diff options
Diffstat (limited to 'source4/auth')
| -rw-r--r-- | source4/auth/auth.c | 33 | ||||
| -rw-r--r-- | source4/auth/auth_simple.c | 2 | ||||
| -rw-r--r-- | source4/auth/ntlmssp/ntlmssp_server.c | 2 |
3 files changed, 31 insertions, 6 deletions
diff --git a/source4/auth/auth.c b/source4/auth/auth.c index 9100891d52..8a933c7dd0 100644 --- a/source4/auth/auth.c +++ b/source4/auth/auth.c @@ -348,11 +348,12 @@ NTSTATUS auth_check_password_recv(struct auth_check_password_request *req, /*************************************************************************** Make a auth_info struct for the auth subsystem + - Allow the caller to specify the methods to use ***************************************************************************/ -NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **methods, - struct event_context *ev, - struct messaging_context *msg, - struct auth_context **auth_ctx) +NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods, + struct event_context *ev, + struct messaging_context *msg, + struct auth_context **auth_ctx) { int i; struct auth_context *ctx; @@ -406,6 +407,30 @@ NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, const char **methods, return NT_STATUS_OK; } +/*************************************************************************** + Make a auth_info struct for the auth subsystem + - Uses default auth_methods, depending on server role and smb.conf settings +***************************************************************************/ +NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, + struct event_context *ev, + struct messaging_context *msg, + struct auth_context **auth_ctx) +{ + const char **auth_methods = NULL; + switch (lp_server_role()) { + case ROLE_STANDALONE: + auth_methods = lp_parm_string_list(-1, "auth methods", "standalone", NULL); + break; + case ROLE_DOMAIN_MEMBER: + auth_methods = lp_parm_string_list(-1, "auth methods", "member server", NULL); + break; + case ROLE_DOMAIN_CONTROLLER: + auth_methods = lp_parm_string_list(-1, "auth methods", "domain controller", NULL); + break; + } + return auth_context_create_methods(mem_ctx, auth_methods, ev, msg, auth_ctx); +} + /* the list of currently registered AUTH backends */ static struct auth_backend { diff --git a/source4/auth/auth_simple.c b/source4/auth/auth_simple.c index 59e1280ee5..5e1bcc2b8c 100644 --- a/source4/auth/auth_simple.c +++ b/source4/auth/auth_simple.c @@ -48,7 +48,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - nt_status = auth_context_create(tmp_ctx, lp_auth_methods(), + nt_status = auth_context_create(tmp_ctx, ev, msg, &auth_context); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c index 93103b9cbd..4bb37abefc 100644 --- a/source4/auth/ntlmssp/ntlmssp_server.c +++ b/source4/auth/ntlmssp/ntlmssp_server.c @@ -835,7 +835,7 @@ NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_security) gensec_ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL; } - nt_status = auth_context_create(gensec_ntlmssp_state, lp_auth_methods(), + nt_status = auth_context_create(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->msg_ctx, &gensec_ntlmssp_state->auth_context); |