summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--auth/common_auth.h63
-rw-r--r--source4/auth/auth.h43
-rw-r--r--source4/auth/ntlm/auth_simple.c2
-rw-r--r--source4/auth/ntlm/auth_util.c6
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c2
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c6
-rw-r--r--source4/smb_server/smb/sesssetup.c4
7 files changed, 72 insertions, 54 deletions
diff --git a/auth/common_auth.h b/auth/common_auth.h
new file mode 100644
index 0000000000..5bade6915f
--- /dev/null
+++ b/auth/common_auth.h
@@ -0,0 +1,63 @@
+/*
+ Unix SMB/CIFS implementation.
+ Standardised Authentication types
+ Copyright (C) Andrew Bartlett 2001-2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "librpc/gen_ndr/krb5pac.h"
+
+#define USER_INFO_CASE_INSENSITIVE_USERNAME 0x01 /* username may be in any case */
+#define USER_INFO_CASE_INSENSITIVE_PASSWORD 0x02 /* password may be in any case */
+#define USER_INFO_DONT_CHECK_UNIX_ACCOUNT 0x04 /* don't check unix account status */
+#define USER_INFO_INTERACTIVE_LOGON 0x08 /* don't check unix account status */
+
+enum auth_password_state {
+ AUTH_PASSWORD_RESPONSE,
+ AUTH_PASSWORD_HASH,
+ AUTH_PASSWORD_PLAIN
+};
+
+struct auth_usersupplied_info
+{
+ const char *workstation_name;
+ const struct tsocket_address *remote_host;
+
+ uint32_t logon_parameters;
+
+ bool mapped_state;
+ bool was_mapped;
+ /* the values the client gives us */
+ struct {
+ const char *account_name;
+ const char *domain_name;
+ } client, mapped;
+
+ enum auth_password_state password_state;
+
+ struct {
+ struct {
+ DATA_BLOB lanman;
+ DATA_BLOB nt;
+ } response;
+ struct {
+ struct samr_Password *lanman;
+ struct samr_Password *nt;
+ } hash;
+
+ char *plaintext;
+ } password;
+ uint32_t flags;
+};
diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index 9ce338c8ae..ce583c871c 100644
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -22,6 +22,7 @@
#define _SAMBA_AUTH_H
#include "librpc/gen_ndr/ndr_krb5pac.h"
+#include "../auth/common_auth.h"
extern const char *krbtgt_attrs[];
extern const char *server_attrs[];
@@ -43,52 +44,10 @@ struct loadparm_context;
/* version 0 - till samba4 is stable - metze */
#define AUTH_INTERFACE_VERSION 0
-#define USER_INFO_CASE_INSENSITIVE_USERNAME 0x01 /* username may be in any case */
-#define USER_INFO_CASE_INSENSITIVE_PASSWORD 0x02 /* password may be in any case */
-#define USER_INFO_DONT_CHECK_UNIX_ACCOUNT 0x04 /* don't check unix account status */
-#define USER_INFO_INTERACTIVE_LOGON 0x08 /* don't check unix account status */
-
#define AUTH_SESSION_INFO_DEFAULT_GROUPS 0x01 /* Add the user to the default world and network groups */
#define AUTH_SESSION_INFO_AUTHENTICATED 0x02 /* Add the user to the 'authenticated users' group */
#define AUTH_SESSION_INFO_ENTERPRISE_DC 0x04 /* Add the user to the 'enterprise DC' group */
-enum auth_password_state {
- AUTH_PASSWORD_RESPONSE,
- AUTH_PASSWORD_HASH,
- AUTH_PASSWORD_PLAIN
-};
-
-struct auth_usersupplied_info
-{
- const char *workstation_name;
- const struct tsocket_address *remote_host;
-
- uint32_t logon_parameters;
-
- bool mapped_state;
- /* the values the client gives us */
- struct {
- const char *account_name;
- const char *domain_name;
- } client, mapped;
-
- enum auth_password_state password_state;
-
- union {
- struct {
- DATA_BLOB lanman;
- DATA_BLOB nt;
- } response;
- struct {
- struct samr_Password *lanman;
- struct samr_Password *nt;
- } hash;
-
- char *plaintext;
- } password;
- uint32_t flags;
-};
-
