summaryrefslogtreecommitdiff
path: root/source4/auth/ntlm
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth/ntlm')
-rw-r--r--source4/auth/ntlm/auth.c50
-rw-r--r--source4/auth/ntlm/auth_anonymous.c4
-rw-r--r--source4/auth/ntlm/auth_developer.c82
-rw-r--r--source4/auth/ntlm/auth_sam.c20
-rw-r--r--source4/auth/ntlm/auth_server.c70
-rw-r--r--source4/auth/ntlm/auth_simple.c8
-rw-r--r--source4/auth/ntlm/auth_unix.c99
-rw-r--r--source4/auth/ntlm/auth_winbind.c12
8 files changed, 180 insertions, 165 deletions
diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c
index 1a98fb414f..1558cfdebe 100644
--- a/source4/auth/ntlm/auth.c
+++ b/source4/auth/ntlm/auth.c
@@ -103,21 +103,21 @@ PAC isn't available, and for tokenGroups in the DSDB stack.
Supply either a principal or a DN
****************************************************************************/
-_PUBLIC_ NTSTATUS auth_get_server_info_principal(TALLOC_CTX *mem_ctx,
+_PUBLIC_ NTSTATUS auth_get_user_info_dc_principal(TALLOC_CTX *mem_ctx,
struct auth_context *auth_ctx,
const char *principal,
struct ldb_dn *user_dn,
- struct auth_serversupplied_info **server_info)
+ struct auth_user_info_dc **user_info_dc)
{
NTSTATUS nt_status;
struct auth_method_context *method;
for (method = auth_ctx->methods; method; method = method->next) {
- if (!method->ops->get_server_info_principal) {
+ if (!method->ops->get_user_info_dc_principal) {
continue;
}
- nt_status = method->ops->get_server_info_principal(mem_ctx, auth_ctx, principal, user_dn, server_info);
+ nt_status = method->ops->get_user_info_dc_principal(mem_ctx, auth_ctx, principal, user_dn, user_info_dc);
if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NOT_IMPLEMENTED)) {
continue;
}
@@ -133,9 +133,9 @@ _PUBLIC_ NTSTATUS auth_get_server_info_principal(TALLOC_CTX *mem_ctx,
* (sync version)
*
* Check a user's password, as given in the user_info struct and return various
- * interesting details in the server_info struct.
+ * interesting details in the user_info_dc struct.
*
- * The return value takes precedence over the contents of the server_info
+ * The return value takes precedence over the contents of the user_info_dc
* struct. When the return is other than NT_STATUS_OK the contents
* of that structure is undefined.
*
@@ -146,9 +146,9 @@ _PUBLIC_ NTSTATUS auth_get_server_info_principal(TALLOC_CTX *mem_ctx,
*
* @param user_info Contains the user supplied components, including the passwords.
*
- * @param mem_ctx The parent memory context for the server_info structure
+ * @param mem_ctx The parent memory context for the user_info_dc structure
*
- * @param server_info If successful, contains information about the authentication,
+ * @param user_info_dc If successful, contains information about the authentication,
* including a SAM_ACCOUNT struct describing the user.
*
* @return An NTSTATUS with NT_STATUS_OK or an appropriate error.
@@ -158,7 +158,7 @@ _PUBLIC_ NTSTATUS auth_get_server_info_principal(TALLOC_CTX *mem_ctx,
_PUBLIC_ NTSTATUS auth_check_password(struct auth_context *auth_ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **server_info)
+ struct auth_user_info_dc **user_info_dc)
{
struct tevent_req *subreq;
struct tevent_context *ev;
@@ -181,7 +181,7 @@ _PUBLIC_ NTSTATUS auth_check_password(struct auth_context *auth_ctx,
return NT_STATUS_INTERNAL_ERROR;
}
- status = auth_check_password_recv(subreq, mem_ctx, server_info);
+ status = auth_check_password_recv(subreq, mem_ctx, user_info_dc);
TALLOC_FREE(subreq);
return status;
@@ -190,7 +190,7 @@ _PUBLIC_ NTSTATUS auth_check_password(struct auth_context *auth_ctx,
struct auth_check_password_state {
struct auth_context *auth_ctx;
const struct auth_usersupplied_info *user_info;
- struct auth_serversupplied_info *server_info;
+ struct auth_user_info_dc *user_info_dc;
struct auth_method_context *method;
};
@@ -202,9 +202,9 @@ static void auth_check_password_async_trigger(struct tevent_context *ev,
* async send hook
*
* Check a user's password, as given in the user_info struct and return various
- * interesting details in the server_info struct.
