diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/auth/auth.c | 8 | ||||
-rw-r--r-- | source3/auth/auth_domain.c | 22 | ||||
-rw-r--r-- | source3/auth/auth_netlogond.c | 2 | ||||
-rw-r--r-- | source3/auth/auth_sam.c | 8 | ||||
-rw-r--r-- | source3/auth/auth_script.c | 6 | ||||
-rw-r--r-- | source3/auth/auth_server.c | 10 | ||||
-rw-r--r-- | source3/auth/auth_wbc.c | 4 | ||||
-rw-r--r-- | source3/auth/auth_winbind.c | 8 | ||||
-rw-r--r-- | source3/auth/user_info.c | 6 | ||||
-rw-r--r-- | source3/include/auth.h | 1 |
10 files changed, 37 insertions, 38 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c index 8d351ae390..a52dab9f01 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -217,7 +217,7 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name)); DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n", - user_info->domain, user_info->mapped.account_name, user_info->workstation_name)); + user_info->mapped.domain_name, user_info->mapped.account_name, user_info->workstation_name)); if (auth_context->challenge.length != 8) { DEBUG(0, ("check_ntlm_password: Invalid challenge stored for this auth context - cannot continue\n")); @@ -241,14 +241,14 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, #endif /* This needs to be sorted: If it doesn't match, what should we do? */ - if (!check_domain_match(user_info->client.account_name, user_info->domain)) + if (!check_domain_match(user_info->client.account_name, user_info->mapped.domain_name)) return NT_STATUS_LOGON_FAILURE; for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) { NTSTATUS result; - mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name, - user_info->domain, user_info->client.account_name); + mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name, + user_info->mapped.domain_name, user_info->client.account_name); result = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info); diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index aea82ed66c..f25fb4a2c7 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -401,7 +401,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, * password file. */ - if(strequal(get_global_sam_name(), user_info->domain)) { + if(strequal(get_global_sam_name(), user_info->mapped.domain_name)) { DEBUG(3,("check_ntdomain_security: Requested domain was for this machine.\n")); return NT_STATUS_NOT_IMPLEMENTED; } @@ -410,7 +410,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, if ( !get_dc_name(domain, NULL, dc_name, &dc_ss) ) { DEBUG(5,("check_ntdomain_security: unable to locate a DC for domain %s\n", - user_info->domain)); + user_info->mapped.domain_name)); return NT_STATUS_NO_LOGON_SERVERS; } @@ -469,9 +469,9 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte * Check that the requested domain is not our own machine name or domain name. */ - if( strequal(get_global_sam_name(), user_info->domain)) { + if( strequal(get_global_sam_name(), user_info->mapped.domain_name)) { DEBUG(3,("check_trustdomain_security: Requested domain [%s] was for this machine.\n", - user_info->domain)); + user_info->mapped.domain_name)); return NT_STATUS_NOT_IMPLEMENTED; } @@ -480,7 +480,7 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte The logic is that if we know nothing about the domain, that user is not known to us and does not exist */ - if ( !is_trusted_domain( user_info->domain ) ) + if ( !is_trusted_domain( user_info->mapped.domain_name ) ) return NT_STATUS_NOT_IMPLEMENTED; /* @@ -488,16 +488,16 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte * No need to become_root() as secrets_init() is done at startup. */ - if (!pdb_get_trusteddom_pw(user_info->domain, &trust_password, + if (!pdb_get_trusteddom_pw(user_info->mapped.domain_name, &trust_password, NULL, NULL)) { DEBUG(0, ("check_trustdomain_security: could not fetch trust " "account password for domain %s\n", - user_info->domain)); + user_info->mapped.domain_name)); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } #ifdef DEBUG_PASSWORD - DEBUG(100, ("Trust password for domain %s is %s\n", user_info->domain, + DEBUG(100, ("Trust password for domain %s is %s\n", user_info->mapped.domain_name, trust_password)); #endif