struct auth_serversupplied_info
{
struct dom_sid *account_sid;
diff --git a/source4/auth/ntlm/auth_simple.c b/source4/auth/ntlm/auth_simple.c
index 9c8f7f64ac..65a08cd92b 100644
--- a/source4/auth/ntlm/auth_simple.c
+++ b/source4/auth/ntlm/auth_simple.c
@@ -56,7 +56,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
return nt_status;
}
- user_info = talloc(tmp_ctx, struct auth_usersupplied_info);
+ user_info = talloc_zero(tmp_ctx, struct auth_usersupplied_info);
if (!user_info) {
talloc_free(tmp_ctx);
return NT_STATUS_NO_MEMORY;
diff --git a/source4/auth/ntlm/auth_util.c b/source4/auth/ntlm/auth_util.c
index 7da68a248b..605cd980c6 100644
--- a/source4/auth/ntlm/auth_util.c
+++ b/source4/auth/ntlm/auth_util.c
@@ -74,7 +74,7 @@ NTSTATUS map_user_info(TALLOC_CTX *mem_ctx,
domain = default_domain;
}
- *user_info_mapped = talloc(mem_ctx, struct auth_usersupplied_info);
+ *user_info_mapped = talloc_zero(mem_ctx, struct auth_usersupplied_info);
if (!*user_info_mapped) {
return NT_STATUS_NO_MEMORY;
}
@@ -124,7 +124,7 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex
{
uint8_t chal[8];
DATA_BLOB chall_blob;
- user_info_temp = talloc(mem_ctx, struct auth_usersupplied_info);
+ user_info_temp = talloc_zero(mem_ctx, struct auth_usersupplied_info);
if (!user_info_temp) {
return NT_STATUS_NO_MEMORY;
}
@@ -190,7 +190,7 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex
struct samr_Password lanman;
struct samr_Password nt;
- user_info_temp = talloc(mem_ctx, struct auth_usersupplied_info);
+ user_info_temp = talloc_zero(mem_ctx, struct auth_usersupplied_info);
if (!user_info_temp) {
return NT_STATUS_NO_MEMORY;
}
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 352f8754d6..6e3cf8a8ff 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -158,7 +158,7 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
NTSTATUS nt_status;
struct auth_usersupplied_info *user_info;
- user_info = talloc(ntlmssp_state, struct auth_usersupplied_info);
+ user_info = talloc_zero(ntlmssp_state, struct auth_usersupplied_info);
if (!user_info) {
return NT_STATUS_NO_MEMORY;
}
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 226a0640bb..9d8195aaad 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -491,13 +491,9 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
struct netr_SamInfo3 *sam3;
struct netr_SamInfo6 *sam6;
- user_info = talloc(mem_ctx, struct auth_usersupplied_info);
+ user_info = talloc_zero(mem_ctx, struct auth_usersupplied_info);
NT_STATUS_HAVE_NO_MEMORY(user_info);
- user_info->flags = 0;
- user_info->mapped_state = false;
- user_info->remote_host = NULL;
-
switch (r->in.logon_level) {
case NetlogonInteractiveInformation:
case NetlogonServiceInformation:
diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c
index 7372347e9a..419a8cbf79 100644
--- a/source4/smb_server/smb/sesssetup.c
+++ b/source4/smb_server/smb/sesssetup.c
@@ -144,7 +144,7 @@ static void sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *sess)
if (!remote_machine) goto nomem;
}
- user_info = talloc(req, struct auth_usersupplied_info);
+ user_info = talloc_zero(req, struct auth_usersupplied_info);
if (!user_info) goto nomem;
user_info->mapped_state = false;
@@ -319,7 +319,7 @@ static void sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess)
if (!remote_machine) goto nomem;
}
- user_info = talloc(req, struct auth_usersupplied_info);
+ user_info = talloc_zero(req, struct auth_usersupplied_info);
if (!user_info) goto nomem;
user_info->mapped_state = false;