+ * interesting details in the user_info_dc struct.
*
- * The return value takes precedence over the contents of the server_info
+ * The return value takes precedence over the contents of the user_info_dc
* struct. When the return is other than NT_STATUS_OK the contents
* of that structure is undefined.
*
@@ -334,7 +334,7 @@ static void auth_check_password_async_trigger(struct tevent_context *ev,
status = method->ops->check_password(method,
state,
state->user_info,
- &state->server_info);
+ &state->user_info_dc);
if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
/* the backend has handled the request */
break;
@@ -358,16 +358,16 @@ static void auth_check_password_async_trigger(struct tevent_context *ev,
* Check a user's Plaintext, LM or NTLM password.
* async receive function
*
- * The return value takes precedence over the contents of the server_info
+ * The return value takes precedence over the contents of the user_info_dc
* struct. When the return is other than NT_STATUS_OK the contents
* of that structure is undefined.
*
*
* @param req The async request state
*
- * @param mem_ctx The parent memory context for the server_info structure
+ * @param mem_ctx The parent memory context for the user_info_dc structure
*
- * @param server_info If successful, contains information about the authentication,
+ * @param user_info_dc If successful, contains information about the authentication,
* including a SAM_ACCOUNT struct describing the user.
*
* @return An NTSTATUS with NT_STATUS_OK or an appropriate error.
@@ -376,7 +376,7 @@ static void auth_check_password_async_trigger(struct tevent_context *ev,
_PUBLIC_ NTSTATUS auth_check_password_recv(struct tevent_req *req,
TALLOC_CTX *mem_ctx,
- struct auth_serversupplied_info **server_info)
+ struct auth_user_info_dc **user_info_dc)
{
struct auth_check_password_state *state =
tevent_req_data(req, struct auth_check_password_state);
@@ -397,10 +397,10 @@ _PUBLIC_ NTSTATUS auth_check_password_recv(struct tevent_req *req,
DEBUG(5,("auth_check_password_recv: "
"%s authentication for user [%s\\%s] succeeded\n",
state->method->ops->name,
- state->server_info->domain_name,
- state->server_info->account_name));
+ state->user_info_dc->info->domain_name,
+ state->user_info_dc->info->account_name));
- *server_info = talloc_move(mem_ctx, &state->server_info);
+ *user_info_dc = talloc_move(mem_ctx, &state->user_info_dc);
tevent_req_received(req);
return NT_STATUS_OK;
@@ -410,12 +410,12 @@ _PUBLIC_ NTSTATUS auth_check_password_recv(struct tevent_req *req,
* know that session_info is generated from the main ldb */
static NTSTATUS auth_generate_session_info_wrapper(TALLOC_CTX *mem_ctx,
struct auth_context *auth_context,
- struct auth_serversupplied_info *server_info,
+ struct auth_user_info_dc *user_info_dc,
uint32_t session_info_flags,
struct auth_session_info **session_info)
{
return auth_generate_session_info(mem_ctx, auth_context->lp_ctx,
- auth_context->sam_ctx, server_info,
+ auth_context->sam_ctx, user_info_dc,
session_info_flags, session_info);
}
@@ -477,7 +477,7 @@ _PUBLIC_ NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **
ctx->get_challenge = auth_get_challenge;
ctx->set_challenge = auth_context_set_challenge;
ctx->challenge_may_be_modified = auth_challenge_may_be_modified;
- ctx->get_server_info_principal = auth_get_server_info_principal;
+ ctx->get_user_info_dc_principal = auth_get_user_info_dc_principal;
ctx->generate_session_info = auth_generate_session_info_wrapper;
*auth_ctx = ctx;
@@ -625,7 +625,7 @@ const struct auth_critical_sizes *auth_interface_version(void)
sizeof(struct auth_method_context),
sizeof(struct auth_context),
sizeof(struct auth_usersupplied_info),
- sizeof(struct auth_serversupplied_info)
+ sizeof(struct auth_user_info_dc)
};
return &critical_sizes;
diff --git a/source4/auth/ntlm/auth_anonymous.c b/source4/auth/ntlm/auth_anonymous.c
index d5f1df2891..7535777b60 100644
--- a/source4/auth/ntlm/auth_anonymous.c
+++ b/source4/auth/ntlm/auth_anonymous.c
@@ -52,9 +52,9 @@ static NTSTATUS anonymous_want_check(struct auth_method_context *ctx,
