summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-04-09 17:18:53 +1000
committerAndrew Bartlett <abartlet@samba.org>2010-04-11 13:36:04 +1000
commit2c193fe91af60f29ed4d560496842073097469bb (patch)
tree99b9a777475de9d2d8bb940a4d21e931feeeb38d /source4
parent18078ec4450a7ee37b613020886ec6bead7a6ead (diff)
downloadsamba-2c193fe91af60f29ed4d560496842073097469bb.tar.gz
samba-2c193fe91af60f29ed4d560496842073097469bb.tar.bz2
samba-2c193fe91af60f29ed4d560496842073097469bb.zip
s4:auth Remove event context from anonymous_session()
This should always return a simple structure with no need to consult a DB, so remove the event context, and simplfy to call helper functions that don't look at privilages. Andrew Bartlett
Diffstat (limited to 'source4')
-rw-r--r--source4/auth/gensec/schannel.c2
-rw-r--r--source4/auth/session.c114
-rw-r--r--source4/auth/session.h2
-rw-r--r--source4/auth/system_session.c119
-rw-r--r--source4/ldap_server/ldap_server.c2
-rw-r--r--source4/rpc_server/common/server_info.c2
-rw-r--r--source4/rpc_server/service_rpc.c1
7 files changed, 119 insertions, 123 deletions
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index 939a383a04..7877ea461a 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -206,7 +206,7 @@ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security,
struct auth_session_info **_session_info)
{
struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
- return auth_anonymous_session_info(state, gensec_security->event_ctx, gensec_security->settings->lp_ctx, _session_info);
+ return auth_anonymous_session_info(state, gensec_security->settings->lp_ctx, _session_info);
}
static NTSTATUS schannel_start(struct gensec_security *gensec_security)
diff --git a/source4/auth/session.c b/source4/auth/session.c
index ef5646fd37..8efdcd8807 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -2,7 +2,7 @@
Unix SMB/CIFS implementation.
Authentication utility functions
Copyright (C) Andrew Tridgell 1992-1998
- Copyright (C) Andrew Bartlett 2001
+ Copyright (C) Andrew Bartlett 2001-2010
Copyright (C) Jeremy Allison 2000-2001
Copyright (C) Rafal Szczesniak 2002
Copyright (C) Stefan Metzmacher 2005
@@ -31,127 +31,17 @@
#include "auth/session_proto.h"
_PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
- struct tevent_context *event_ctx,
struct loadparm_context *lp_ctx)
{
NTSTATUS nt_status;
struct auth_session_info *session_info = NULL;
- nt_status = auth_anonymous_session_info(mem_ctx, event_ctx, lp_ctx, &session_info);
+ nt_status = auth_anonymous_session_info(mem_ctx, lp_ctx, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
return NULL;
}
return session_info;
}
-_PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
- struct tevent_context *event_ctx,
- struct loadparm_context *lp_ctx,
- struct auth_session_info **_session_info)
-{
- NTSTATUS nt_status;
- struct auth_serversupplied_info *server_info = NULL;
- struct auth_session_info *session_info = NULL;
- TALLOC_CTX *mem_ctx = talloc_new(parent_ctx);
-
- nt_status = auth_anonymous_server_info(mem_ctx,
- lp_netbios_name(lp_ctx),
- &server_info);
- if (!NT_STATUS_IS_OK(nt_status)) {
- talloc_free(mem_ctx);
- return nt_status;
- }
-
- /* references the server_info into the session_info */
- nt_status = auth_generate_session_info(parent_ctx, event_ctx, lp_ctx, server_info, &session_info);
- talloc_free(mem_ctx);
-
- NT_STATUS_NOT_OK_RETURN(nt_status);
-
- session_info->credentials = cli_credentials_init(session_info);
- if (!session_info->credentials) {
- return NT_STATUS_NO_MEMORY;
- }
-
- cli_credentials_set_conf(session_info->credentials, lp_ctx);
- cli_credentials_set_anonymous(session_info->credentials);
-
- *_session_info = session_info;
-
- return NT_STATUS_OK;
-}
-
-_PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
- const char *netbios_name,
- struct auth_serversupplied_info **_server_info)
-{
- struct auth_serversupplied_info *server_info;
- server_info = talloc(mem_ctx, struct auth_serversupplied_info);
- NT_STATUS_HAVE_NO_MEMORY(server_info);
-
- server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
- NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
-
- /* is this correct? */
- server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS);
- NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
-
- server_info->n_domain_groups = 0;
- server_info->domain_groups = NULL;
-
- /* annoying, but the Anonymous really does have a session key... */
- server_info->user_session_key = data_blob_talloc(server_info, NULL, 16);
- NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
-
- server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16);
- NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
-
- /* and it is all zeros! */
- data_blob_clear(&server_info->user_session_key);
- data_blob_clear(&server_info->lm_session_key);
-
- server_info->account_name = talloc_strdup(server_info, "ANONYMOUS LOGON");
- NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
-
- server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY");
- NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
-
- server_info->full_name = talloc_strdup(server_info, "Anonymous Logon");
- NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
-
- server_info->logon_script = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
-
- server_info->profile_path = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
-
- server_info->home_directory = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
-
- server_info->home_drive = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
-
- server_info->logon_server = talloc_strdup(server_info, netbios_name);
- NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
-
- server_info->last_logon = 0;
- server_info->last_logoff = 0;
- server_info->acct_expiry = 0;
- server_info->last_password_change = 0;
- server_info->allow_password_change = 0;
- server_info->force_password_change = 0;
-
- server_info->logon_count = 0;
- server_info->bad_password_count = 0;
-
- server_info->acct_flags = ACB_NORMAL;
-
- server_info->authenticated = false;
-
- *_server_info = server_info;
-
- return NT_STATUS_OK;
-}
-
_PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
struct tevent_context *event_ctx,
struct loadparm_context *lp_ctx,
diff --git a/source4/auth/session.h b/source4/auth/session.h
index 2a5a8f1098..e988855a15 100644
--- a/source4/auth/session.h
+++ b/source4/auth/session.h
@@ -54,12 +54,10 @@ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
struct auth_session_info **_session_info) ;
NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
- struct tevent_context *ev_ctx,
struct loadparm_context *lp_ctx,
struct auth_session_info **_session_info);
struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
- struct tevent_context *event_ctx,
struct loadparm_context *lp_ctx);
struct auth_session_info *admin_session(TALLOC_CTX *mem_ctx,
diff --git a/source4/auth/system_session.c b/source4/auth/system_session.c
index a1b04604a6..9b9268de95 100644
--- a/source4/auth/system_session.c
+++ b/source4/auth/system_session.c
@@ -2,7 +2,7 @@
Unix SMB/CIFS implementation.
Authentication utility functions
Copyright (C) Andrew Tridgell 1992-1998
- Copyright (C) Andrew Bartlett 2001
+ Copyright (C) Andrew Bartlett 2001-2010
Copyright (C) Jeremy Allison 2000-2001
Copyright (C) Rafal Szczesniak 2002
Copyright (C) Stefan Metzmacher 2005
@@ -114,9 +114,9 @@ static NTSTATUS create_token(TALLOC_CTX *mem_ctx,
return NT_STATUS_INTERNAL_ERROR;
}
-static NTSTATUS generate_session_info(TALLOC_CTX *mem_ctx,
- struct auth_serversupplied_info *server_info,
- struct auth_session_info **_session_info)
+static NTSTATUS generate_simple_session_info(TALLOC_CTX *mem_ctx,
+ struct auth_serversupplied_info *server_info,
+ struct auth_session_info **_session_info)
{
struct auth_session_info *session_info;
NTSTATUS nt_status;
@@ -197,7 +197,7 @@ static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx,
}
/* references the server_info into the session_info */
- nt_status = generate_session_info(parent_ctx, server_info, &session_info);
+ nt_status = generate_simple_session_info(parent_ctx, server_info, &session_info);
talloc_free(mem_ctx);
NT_STATUS_NOT_OK_RETURN(nt_status);
@@ -509,3 +509,112 @@ _PUBLIC_ struct auth_session_info *admin_session(TALLOC_CTX *mem_ctx, struct loa
}
return session_info;
}
+
+_PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
+ struct loadparm_context *lp_ctx,
+ struct auth_session_info **_session_info)
+{
+ NTSTATUS nt_status;
+ struct auth_serversupplied_info *server_info = NULL;
+ struct auth_session_info *session_info = NULL;
+ TALLOC_CTX *mem_ctx = talloc_new(parent_ctx);
+
+ nt_status = auth_anonymous_server_info(mem_ctx,
+ lp_netbios_name(lp_ctx),
+ &server_info);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ talloc_free(mem_ctx);
+ return nt_status;
+ }
+
+ /* references the server_info into the session_info */
+ nt_status = generate_simple_session_info(parent_ctx, server_info, &session_info);
+ talloc_free(mem_ctx);
+
+ NT_STATUS_NOT_OK_RETURN(nt_status);
