summaryrefslogtreecommitdiff
path: root/librpc
diff options
context:
space:
mode:
Diffstat (limited to 'librpc')
-rw-r--r--librpc/idl/auth.idl15
-rw-r--r--librpc/idl/security.idl8
2 files changed, 23 insertions, 0 deletions
diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl
index 6b2cb56eea..7b4556a6d7 100644
--- a/librpc/idl/auth.idl
+++ b/librpc/idl/auth.idl
@@ -51,6 +51,19 @@ interface auth
PAC_SIGNATURE_DATA *pac_kdc_sig;
} auth_user_info_torture;
+ typedef [public] struct {
+ utf8string unix_name;
+
+ /*
+ * For performance reasons we keep an alpha_strcpy-sanitized version
+ * of the username around as long as the global variable current_user
+ * still exists. If we did not do keep this, we'd have to call
+ * alpha_strcpy whenever we do a become_user(), potentially on every
+ * smb request. See set_current_user_info in source3.
+ */
+ utf8string sanitized_username;
+ } auth_user_info_unix;
+
/* This is the interim product of the auth subsystem, before
* privileges and local groups are handled */
typedef [public] struct {
@@ -63,7 +76,9 @@ interface auth
typedef [public] struct {
security_token *security_token;
+ security_unix_token *unix_token;
auth_user_info *info;
+ auth_user_info_unix *unix_info;
DATA_BLOB session_key;
DATA_BLOB exported_gssapi_credentials;
} auth_session_info_transport;
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 266af49caa..2f633ab0ef 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -577,6 +577,14 @@ interface security
lsa_SystemAccessModeFlags rights_mask;
} security_token;
+ /* This is not yet sent over the network, but is simply defined in IDL */
+ typedef [public] struct {
+ uid_t uid;
+ uid_t gid;
+ uint32 ngroups;
+ [size_is(ngroups)] gid_t groups[*];
+ } security_unix_token;
+
/* bits that determine which parts of a security descriptor
are being queried/set */
typedef [public,bitmap32bit] bitmap {