static NTSTATUS anonymous_check_password(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **_server_info)
+ struct auth_user_info_dc **_user_info_dc)
{
- return auth_anonymous_server_info(mem_ctx, lpcfg_netbios_name(ctx->auth_ctx->lp_ctx), _server_info);
+ return auth_anonymous_user_info_dc(mem_ctx, lpcfg_netbios_name(ctx->auth_ctx->lp_ctx), _user_info_dc);
}
static const struct auth_operations anonymous_auth_ops = {
diff --git a/source4/auth/ntlm/auth_developer.c b/source4/auth/ntlm/auth_developer.c
index 6384d98986..255f97fd23 100644
--- a/source4/auth/ntlm/auth_developer.c
+++ b/source4/auth/ntlm/auth_developer.c
@@ -47,10 +47,11 @@ static NTSTATUS name_to_ntstatus_want_check(struct auth_method_context *ctx,
static NTSTATUS name_to_ntstatus_check_password(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **_server_info)
+ struct auth_user_info_dc **_user_info_dc)
{
NTSTATUS nt_status;
- struct auth_serversupplied_info *server_info;
+ struct auth_user_info_dc *user_info_dc;
+ struct auth_user_info *info;
uint32_t error_num;
const char *user;
@@ -65,62 +66,65 @@ static NTSTATUS name_to_ntstatus_check_password(struct auth_method_context *ctx,
}
NT_STATUS_NOT_OK_RETURN(nt_status);
- server_info = talloc(mem_ctx, struct auth_serversupplied_info);
- NT_STATUS_HAVE_NO_MEMORY(server_info);
+ user_info_dc = talloc(mem_ctx, struct auth_user_info_dc);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc);
/* This returns a pointer to a struct dom_sid, which is the
* same as a 1 element list of struct dom_sid */
- server_info->num_sids = 1;
- server_info->sids = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
- NT_STATUS_HAVE_NO_MEMORY(server_info->sids);
+ user_info_dc->num_sids = 1;
+ user_info_dc->sids = dom_sid_parse_talloc(user_info_dc, SID_NT_ANONYMOUS);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids);
/* annoying, but the Anonymous really does have a session key,
and it is all zeros! */
- server_info->user_session_key = data_blob_talloc(server_info, NULL, 16);
- NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
+ user_info_dc->user_session_key = data_blob_talloc(user_info_dc, NULL, 16);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc->user_session_key.data);
- server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16);
- NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
+ user_info_dc->lm_session_key = data_blob_talloc(user_info_dc, NULL, 16);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc->lm_session_key.data);
- data_blob_clear(&server_info->user_session_key);
- data_blob_clear(&server_info->lm_session_key);
+ data_blob_clear(&user_info_dc->user_session_key);
+ data_blob_clear(&user_info_dc->lm_session_key);
- server_info->account_name = talloc_asprintf(server_info, "NAME TO NTSTATUS %s ANONYMOUS LOGON", user);
- NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
+ user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info);
- server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY");
- NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
+ info->account_name = talloc_asprintf(user_info_dc, "NAME TO NTSTATUS %s ANONYMOUS LOGON", user);
+ NT_STATUS_HAVE_NO_MEMORY(info->account_name);
- server_info->full_name = talloc_asprintf(server_info, "NAME TO NTSTATUS %s Anonymous Logon", user);
- NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
+ info->domain_name = talloc_strdup(user_info_dc, "NT AUTHORITY");
+ NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
- server_info->logon_script = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
+ info->full_name = talloc_asprintf(user_info_dc, "NAME TO NTSTATUS %s Anonymous Logon", user);
+ NT_STATUS_HAVE_NO_MEMORY(info->full_name);
- server_info->profile_path = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
+ info->logon_script = talloc_strdup(user_info_dc, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->logon_script);
- server_info->home_directory = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
+ info->profile_path = talloc_strdup(user_info_dc, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->profile_path);
