summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/winbind/wb_pam_auth.c32
-rw-r--r--source4/winbind/wb_samba3_cmd.c41
2 files changed, 65 insertions, 8 deletions
diff --git a/source4/winbind/wb_pam_auth.c b/source4/winbind/wb_pam_auth.c
index b2579fd6df..0a9c37911b 100644
--- a/source4/winbind/wb_pam_auth.c
+++ b/source4/winbind/wb_pam_auth.c
@@ -260,11 +260,31 @@ struct composite_context *wb_cmd_pam_auth_send(TALLOC_CTX *mem_ctx,
chal, nt_resp, lm_resp);
}
-NTSTATUS wb_cmd_pam_auth_recv(struct composite_context *c)
+NTSTATUS wb_cmd_pam_auth_recv(struct composite_context *c,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *info3,
+ struct netr_UserSessionKey *user_session_key,
+ struct netr_LMSessionKey *lm_key,
+ char **unix_username)
{
- struct pam_auth_crap_state *state =
- talloc_get_type(c->private_data, struct pam_auth_crap_state);
- NTSTATUS status = composite_wait(c);
- talloc_free(state);
- return status;
+ struct pam_auth_crap_state *state =
+ talloc_get_type(c->private_data, struct pam_auth_crap_state);
+ NTSTATUS status = composite_wait(c);
+ if (NT_STATUS_IS_OK(status)) {
+ if (info3) {
+ info3->length = state->info3.length;
+ info3->data = talloc_steal(mem_ctx, state->info3.data);
+ }
+ if (user_session_key) {
+ *user_session_key = state->user_session_key;
+ }
+ if (lm_key) {
+ *lm_key = state->lm_key;
+ }
+ if (unix_username) {
+ *unix_username = talloc_steal(mem_ctx, state->unix_username);
+ }
+ }
+ talloc_free(state);
+ return status;
}
diff --git a/source4/winbind/wb_samba3_cmd.c b/source4/winbind/wb_samba3_cmd.c
index 280c47a274..c5fba92f14 100644
--- a/source4/winbind/wb_samba3_cmd.c
+++ b/source4/winbind/wb_samba3_cmd.c
@@ -299,7 +299,7 @@ static void check_machacc_recv(struct composite_context *ctx)
struct wbsrv_samba3_call);
NTSTATUS status;
- status = wb_cmd_pam_auth_recv(ctx);
+ status = wb_cmd_pam_auth_recv(ctx, s3call, NULL, NULL, NULL, NULL);
if (!NT_STATUS_IS_OK(status)) goto done;
@@ -734,11 +734,48 @@ static void pam_auth_recv(struct composite_context *ctx)
talloc_get_type(ctx->async.private_data,
struct wbsrv_samba3_call);
NTSTATUS status;
+ DATA_BLOB info3;
+ struct netr_UserSessionKey user_session_key;
+ struct netr_LMSessionKey lm_key;
+ char *unix_username;
- status = wb_cmd_pam_auth_recv(ctx);
+ status = wb_cmd_pam_auth_recv(ctx, s3call, &info3,
+ &user_session_key, &lm_key, &unix_username);
if (!NT_STATUS_IS_OK(status)) goto done;
+ if (s3call->request.flags & WBFLAG_PAM_USER_SESSION_KEY) {
+ memcpy(s3call->response.data.auth.user_session_key,
+ &user_session_key.key,
+ sizeof(s3call->response.data.auth.user_session_key));
+ }
+
+ if (s3call->request.flags & WBFLAG_PAM_INFO3_TEXT) {
+ status = wb_samba3_append_info3_as_txt(ctx, s3call, info3);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10,("Failed to append INFO3 (TXT): %s\n",
+ nt_errstr(status)));
+ goto done;
+ }
+ }
+
+ if (s3call->request.flags & WBFLAG_PAM_INFO3_NDR) {
+ s3call->response.extra_data.data = info3.data;
+ s3call->response.length += info3.length;
+ }
+
+ if (s3call->request.flags & WBFLAG_PAM_LMKEY) {
+ memcpy(s3call->response.data.auth.first_8_lm_hash,
+ lm_key.key,
+ sizeof(s3call->response.data.auth.first_8_lm_hash));
+ }
+
+ if (s3call->request.flags & WBFLAG_PAM_UNIX_NAME) {
+ s3call->response.extra_data.data = unix_username;
+ s3call->response.length += strlen(unix_username)+1;
+ }
+
+
done:
wbsrv_samba3_async_auth_epilogue(status, s3call);
}