E_md4hash(trust_password, trust_md4_password); @@ -514,15 +514,15 @@ static NTSTATUS check_trustdomain_security(const struct auth_context *auth_conte /* use get_dc_name() for consistency even through we know that it will be a netbios name */ - if ( !get_dc_name(user_info->domain, NULL, dc_name, &dc_ss) ) { + if ( !get_dc_name(user_info->mapped.domain_name, NULL, dc_name, &dc_ss) ) { DEBUG(5,("check_trustdomain_security: unable to locate a DC for domain %s\n", - user_info->domain)); + user_info->mapped.domain_name)); return NT_STATUS_NO_LOGON_SERVERS; } nt_status = domain_client_validate(mem_ctx, user_info, - user_info->domain, + user_info->mapped.domain_name, (uchar *)auth_context->challenge.data, server_info, dc_name, diff --git a/source3/auth/auth_netlogond.c b/source3/auth/auth_netlogond.c index 947fd3a429..6bd7c3d8c3 100644 --- a/source3/auth/auth_netlogond.c +++ b/source3/auth/auth_netlogond.c @@ -282,7 +282,7 @@ static NTSTATUS check_netlogond_security(const struct auth_context *auth_context okay: status = make_server_info_info3(mem_ctx, user_info->client.account_name, - user_info->domain, server_info, + user_info->mapped.domain_name, server_info, info3); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("make_server_info_info3 failed: %s\n", diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index 97ffc28fe7..ffbe5b4804 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -74,8 +74,8 @@ static NTSTATUS auth_samstrict_auth(const struct auth_context *auth_context, DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name)); - is_local_name = is_myname(user_info->domain); - is_my_domain = strequal(user_info->domain, lp_workgroup()); + is_local_name = is_myname(user_info->mapped.domain_name); + is_my_domain = strequal(user_info->mapped.domain_name, lp_workgroup()); /* check whether or not we service this domain/workgroup name */ @@ -84,7 +84,7 @@ static NTSTATUS auth_samstrict_auth(const struct auth_context *auth_context, case ROLE_DOMAIN_MEMBER: if ( !is_local_name ) { DEBUG(6,("check_samstrict_security: %s is not one of my local names (%s)\n", - user_info->domain, (lp_server_role() == ROLE_DOMAIN_MEMBER + user_info->mapped.domain_name, (lp_server_role() == ROLE_DOMAIN_MEMBER ? "ROLE_DOMAIN_MEMBER" : "ROLE_STANDALONE") )); return NT_STATUS_NOT_IMPLEMENTED; } @@ -92,7 +92,7 @@ static NTSTATUS auth_samstrict_auth(const struct auth_context *auth_context, case ROLE_DOMAIN_BDC: if ( !is_local_name && !is_my_domain ) { DEBUG(6,("check_samstrict_security: %s is not one of my local names or domain name (DC)\n", - user_info->domain)); + user_info->mapped.domain_name)); return NT_STATUS_NOT_IMPLEMENTED; } default: /* name is ok */ diff --git a/source3/auth/auth_script.c b/source3/auth/auth_script.c index 6d30058fe6..2b83f80d98 100644 --- a/source3/auth/auth_script.c +++ b/source3/auth/auth_script.c @@ -62,7 +62,7 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co return NT_STATUS_INVALID_PARAMETER; } - secret_str_len = strlen(user_info->domain) + 1 + + secret_str_len = strlen(user_info->mapped.domain_name) + 1 + strlen(user_info->client.account_name) + 1 + 16 + 1 + /* 8 bytes of challenge going to 16 */ 48 + 1 + /* 24 bytes of challenge going to 48 */ @@ -73,7 +73,7 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co return NT_STATUS_NO_MEMORY; } - safe_strcpy( secret_str, user_info->domain, secret_str_len - 1); + safe_strcpy( secret_str, user_info->mapped.domain_name, secret_str_len - 1); safe_strcat( secret_str, "\n", secret_str_len - 1); safe_strcat( secret_str, user_info->client.account_name, secret_str_len - 1); safe_strcat( secret_str, "\n", secret_str_len - 1); @@ -109,7 +109,7 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co if (ret) { DEBUG(1,("script_check_user_credentials: failed to authenticate %s\\%s\n", - user_info->domain, user_info->client.account_name )); + user_info->mapped.domain_name, user_info->client.account_name )); /* auth failed. */ return NT_STATUS_NO_SUCH_USER; } diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index f50f37a6ff..c4d02e25f4 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -348,7 +348,7 @@ static NTSTATUS check_smbserver_security(const struct auth_context *auth_context sizeof(badpass), (char *)badpass, sizeof(badpass), - user_info->domain))) { + user_info->mapped.domain_name))) { /* * We connected to the password server so we @@ -396,9 +396,9 @@ use this machine as the password server.