- server_info->home_drive = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
+ info->home_directory = talloc_strdup(user_info_dc, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->home_directory);
- server_info->last_logon = 0;
- server_info->last_logoff = 0;
- server_info->acct_expiry = 0;
- server_info->last_password_change = 0;
- server_info->allow_password_change = 0;
- server_info->force_password_change = 0;
+ info->home_drive = talloc_strdup(user_info_dc, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->home_drive);
- server_info->logon_count = 0;
- server_info->bad_password_count = 0;
+ info->last_logon = 0;
+ info->last_logoff = 0;
+ info->acct_expiry = 0;
+ info->last_password_change = 0;
+ info->allow_password_change = 0;
+ info->force_password_change = 0;
- server_info->acct_flags = ACB_NORMAL;
+ info->logon_count = 0;
+ info->bad_password_count = 0;
- server_info->authenticated = false;
+ info->acct_flags = ACB_NORMAL;
- *_server_info = server_info;
+ info->authenticated = true;
+
+ *_user_info_dc = user_info_dc;
return nt_status;
}
@@ -166,7 +170,7 @@ static NTSTATUS fixed_challenge_want_check(struct auth_method_context *ctx,
static NTSTATUS fixed_challenge_check_password(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **_server_info)
+ struct auth_user_info_dc **_user_info_dc)
{
/* don't handle any users */
return NT_STATUS_NO_SUCH_USER;
diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c
index d9aec66d52..ef4932e87c 100644
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -237,7 +237,7 @@ static NTSTATUS authsam_authenticate(struct auth_context *auth_context,
static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **server_info)
+ struct auth_user_info_dc **user_info_dc)
{
NTSTATUS nt_status;
const char *account_name = user_info->mapped.account_name;
@@ -280,18 +280,18 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx
return nt_status;
}
- nt_status = authsam_make_server_info(tmp_ctx, ctx->auth_ctx->sam_ctx, lpcfg_netbios_name(ctx->auth_ctx->lp_ctx),
+ nt_status = authsam_make_user_info_dc(tmp_ctx, ctx->auth_ctx->sam_ctx, lpcfg_netbios_name(ctx->auth_ctx->lp_ctx),
lpcfg_sam_name(ctx->auth_ctx->lp_ctx),
domain_dn,
msg,
user_sess_key, lm_sess_key,
- server_info);
+ user_info_dc);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(tmp_ctx);
return nt_status;
}
- talloc_steal(mem_ctx, *server_info);
+ talloc_steal(mem_ctx, *user_info_dc);
talloc_free(tmp_ctx);
return NT_STATUS_OK;
@@ -354,21 +354,21 @@ static NTSTATUS authsam_want_check(struct auth_method_context *ctx,
/* Wrapper for the auth subsystem pointer */
-static NTSTATUS authsam_get_server_info_principal_wrapper(TALLOC_CTX *mem_ctx,
+static NTSTATUS authsam_get_user_info_dc_principal_wrapper(TALLOC_CTX *mem_ctx,
struct auth_context *auth_context,
const char *principal,
struct ldb_dn *user_dn,
- struct auth_serversupplied_info **server_info)
+ struct auth_user_info_dc **user_info_dc)
{
- return authsam_get_server_info_principal(mem_ctx, auth_context->lp_ctx, auth_context->sam_ctx,
- principal, user_dn, server_info);
+ return authsam_get_user_info_dc_principal(mem_ctx, auth_context->lp_ctx, auth_context->sam_ctx,
+ principal, user_dn, user_info_dc);
}
static const struct auth_operations sam_ignoredomain_ops = {
.name = "sam_ignoredomain",
.get_challenge = auth_get_challenge_not_implemented,
.want_check = authsam_ignoredomain_want_check,
.check_password = authsam_check_password_internals,
- .get_server_info_principal = authsam_get_server_info_principal_wrapper
+ .get_user_info_dc_principal = authsam_get_user_info_dc_principal_wrapper
};
static const struct auth_operations sam_ops = {
@@ -376,7 +376,7 @@ static const struct auth_operations sam_ops = {
.get_challenge = auth_get_challenge_not_implemented,
.want_check = authsam_want_check,
.check_password = authsam_check_password_internals,
- .get_server_info_principal = authsam_get_server_info_principal_wrapper
+ .get_user_info_dc_principal = authsam_get_user_info_dc_principal_wrapper
};
_PUBLIC_ NTSTATUS auth_sam_init(void)
diff --git a/source4/auth/ntlm/auth_server.c b/source4/auth/ntlm/auth_server.c
