summaryrefslogtreecommitdiff
path: root/source3/libads/authdata.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libads/authdata.c')
-rw-r--r--source3/libads/authdata.c122
1 files changed, 6 insertions, 116 deletions
diff --git a/source3/libads/authdata.c b/source3/libads/authdata.c
index ee2dbde02c..e34220fc2c 100644
--- a/source3/libads/authdata.c
+++ b/source3/libads/authdata.c
@@ -325,25 +325,9 @@ static krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx,
}
/****************************************************************
-****************************************************************/
-
-struct PAC_LOGON_INFO *get_logon_info_from_pac(struct PAC_DATA *pac_data)
-{
- int i;
-
- for (i=0; i < pac_data->num_buffers; i++) {
-
- if (pac_data->buffers[i].type != PAC_TYPE_LOGON_INFO) {
- continue;
- }
-
- return pac_data->buffers[i].info->logon_info.info;
- }
-
- return NULL;
-}
-
-/****************************************************************
+Given a username, password and other details, return the
+PAC_LOGON_INFO (the structure containing the important user
+information such as groups).
****************************************************************/
NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx,
@@ -357,12 +341,11 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx,
bool add_netbios_addr,
time_t renewable_time,
const char *impersonate_princ_s,
- struct PAC_DATA **pac_ret)
+ struct PAC_LOGON_INFO **logon_info)
{
krb5_error_code ret;
NTSTATUS status = NT_STATUS_INVALID_PARAMETER;
DATA_BLOB tkt, ap_rep, sesskey1, sesskey2;
- struct PAC_DATA *pac_data = NULL;
char *client_princ_out = NULL;
const char *auth_princ = NULL;
const char *local_service = NULL;
@@ -453,7 +436,7 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx,
time_offset,
&tkt,
&client_princ_out,
- &pac_data,
+ logon_info,
&ap_rep,
&sesskey2,
False);
@@ -463,14 +446,12 @@ NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx,
goto out;
}
- if (!pac_data) {
+ if (!*logon_info) {
DEBUG(1,("no PAC\n"));
status = NT_STATUS_INVALID_PARAMETER;
goto out;
}
- *pac_ret = pac_data;
-
out:
if (cc != cache_name) {
ads_kdestroy(cc);
@@ -486,95 +467,4 @@ out:
return status;
}
-/****************************************************************
-****************************************************************/
-
-static NTSTATUS kerberos_return_pac_logon_info(TALLOC_CTX *mem_ctx,
- const char *name,
- const char *pass,
- time_t time_offset,
- time_t *expire_time,
- time_t *renew_till_time,
- const char *cache_name,
- bool request_pac,
- bool add_netbios_addr,
- time_t renewable_time,
- const char *impersonate_princ_s,
- struct PAC_LOGON_INFO **logon_info)
-{
- NTSTATUS status;
- struct PAC_DATA *pac_data = NULL;
- struct PAC_LOGON_INFO *info = NULL;
-
- status = kerberos_return_pac(mem_ctx,
- name,
- pass,
- time_offset,
- expire_time,
- renew_till_time,
- cache_name,
- request_pac,
- add_netbios_addr,
- renewable_time,
- impersonate_princ_s,
- &pac_data);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- if (!pac_data) {
- DEBUG(3,("no pac\n"));
- return NT_STATUS_INVALID_USER_BUFFER;
- }
-
- info = get_logon_info_from_pac(pac_data);
- if (!info) {
- DEBUG(1,("no logon_info\n"));
- return NT_STATUS_INVALID_USER_BUFFER;
- }
-
- *logon_info = info;
-
- return NT_STATUS_OK;
-}
-
-/****************************************************************
-****************************************************************/
-
-NTSTATUS kerberos_return_info3_from_pac(TALLOC_CTX *mem_ctx,
- const char *name,
- const char *pass,
- time_t time_offset,
- time_t *expire_time,
- time_t *renew_till_time,
- const char *cache_name,
- bool request_pac,
- bool add_netbios_addr,
- time_t renewable_time,
- const char *impersonate_princ_s,
- struct netr_SamInfo3 **info3)
-{
- NTSTATUS status;
- struct PAC_LOGON_INFO *logon_info = NULL;
-
- status = kerberos_return_pac_logon_info(mem_ctx,
- name,
- pass,
- time_offset,
- expire_time,
- renew_till_time,
- cache_name,
- request_pac,
- add_netbios_addr,
- renewable_time,
- impersonate_princ_s,
- &logon_info);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- *info3 = &logon_info->info3;
-
- return NT_STATUS_OK;
-}
#endif