s4-auth Move libcli/security/session.c to the top level

This code is now useful in common, as the elements of the
auth_session_info structure have now been defined in common IDL.

Andrew Bartlett

12 files changed, 9 insertions, 125 deletions

diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index ccc5695a2e..70df694b1e 100644
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -162,6 +162,7 @@ struct auth_critical_sizes {
 struct ldb_message;
 struct ldb_context;
 struct gensec_security;
+struct cli_credentials;
 
 NTSTATUS auth_get_challenge(struct auth_context *auth_ctx, uint8_t chal[8]);
 NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx,
diff --git a/source4/auth/session.h b/source4/auth/session.h
index 795497ea8f..8ab6288d64 100644
--- a/source4/auth/session.h
+++ b/source4/auth/session.h
@@ -21,14 +21,7 @@
 #ifndef _SAMBA_AUTH_SESSION_H
 #define _SAMBA_AUTH_SESSION_H
 
-struct auth_session_info {
-	struct security_token *security_token;
-	struct auth_user_info *info;
-	struct auth_user_info_torture *torture;
-	DATA_BLOB session_key;
-	struct cli_credentials *credentials;
-};
-
+#include "libcli/security/security.h"
 #include "librpc/gen_ndr/netlogon.h"
 #include "librpc/gen_ndr/auth.h"
 
diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c
index 893eb3bbcd..ebf2f77708 100644
--- a/source4/dsdb/repl/drepl_out_helpers.c
+++ b/source4/dsdb/repl/drepl_out_helpers.c
@@ -34,6 +34,7 @@
 #include "auth/gensec/gensec.h"
 #include "param/param.h"
 #include "../lib/util/tevent_ntstatus.h"
+#include "libcli/security/security.h"
 
 struct dreplsrv_out_drsuapi_state {
 	struct tevent_context *ev;
diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
index 53d53d9021..6fd6d7fa14 100644
--- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
+++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c
@@ -48,7 +48,6 @@
 #include "lib/util/dlinklist.h"
 #include "dsdb/samdb/ldb_modules/util.h"
 #include "lib/util/binsearch.h"
-#include "libcli/security/session.h"
 #include "lib/util/tsort.h"
 
 struct replmd_private {
diff --git a/source4/dsdb/samdb/ldb_modules/rootdse.c b/source4/dsdb/samdb/ldb_modules/rootdse.c
index 98889125f3..be60d89638 100644
--- a/source4/dsdb/samdb/ldb_modules/rootdse.c
+++ b/source4/dsdb/samdb/ldb_modules/rootdse.c
@@ -28,7 +28,6 @@
 #include "version.h"
 #include "dsdb/samdb/ldb_modules/util.h"
 #include "libcli/security/security.h"
-#include "libcli/security/session.h"
 #include "librpc/ndr/libndr.h"
 #include "auth/auth.h"
 #include "param/param.h"
diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c
index 37ab4707f3..49939e2ff4 100644
--- a/source4/dsdb/samdb/ldb_modules/util.c
+++ b/source4/dsdb/samdb/ldb_modules/util.c
@@ -27,7 +27,6 @@
 #include "dsdb/samdb/samdb.h"
 #include "util.h"
 #include "libcli/security/security.h"
-#include "libcli/security/session.h"
 
 /*
   search for attrs on one DN, in the modules below
diff --git a/source4/dsdb/samdb/ldb_modules/wscript_build b/source4/dsdb/samdb/ldb_modules/wscript_build
index 5925165afd..4ff5bdfda9 100644
--- a/source4/dsdb/samdb/ldb_modules/wscript_build
+++ b/source4/dsdb/samdb/ldb_modules/wscript_build
@@ -9,7 +9,7 @@ bld.SAMBA_LIBRARY('dsdb-module',
 bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPERS',
 	source='util.c acl_util.c schema_util.c',
 	autoproto='util_proto.h',
-	deps='ldb ndr samdb-common security-session'
+	deps='ldb ndr samdb-common security'
 	)
 
 bld.SAMBA_SUBSYSTEM('DSDB_MODULE_HELPER_RIDALLOC',
@@ -60,7 +60,7 @@ bld.SAMBA_MODULE('ldb_repl_meta_data',
 	init_function='ldb_repl_meta_data_module_init',
 	module_init_name='ldb_init_module',
 	internal_module=False,
-	deps='samdb talloc events ndr NDR_DRSUAPI NDR_DRSBLOBS ndr DSDB_MODULE_HELPERS security-session'
+	deps='samdb talloc events ndr NDR_DRSUAPI NDR_DRSBLOBS ndr DSDB_MODULE_HELPERS security'
 	)
 