index 8e9e73c43d..106bc6c15b 100644
--- a/source4/auth/ntlm/auth_server.c
+++ b/source4/auth/ntlm/auth_server.c
@@ -111,10 +111,11 @@ static NTSTATUS server_get_challenge(struct auth_method_context *ctx, TALLOC_CTX
static NTSTATUS server_check_password(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **_server_info)
+ struct auth_user_info_dc **_user_info_dc)
{
NTSTATUS nt_status;
- struct auth_serversupplied_info *server_info;
+ struct auth_user_info_dc *user_info_dc;
+ struct auth_user_info *info;
struct cli_credentials *creds;
struct smb_composite_sesssetup session_setup;
@@ -156,56 +157,59 @@ static NTSTATUS server_check_password(struct auth_method_context *ctx,
return nt_status;
}
- server_info = talloc(mem_ctx, struct auth_serversupplied_info);
- NT_STATUS_HAVE_NO_MEMORY(server_info);
+ user_info_dc = talloc(mem_ctx, struct auth_user_info_dc);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc);
- server_info->num_sids = 1;
+ user_info_dc->num_sids = 1;
/* This returns a pointer to a struct dom_sid, which is the
* same as a 1 element list of struct dom_sid */
- server_info->sids = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
- NT_STATUS_HAVE_NO_MEMORY(server_info->sids);
+ user_info_dc->sids = dom_sid_parse_talloc(user_info_dc, SID_NT_ANONYMOUS);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc->sids);
/* annoying, but the Anonymous really does have a session key,
and it is all zeros! */
- server_info->user_session_key = data_blob(NULL, 0);
- server_info->lm_session_key = data_blob(NULL, 0);
+ user_info_dc->user_session_key = data_blob(NULL, 0);
+ user_info_dc->lm_session_key = data_blob(NULL, 0);
- server_info->account_name = talloc_strdup(server_info, user_info->client.account_name);
- NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
+ user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info);
- server_info->domain_name = talloc_strdup(server_info, user_info->client.domain_name);
- NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
+ info->account_name = talloc_strdup(user_info_dc, user_info->client.account_name);
+ NT_STATUS_HAVE_NO_MEMORY(info->account_name);
- server_info->full_name = NULL;
+ info->domain_name = talloc_strdup(user_info_dc, user_info->client.domain_name);
+ NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
- server_info->logon_script = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
+ info->full_name = NULL;
- server_info->profile_path = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
+ info->logon_script = talloc_strdup(user_info_dc, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->logon_script);
- server_info->home_directory = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
+ info->profile_path = talloc_strdup(user_info_dc, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->profile_path);
- server_info->home_drive = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
+ info->home_directory = talloc_strdup(user_info_dc, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->home_directory);
- server_info->last_logon = 0;
- server_info->last_logoff = 0;
- server_info->acct_expiry = 0;
- server_info->last_password_change = 0;
- server_info->allow_password_change = 0;
- server_info->force_password_change = 0;
+ info->home_drive = talloc_strdup(user_info_dc, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->home_drive);
- server_info->logon_count = 0;
- server_info->bad_password_count = 0;
+ info->last_logon = 0;
+ info->last_logoff = 0;
+ info->acct_expiry = 0;
+ info->last_password_change = 0;
+ info->allow_password_change = 0;
+ info->force_password_change = 0;
- server_info->acct_flags = ACB_NORMAL;
+ info->logon_count = 0;
+ info->bad_password_count = 0;
- server_info->authenticated = false;
+ info->acct_flags = ACB_NORMAL;
- *_server_info = server_info;
+ info->authenticated = false;
+
+ *_user_info_dc = user_info_dc;
return nt_status;
}
diff --git a/source4/auth/ntlm/auth_simple.c b/source4/auth/ntlm/auth_simple.c
index 1079fba527..75eabe855b 100644
--- a/source4/auth/ntlm/auth_simple.c
