diff options
| -rw-r--r-- | auth/gensec/gensec.h | 5 | ||||
| -rw-r--r-- | auth/gensec/gensec_util.c | 29 | ||||
| -rw-r--r-- | source4/auth/ntlm/auth.c | 12 | ||||
| -rw-r--r-- | source4/auth/ntlmssp/ntlmssp_server.c | 24 |
4 files changed, 27 insertions, 43 deletions
diff --git a/auth/gensec/gensec.h b/auth/gensec/gensec.h index b03bcd82b1..c52eecb8d0 100644 --- a/auth/gensec/gensec.h +++ b/auth/gensec/gensec.h @@ -336,11 +336,6 @@ bool gensec_setting_bool(struct gensec_settings *settings, const char *mechanism NTSTATUS gensec_set_target_principal(struct gensec_security *gensec_security, const char *principal); const char *gensec_get_target_principal(struct gensec_security *gensec_security); -NTSTATUS gensec_generate_session_info(TALLOC_CTX *mem_ctx, - struct gensec_security *gensec_security, - struct auth_user_info_dc *user_info_dc, - struct auth_session_info **session_info); - NTSTATUS gensec_generate_session_info_pac(TALLOC_CTX *mem_ctx, struct gensec_security *gensec_security, struct smb_krb5_context *smb_krb5_context, diff --git a/auth/gensec/gensec_util.c b/auth/gensec/gensec_util.c index feff3c3ac1..cdd615fb60 100644 --- a/auth/gensec/gensec_util.c +++ b/auth/gensec/gensec_util.c @@ -24,35 +24,6 @@ #include "auth/gensec/gensec.h" #include "auth/common_auth.h" -NTSTATUS gensec_generate_session_info(TALLOC_CTX *mem_ctx, - struct gensec_security *gensec_security, - struct auth_user_info_dc *user_info_dc, - struct auth_session_info **session_info) -{ - NTSTATUS nt_status; - uint32_t session_info_flags = 0; - - if (gensec_security->want_features & GENSEC_FEATURE_UNIX_TOKEN) { - session_info_flags |= AUTH_SESSION_INFO_UNIX_TOKEN; - } - - session_info_flags |= AUTH_SESSION_INFO_DEFAULT_GROUPS; - if (user_info_dc->info->authenticated) { - session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED; - } - - if (gensec_security->auth_context && gensec_security->auth_context->generate_session_info) { - nt_status = gensec_security->auth_context->generate_session_info(mem_ctx, gensec_security->auth_context, - user_info_dc, - session_info_flags, - session_info); - } else { - DEBUG(0, ("Cannot generate a session_info without the auth_context\n")); - return NT_STATUS_INTERNAL_ERROR; - } - return nt_status; -} - NTSTATUS gensec_generate_session_info_pac(TALLOC_CTX *mem_ctx, struct gensec_security *gensec_security, struct smb_krb5_context *smb_krb5_context, diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c index a654fab096..6dd82e4ae8 100644 --- a/source4/auth/ntlm/auth.c +++ b/source4/auth/ntlm/auth.c @@ -469,10 +469,16 @@ static NTSTATUS auth_generate_session_info_wrapper(TALLOC_CTX *mem_ctx, uint32_t session_info_flags, struct auth_session_info **session_info) { + NTSTATUS status; struct auth_user_info_dc *user_info_dc = talloc_get_type_abort(server_returned_info, struct auth_user_info_dc); - NTSTATUS status = auth_generate_session_info(mem_ctx, auth_context->lp_ctx, - auth_context->sam_ctx, user_info_dc, - session_info_flags, session_info); + + if (user_info_dc->info->authenticated) { + session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED; + } + + status = auth_generate_session_info(mem_ctx, auth_context->lp_ctx, + auth_context->sam_ctx, user_info_dc, + session_info_flags, session_info); if (!NT_STATUS_IS_OK(status)) { return status; } diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 3d66a0b689..f463859721 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -219,12 +219,24 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security, struct gensec_ntlmssp_context *gensec_ntlmssp = talloc_get_type_abort(gensec_security->private_data, struct gensec_ntlmssp_context); - struct auth_user_info_dc *user_info_dc = talloc_get_type_abort(gensec_ntlmssp->server_returned_info, - struct auth_user_info_dc); - nt_status = gensec_generate_session_info(mem_ctx, - gensec_security, - user_info_dc, - session_info); + uint32_t session_info_flags = 0; + + if (gensec_security->want_features & GENSEC_FEATURE_UNIX_TOKEN) { + session_info_flags |= AUTH_SESSION_INFO_UNIX_TOKEN; + } + + session_info_flags |= AUTH_SESSION_INFO_DEFAULT_GROUPS; + + if (gensec_security->auth_context && gensec_security->auth_context->generate_session_info) { + nt_status = gensec_security->auth_context->generate_session_info(mem_ctx, gensec_security->auth_context, + gensec_ntlmssp->server_returned_info, + session_info_flags, + session_info); + } else { + DEBUG(0, ("Cannot generate a session_info without the auth_context\n")); + return NT_STATUS_INTERNAL_ERROR; + } + NT_STATUS_NOT_OK_RETURN(nt_status); return gensec_ntlmssp_session_key(gensec_security, *session_info, |