\n")); /* Plaintext available */ nt_status = cli_session_setup( cli, user_info->client.account_name, - (char *)user_info->plaintext_password.data, - user_info->plaintext_password.length, - NULL, 0, user_info->domain); + (char *)user_info->plaintext_password.data, + user_info->plaintext_password.length, + NULL, 0, user_info->mapped.domain_name); } else { nt_status = cli_session_setup( @@ -407,7 +407,7 @@ use this machine as the password server.\n")); user_info->lm_resp.length, (char *)user_info->nt_resp.data, user_info->nt_resp.length, - user_info->domain); + user_info->mapped.domain_name); } if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source3/auth/auth_wbc.c b/source3/auth/auth_wbc.c index 4242193af0..05097ee39f 100644 --- a/source3/auth/auth_wbc.c +++ b/source3/auth/auth_wbc.c @@ -64,7 +64,7 @@ static NTSTATUS check_wbc_security(const struct auth_context *auth_context, DEBUG(10, ("Check auth for: [%s]", user_info->mapped.account_name)); params.account_name = user_info->client.account_name; - params.domain_name = user_info->domain; + params.domain_name = user_info->mapped.domain_name; params.workstation_name = user_info->workstation_name; params.flags = 0; @@ -121,7 +121,7 @@ static NTSTATUS check_wbc_security(const struct auth_context *auth_context, nt_status = make_server_info_wbcAuthUserInfo(mem_ctx, user_info->client.account_name, - user_info->domain, + user_info->mapped.domain_name, info, server_info); wbcFreeMemory(info); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index 6d4b889ca9..beaba7d4c0 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -51,16 +51,16 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, return NT_STATUS_INVALID_PARAMETER; } - if (strequal(user_info->domain, get_global_sam_name())) { + if (strequal(user_info->mapped.domain_name, get_global_sam_name())) { DEBUG(3,("check_winbind_security: Not using winbind, requested domain [%s] was for this SAM.\n", - user_info->domain)); + user_info->mapped.domain_name)); return NT_STATUS_NOT_IMPLEMENTED; } /* Send off request */ params.account_name = user_info->client.account_name; - params.domain_name = user_info->domain; + params.domain_name = user_info->mapped.domain_name; params.workstation_name = user_info->workstation_name; params.flags = 0; @@ -115,7 +115,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, nt_status = make_server_info_wbcAuthUserInfo(mem_ctx, user_info->client.account_name, - user_info->domain, + user_info->mapped.domain_name, info, server_info); wbcFreeMemory(info); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source3/auth/user_info.c b/source3/auth/user_info.c index fdf80344cd..ea0073ad0c 100644 --- a/source3/auth/user_info.c +++ b/source3/auth/user_info.c @@ -64,8 +64,8 @@ NTSTATUS make_user_info(struct auth_usersupplied_info **user_info, return NT_STATUS_NO_MEMORY; } - (*user_info)->domain = SMB_STRDUP(domain); - if ((*user_info)->domain == NULL) { + (*user_info)->mapped.domain_name = SMB_STRDUP(domain); + if ((*user_info)->mapped.domain_name == NULL) { free_user_info(user_info); return NT_STATUS_NO_MEMORY; } @@ -119,8 +119,8 @@ void free_user_info(struct auth_usersupplied_info **user_info) } SAFE_FREE((*user_info)->client.account_name); SAFE_FREE((*user_info)->mapped.account_name); - SAFE_FREE((*user_info)->domain); SAFE_FREE((*user_info)->client.domain_name); + SAFE_FREE((*user_info)->mapped.domain_name); SAFE_FREE((*user_info)->workstation_name); data_blob_free(&(*user_info)->lm_resp); data_blob_free(&(*user_info)->nt_resp); diff --git a/source3/include/auth.h b/source3/include/auth.h index 5a494537d1..17257b3433 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -33,7 +33,6 @@ struct auth_usersupplied_info { } client, mapped; bool was_mapped; /* Did the username map actually match? */ - char *domain; /* domain name after mapping */ char *internal_username; /* username after mapping */ const char *workstation_name; /* workstation name (netbios calling * name) unicode string */ |