+++ b/source4/auth/ntlm/auth_simple.c
@@ -40,7 +40,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
{
struct auth_context *auth_context;
struct auth_usersupplied_info *user_info;
- struct auth_serversupplied_info *server_info;
+ struct auth_user_info_dc *user_info_dc;
NTSTATUS nt_status;
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
@@ -83,7 +83,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
MSV1_0_CLEARTEXT_PASSWORD_ALLOWED |
MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED;
- nt_status = auth_check_password(auth_context, tmp_ctx, user_info, &server_info);
+ nt_status = auth_check_password(auth_context, tmp_ctx, user_info, &user_info_dc);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(tmp_ctx);
return nt_status;
@@ -91,11 +91,11 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
if (session_info) {
uint32_t flags = AUTH_SESSION_INFO_DEFAULT_GROUPS;
- if (server_info->authenticated) {
+ if (user_info_dc->info->authenticated) {
flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
nt_status = auth_context->generate_session_info(tmp_ctx, auth_context,
- server_info,
+ user_info_dc,
flags,
session_info);
diff --git a/source4/auth/ntlm/auth_unix.c b/source4/auth/ntlm/auth_unix.c
index 08759aba67..8b41983eef 100644
--- a/source4/auth/ntlm/auth_unix.c
+++ b/source4/auth/ntlm/auth_unix.c
@@ -31,68 +31,75 @@
/* TODO: look at how to best fill in parms retrieveing a struct passwd info
* except in case USER_INFO_DONT_CHECK_UNIX_ACCOUNT is set
*/
-static NTSTATUS authunix_make_server_info(TALLOC_CTX *mem_ctx,
+static NTSTATUS authunix_make_user_info_dc(TALLOC_CTX *mem_ctx,
const char *netbios_name,
const struct auth_usersupplied_info *user_info,
struct passwd *pwd,
- struct auth_serversupplied_info **_server_info)
+ struct auth_user_info_dc **_user_info_dc)
{
- struct auth_serversupplied_info *server_info;
+ struct auth_user_info_dc *user_info_dc;
+ struct auth_user_info *info;
NTSTATUS status;
/* This is a real, real hack */
if (pwd->pw_uid == 0) {
- status = auth_system_server_info(mem_ctx, netbios_name, &server_info);
+ status = auth_system_user_info_dc(mem_ctx, netbios_name, &user_info_dc);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- server_info->account_name = talloc_steal(server_info, pwd->pw_name);
- NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
+ user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info);
+
+ info->account_name = talloc_steal(info, pwd->pw_name);
+ NT_STATUS_HAVE_NO_MEMORY(info->account_name);
- server_info->domain_name = talloc_strdup(server_info, "unix");
- NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
+ info->domain_name = talloc_strdup(info, "unix");
+ NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
} else {
- server_info = talloc(mem_ctx, struct auth_serversupplied_info);
- NT_STATUS_HAVE_NO_MEMORY(server_info);
+ user_info_dc = talloc(mem_ctx, struct auth_user_info_dc);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc);
- server_info->authenticated = true;
+ user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info);
+ NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info);
+
+ info->authenticated = true;
- server_info->account_name = talloc_steal(server_info, pwd->pw_name);
- NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
+ info->account_name = talloc_steal(info, pwd->pw_name);
+ NT_STATUS_HAVE_NO_MEMORY(info->account_name);
- server_info->domain_name = talloc_strdup(server_info, "unix");
- NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
+ info->domain_name = talloc_strdup(info, "unix");
+ NT_STATUS_HAVE_NO_MEMORY(info->domain_name);
/* This isn't in any way correct.. */
- server_info->num_sids = 0;
- server_info->sids = NULL;
- }
- server_info->user_session_key = data_blob(NULL,0);
- server_info->lm_session_key = data_blob(NULL,0);
-
- server_info->full_name = talloc_steal(server_info, pwd->pw_gecos);
- NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
- server_info->logon_script = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
- server_info->profile_path = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
