode 100644 index cf69665497..0000000000 --- a/source4/libcli/security/session.h +++ /dev/null @@ -1,33 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - session_info utility functions - - Copyright (C) Andrew Bartlett 2008-2010 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/>. -*/ - -enum security_user_level { - SECURITY_ANONYMOUS = 0, - SECURITY_USER = 10, - SECURITY_RO_DOMAIN_CONTROLLER = 20, - SECURITY_DOMAIN_CONTROLLER = 30, - SECURITY_ADMINISTRATOR = 40, - SECURITY_SYSTEM = 50 -}; - -#include "libcli/security/session_proto.h" - -struct auth_session_info; diff --git a/source4/libcli/security/wscript_build b/source4/libcli/security/wscript_build deleted file mode 100644 index 9c277236c4..0000000000 --- a/source4/libcli/security/wscript_build +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env python - -bld.SAMBA_LIBRARY('security-session', - source='session.c', - autoproto='session_proto.h', - public_deps='security', - private_library=True - ) - diff --git a/source4/libcli/wscript_build b/source4/libcli/wscript_build index 950c179d7e..f91900d371 100644 --- a/source4/libcli/wscript_build +++ b/source4/libcli/wscript_build @@ -1,7 +1,6 @@ #!/usr/bin/env python bld.RECURSE('ldap') -bld.RECURSE('security') bld.RECURSE('wbclient') bld.SAMBA_LIBRARY('errors', diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build index b796728dad..815459baaf 100644 --- a/source4/rpc_server/wscript_build +++ b/source4/rpc_server/wscript_build @@ -77,7 +77,7 @@ bld.SAMBA_MODULE('dcerpc_winreg', source='winreg/rpc_winreg.c', subsystem='dcerpc_server', init_function='dcerpc_server_winreg_init', - deps='registry ndr-standard security-session', + deps='registry ndr-standard', internal_module=True ) @@ -95,7 +95,7 @@ bld.SAMBA_MODULE('dcerpc_lsarpc', autoproto='lsa/proto.h', subsystem='dcerpc_server', init_function='dcerpc_server_lsa_init', - deps='samdb DCERPC_COMMON ndr-standard LIBCLI_AUTH NDR_DSSETUP com_err security-session kdc-policy' + deps='samdb DCERPC_COMMON ndr-standard LIBCLI_AUTH NDR_DSSETUP com_err security kdc-policy' ) @@ -121,7 +121,7 @@ bld.SAMBA_MODULE('dcerpc_drsuapi', source='drsuapi/dcesrv_drsuapi.c drsuapi/updaterefs.c drsuapi/getncchanges.c drsuapi/addentry.c drsuapi/writespn.c drsuapi/drsutil.c', subsystem='dcerpc_server', init_function='dcerpc_server_drsuapi_init', - deps='samdb DCERPC_COMMON NDR_DRSUAPI security-session' + deps='samdb DCERPC_COMMON NDR_DRSUAPI security' ) |