 
@@ -150,7 +150,7 @@ bld.SAMBA_MODULE('ldb_rootdse',
 	init_function='ldb_rootdse_module_init',
 	module_init_name='ldb_init_module',
 	internal_module=False,
-	deps='talloc events samdb MESSAGING security-session DSDB_MODULE_HELPERS'
+	deps='talloc events samdb MESSAGING security DSDB_MODULE_HELPERS'
 	)
 
 
diff --git a/source4/libcli/security/session.c b/source4/libcli/security/session.c
deleted file mode 100644
index 401e11c489..0000000000
--- a/source4/libcli/security/session.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
-   Unix SMB/CIFS implementation.
-
-   session_info utility functions
-
-   Copyright (C) Andrew Bartlett 2008-2010
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3 of the License, or
-   (at your option) any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "includes.h"
-#include "auth/session.h"
-#include "libcli/security/session.h"
-#include "libcli/security/security.h"
-
-enum security_user_level security_session_user_level(struct auth_session_info *session_info,
-						     const struct dom_sid *domain_sid)
-{
-	if (!session_info) {
-		return SECURITY_ANONYMOUS;
-	}
-
-	if (security_token_is_system(session_info->security_token)) {
-		return SECURITY_SYSTEM;
-	}
-
-	if (security_token_is_anonymous(session_info->security_token)) {
-		return SECURITY_ANONYMOUS;
-	}
-
-	if (security_token_has_builtin_administrators(session_info->security_token)) {
-		return SECURITY_ADMINISTRATOR;
-	}
-
-	if (domain_sid) {
-		struct dom_sid *rodc_dcs;
-		rodc_dcs = dom_sid_add_rid(session_info, domain_sid, DOMAIN_RID_READONLY_DCS);
-		if (security_token_has_sid(session_info->security_token, rodc_dcs)) {
-			talloc_free(rodc_dcs);
-			return SECURITY_RO_DOMAIN_CONTROLLER;
-		}
-		talloc_free(rodc_dcs);
-	}
-
-	if (security_token_has_enterprise_dcs(session_info->security_token)) {
-		return SECURITY_DOMAIN_CONTROLLER;
-	}
-
-	if (security_token_has_nt_authenticated_users(session_info->security_token)) {
-		return SECURITY_USER;
-	}
-
-	return SECURITY_ANONYMOUS;
-}
diff --git a/source4/libcli/security/session.h b/source4/libcli/security/session.h
deleted file mode 100644
index cf69665497..0000000000
--- a/source4/libcli/security/session.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
-   Unix SMB/CIFS implementation.
-
-   session_info utility functions
-
-   Copyright (C) Andrew Bartlett 2008-2010
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 3 of the License, or
-   (at your option) any later version.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
-
-enum security_user_level {
-	SECURITY_ANONYMOUS            = 0,
-	SECURITY_USER                 = 10,
-	SECURITY_RO_DOMAIN_CONTROLLER = 20,
-	SECURITY_DOMAIN_CONTROLLER    = 30,
-	SECURITY_ADMINISTRATOR        = 40,
-	SECURITY_SYSTEM               = 50
-};
-
-#include "libcli/security/session_proto.h"
-
-struct auth_session_info;
diff --git a/source4/libcli/security/wscript_build b/source4/libcli/security/wscript_build
deleted file mode 100644
index 9c277236c4..0000000000
--- a/source4/libcli/security/wscript_build
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/usr/bin/env python
-
-bld.SAMBA_LIBRARY('security-session',
-	source='session.c',
-	autoproto='session_proto.h',
-	public_deps='security',
-	private_library=True
-	)
-
diff --git a/source4/libcli/wscript_build b/source4/libcli/wscript_build
index 950c179d7e..f91900d371 100644
--- a/source4/libcli/wscript_build
+++ b/source4/libcli/wscript_build
@@ -1,7 +1,6 @@
 #!/usr/bin/env python
 
 bld.RECURSE('ldap')
-bld.RECURSE('security')
 bld.RECURSE('wbclient')
 
 bld.SAMBA_LIBRARY('errors',
diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build
index b796728dad..815459baaf 100644
--- a/source4/rpc_server/wscript_build
+++ b/source4/rpc_server/wscript_build
@@ -77,7 +77,7 @@ bld.SAMBA_MODULE('dcerpc_winreg',
 	source='winreg/rpc_winreg.c',
 	subsystem='dcerpc_server',
 	init_function='dcerpc_server_winreg_init',
-	deps='registry ndr-standard security-session',
+	deps='registry ndr-standard',
 	internal_module=True
 	)
 
@@ -95,7 +95,7 @@ bld.SAMBA_MODULE('dcerpc_lsarpc',
 	autoproto='lsa/proto.h',
 	subsystem='dcerpc_server',
 	init_function='dcerpc_server_lsa_init',
-	deps='samdb DCERPC_COMMON ndr-standard LIBCLI_AUTH NDR_DSSETUP com_err security-session kdc-policy'
+	deps='samdb DCERPC_COMMON ndr-standard LIBCLI_AUTH NDR_DSSETUP com_err security kdc-policy'
 	)
 
 
@@ -121,7 +121,7 @@ bld.SAMBA_MODULE('dcerpc_drsuapi',
 	source='drsuapi/dcesrv_drsuapi.c drsuapi/updaterefs.c drsuapi/getncchanges.c drsuapi/addentry.c drsuapi/writespn.c drsuapi/drsutil.c',
 	subsystem='dcerpc_server',
 	init_function='dcerpc_server_drsuapi_init',
-	deps='samdb DCERPC_COMMON NDR_DRSUAPI security-session'
+	deps='samdb DCERPC_COMMON NDR_DRSUAPI security'
 	)