- server_info->home_directory = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
- server_info->home_drive = talloc_strdup(server_info, "");
- NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
-
- server_info->last_logon = 0;
- server_info->last_logoff = 0;
- server_info->acct_expiry = 0;
- server_info->last_password_change = 0;
- server_info->allow_password_change = 0;
- server_info->force_password_change = 0;
- server_info->logon_count = 0;
- server_info->bad_password_count = 0;
- server_info->acct_flags = 0;
-
- *_server_info = server_info;
+ user_info_dc->num_sids = 0;
+ user_info_dc->sids = NULL;
+ }
+ user_info_dc->user_session_key = data_blob(NULL,0);
+ user_info_dc->lm_session_key = data_blob(NULL,0);
+
+ info->full_name = talloc_steal(info, pwd->pw_gecos);
+ NT_STATUS_HAVE_NO_MEMORY(info->full_name);
+ info->logon_script = talloc_strdup(info, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->logon_script);
+ info->profile_path = talloc_strdup(info, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->profile_path);
+ info->home_directory = talloc_strdup(info, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->home_directory);
+ info->home_drive = talloc_strdup(info, "");
+ NT_STATUS_HAVE_NO_MEMORY(info->home_drive);
+
+ info->last_logon = 0;
+ info->last_logoff = 0;
+ info->acct_expiry = 0;
+ info->last_password_change = 0;
+ info->allow_password_change = 0;
+ info->force_password_change = 0;
+ info->logon_count = 0;
+ info->bad_password_count = 0;
+ info->acct_flags = 0;
+
+ *_user_info_dc = user_info_dc;
return NT_STATUS_OK;
}
@@ -791,7 +798,7 @@ static NTSTATUS authunix_want_check(struct auth_method_context *ctx,
static NTSTATUS authunix_check_password(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **server_info)
+ struct auth_user_info_dc **user_info_dc)
{
TALLOC_CTX *check_ctx;
NTSTATUS nt_status;
@@ -812,8 +819,8 @@ static NTSTATUS authunix_check_password(struct auth_method_context *ctx,
return nt_status;
}
- nt_status = authunix_make_server_info(mem_ctx, lpcfg_netbios_name(ctx->auth_ctx->lp_ctx),
- user_info, pwd, server_info);
+ nt_status = authunix_make_user_info_dc(mem_ctx, lpcfg_netbios_name(ctx->auth_ctx->lp_ctx),
+ user_info, pwd, user_info_dc);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(check_ctx);
return nt_status;
diff --git a/source4/auth/ntlm/auth_winbind.c b/source4/auth/ntlm/auth_winbind.c
index b6bf516a4f..30a2f01585 100644
--- a/source4/auth/ntlm/auth_winbind.c
+++ b/source4/auth/ntlm/auth_winbind.c
@@ -131,7 +131,7 @@ struct winbind_check_password_state {
static NTSTATUS winbind_check_password(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **server_info)
+ struct auth_user_info_dc **user_info_dc)
{
NTSTATUS status;
struct dcerpc_binding_handle *irpc_handle;
@@ -214,11 +214,11 @@ static NTSTATUS winbind_check_password(struct auth_method_context *ctx,
status = dcerpc_winbind_SamLogon_r(irpc_handle, s, &s->req);
NT_STATUS_NOT_OK_RETURN(status);
- status = make_server_info_netlogon_validation(mem_ctx,
+ status = make_user_info_dc_netlogon_validation(mem_ctx,
user_info->client.account_name,
s->req.in.validation_level,
&s->req.out.validation,
- server_info);
+ user_info_dc);
NT_STATUS_NOT_OK_RETURN(status);
return NT_STATUS_OK;
@@ -231,7 +231,7 @@ static NTSTATUS winbind_check_password(struct auth_method_context *ctx,
static NTSTATUS winbind_check_password_wbclient(struct auth_method_context *ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
- struct auth_serversupplied_info **server_info)
+ struct auth_user_info_dc **user_info_dc)
{
struct wbcAuthUserParams params;
struct wbcAuthUserInfo *info = NULL;
@@ -301,9 +301,9 @@ static NTSTATUS winbind_check_password_wbclient(struct auth_method_context *ctx,
NT_STATUS_NOT_OK_RETURN(nt_status);
validation.sam3 = &info3;
- nt_status = make_server_info_netlogon_validation(mem_ctx,
+ nt_status = make_user_info_dc_netlogon_validation(mem_ctx,
user_info->client.account_name,
- 3, &validation, server_info);
+ 3, &validation, user_info_dc);
return nt_status;
}
generated by cgit (git 2.34.1) at 2025-02-21 14:44:52 +0000