+
+ session_info->credentials = cli_credentials_init(session_info);
+ if (!session_info->credentials) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ cli_credentials_set_conf(session_info->credentials, lp_ctx);
+ cli_credentials_set_anonymous(session_info->credentials);
+
+ *_session_info = session_info;
+
+ return NT_STATUS_OK;
+}
+
+_PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
+ const char *netbios_name,
+ struct auth_serversupplied_info **_server_info)
+{
+ struct auth_serversupplied_info *server_info;
+ server_info = talloc(mem_ctx, struct auth_serversupplied_info);
+ NT_STATUS_HAVE_NO_MEMORY(server_info);
+
+ server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
+ NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
+
+ /* is this correct? */
+ server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS);
+ NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
+
+ server_info->n_domain_groups = 0;
+ server_info->domain_groups = NULL;
+
+ /* annoying, but the Anonymous really does have a session key... */
+ server_info->user_session_key = data_blob_talloc(server_info, NULL, 16);
+ NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
+
+ server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16);
+ NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
+
+ /* and it is all zeros! */
+ data_blob_clear(&server_info->user_session_key);
+ data_blob_clear(&server_info->lm_session_key);
+
+ server_info->account_name = talloc_strdup(server_info, "ANONYMOUS LOGON");
+ NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
+
+ server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY");
+ NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
+
+ server_info->full_name = talloc_strdup(server_info, "Anonymous Logon");
+ NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
+
+ server_info->logon_script = talloc_strdup(server_info, "");
+ NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
+
+ server_info->profile_path = talloc_strdup(server_info, "");
+ NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
+
+ server_info->home_directory = talloc_strdup(server_info, "");
+ NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
+
+ server_info->home_drive = talloc_strdup(server_info, "");
+ NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
+
+ server_info->logon_server = talloc_strdup(server_info, netbios_name);
+ NT_STATUS_HAVE_NO_MEMORY(server_info->logon_server);
+
+ server_info->last_logon = 0;
+ server_info->last_logoff = 0;
+ server_info->acct_expiry = 0;
+ server_info->last_password_change = 0;
+ server_info->allow_password_change = 0;
+ server_info->force_password_change = 0;
+
+ server_info->logon_count = 0;
+ server_info->bad_password_count = 0;
+
+ server_info->acct_flags = ACB_NORMAL;
+
+ server_info->authenticated = false;
+
+ *_server_info = server_info;
+
+ return NT_STATUS_OK;
+}
+
diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index 28e6f21f3d..92c549ecd2 100644
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -442,7 +442,7 @@ static void ldapsrv_accept_nonpriv(struct stream_connection *c)
NTSTATUS status;
status = auth_anonymous_session_info(
- c, c->event.ctx, ldapsrv_service->task->lp_ctx, &session_info);
+ c, ldapsrv_service->task->lp_ctx, &session_info);
if (!NT_STATUS_IS_OK(status)) {
stream_terminate_connection(c, "failed to setup anonymous "
"session info");
diff --git a/source4/rpc_server/common/server_info.c b/source4/rpc_server/common/server_info.c
index 2906b89ef1..d6e11edd00 100644
--- a/source4/rpc_server/common/server_info.c
+++ b/source4/rpc_server/common/server_info.c
@@ -95,7 +95,7 @@ uint32_t dcesrv_common_get_server_type(TALLOC_CTX *mem_ctx, struct tevent_contex
break;
}
/* open main ldb */
- samctx = samdb_connect(tmp_ctx, event_ctx, dce_ctx->lp_ctx, anonymous_session(tmp_ctx, event_ctx, dce_ctx->lp_ctx));
+ samctx = samdb_connect(tmp_ctx, event_ctx, dce_ctx->lp_ctx, anonymous_session(tmp_ctx, dce_ctx->lp_ctx));
if (samctx == NULL) {
DEBUG(2,("Unable to open samdb in determining server announce flags\n"));
} else {
diff --git a/source4/rpc_server/service_rpc.c b/source4/rpc_server/service_rpc.c
index ac760fd9a6..6485d9ef97 100644
--- a/source4/rpc_server/service_rpc.c
+++ b/source4/rpc_server/service_rpc.c
@@ -342,7 +342,6 @@ static void dcesrv_sock_accept(struct stream_connection *srv_conn)
if (!srv_conn->session_info) {
status = auth_anonymous_session_info(srv_conn,
- srv_conn->event.ctx,
lp_ctx,
&srv_conn->session_info);
if (!NT_STATUS_IS_OK(status)) {