summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/auth.i6
-rw-r--r--source4/auth/auth_sam.c5
-rw-r--r--source4/auth/auth_wrap.c63
-rw-r--r--source4/auth/gensec/gensec_gssapi.c2
-rw-r--r--source4/auth/gensec/gensec_krb5.c2
-rw-r--r--source4/auth/gensec/schannel_state.c2
-rw-r--r--source4/auth/sam.c2
-rw-r--r--source4/auth/system_session.c12
8 files changed, 63 insertions, 31 deletions
diff --git a/source4/auth/auth.i b/source4/auth/auth.i
index 05c9aa3944..491157a88d 100644
--- a/source4/auth/auth.i
+++ b/source4/auth/auth.i
@@ -35,12 +35,12 @@
%import "../lib/talloc/talloc.i"
%typemap(default) struct auth_session_info * {
- $1 = system_session_anon(NULL);
+ $1 = system_session_anon(NULL, global_loadparm);
}
%typemap(freearg) struct auth_session_info * {
talloc_free($1);
}
-struct auth_session_info *system_session(TALLOC_CTX *mem_ctx);
-struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx);
+struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
+struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 812c80f4d0..86acb580b7 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -286,7 +286,7 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx
return NT_STATUS_NO_MEMORY;
}
- sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx));
+ sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
if (sam_ctx == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SYSTEM_SERVICE;
@@ -305,7 +305,8 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx
return nt_status;
}
- nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, msgs[0], domain_ref_msgs[0],
+ nt_status = authsam_make_server_info(tmp_ctx, sam_ctx, lp_netbios_name(ctx->auth_ctx->lp_ctx),
+ msgs[0], domain_ref_msgs[0],
user_sess_key, lm_sess_key,
server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
diff --git a/source4/auth/auth_wrap.c b/source4/auth/auth_wrap.c
index 84afaacf6e..4a6b509fda 100644
--- a/source4/auth/auth_wrap.c
+++ b/source4/auth/auth_wrap.c
@@ -2460,15 +2460,16 @@ SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags)
#define SWIGTYPE_p_auth_session_info swig_types[1]
#define SWIGTYPE_p_char swig_types[2]
#define SWIGTYPE_p_int swig_types[3]
-#define SWIGTYPE_p_long_long swig_types[4]
-#define SWIGTYPE_p_short swig_types[5]
-#define SWIGTYPE_p_signed_char swig_types[6]
-#define SWIGTYPE_p_unsigned_char swig_types[7]
-#define SWIGTYPE_p_unsigned_int swig_types[8]
-#define SWIGTYPE_p_unsigned_long_long swig_types[9]
-#define SWIGTYPE_p_unsigned_short swig_types[10]
-static swig_type_info *swig_types[12];
-static swig_module_info swig_module = {swig_types, 11, 0, 0, 0, 0};
+#define SWIGTYPE_p_loadparm_context swig_types[4]
+#define SWIGTYPE_p_long_long swig_types[5]
+#define SWIGTYPE_p_short swig_types[6]
+#define SWIGTYPE_p_signed_char swig_types[7]
+#define SWIGTYPE_p_unsigned_char swig_types[8]
+#define SWIGTYPE_p_unsigned_int swig_types[9]
+#define SWIGTYPE_p_unsigned_long_long swig_types[10]
+#define SWIGTYPE_p_unsigned_short swig_types[11]
+static swig_type_info *swig_types[13];
+static swig_module_info swig_module = {swig_types, 12, 0, 0, 0, 0};
#define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name)
#define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name)
@@ -2510,16 +2511,28 @@ static swig_module_info swig_module = {swig_types, 11, 0, 0, 0, 0};
#ifdef __cplusplus
extern "C" {
#endif
-SWIGINTERN PyObject *_wrap_system_session(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+SWIGINTERN PyObject *_wrap_system_session(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
PyObject *resultobj = 0;
TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ;
+ struct loadparm_context *arg2 = (struct loadparm_context *) 0 ;
struct auth_session_info *result = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ PyObject * obj0 = 0 ;
+ char * kwnames[] = {
+ (char *) "lp_ctx", NULL
+ };
{
arg1 = NULL;
}
- if (!PyArg_ParseTuple(args,(char *)":system_session")) SWIG_fail;
- result = (struct auth_session_info *)system_session(arg1);
+ if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:system_session",kwnames,&obj0)) SWIG_fail;
+ res2 = SWIG_ConvertPtr(obj0, &argp2,SWIGTYPE_p_loadparm_context, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "system_session" "', argument " "2"" of type '" "struct loadparm_context *""'");
+ }
+ arg2 = (struct loadparm_context *)(argp2);
+ result = (struct auth_session_info *)system_session(arg1,arg2);
resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_auth_session_info, 0 | 0 );
return resultobj;
fail:
@@ -2527,16 +2540,28 @@ fail:
}
-SWIGINTERN PyObject *_wrap_system_session_anon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+SWIGINTERN PyObject *_wrap_system_session_anon(PyObject *SWIGUNUSEDPARM(self), PyObject *args, PyObject *kwargs) {
PyObject *resultobj = 0;
TALLOC_CTX *arg1 = (TALLOC_CTX *) 0 ;
+ struct loadparm_context *arg2 = (struct loadparm_context *) 0 ;
struct auth_session_info *result = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ PyObject * obj0 = 0 ;
+ char * kwnames[] = {
+ (char *) "lp_ctx", NULL
+ };
{
arg1 = NULL;
}
- if (!PyArg_ParseTuple(args,(char *)":system_session_anon")) SWIG_fail;
- result = (struct auth_session_info *)system_session_anon(arg1);
+ if (!PyArg_ParseTupleAndKeywords(args,kwargs,(char *)"O:system_session_anon",kwnames,&obj0)) SWIG_fail;
+ res2 = SWIG_ConvertPtr(obj0, &argp2,SWIGTYPE_p_loadparm_context, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "system_session_anon" "', argument " "2"" of type '" "struct loadparm_context *""'");
+ }
+ arg2 = (struct loadparm_context *)(argp2);
+ result = (struct auth_session_info *)system_session_anon(arg1,arg2);
resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_auth_session_info, 0 | 0 );
return resultobj;
fail:
@@ -2545,8 +2570,8 @@ fail:
static PyMethodDef SwigMethods[] = {
- { (char *)"system_session", _wrap_system_session, METH_VARARGS, NULL},
- { (char *)"system_session_anon", _wrap_system_session_anon, METH_VARARGS, NULL},
+ { (char *)"system_session", (PyCFunction) _wrap_system_session, METH_VARARGS | METH_KEYWORDS, NULL},
+ { (char *)"system_session_anon", (PyCFunction) _wrap_system_session_anon, METH_VARARGS | METH_KEYWORDS, NULL},
{ NULL, NULL, 0, NULL }
};
@@ -2557,6 +2582,7 @@ static swig_type_info _swigt__p_TALLOC_CTX = {"_p_TALLOC_CTX", "TALLOC_CTX *", 0
static swig_type_info _swigt__p_auth_session_info = {"_p_auth_session_info", "struct auth_session_info *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_int = {"_p_int", "intptr_t *|int *|int_least32_t *|int_fast32_t *|int32_t *|int_fast16_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_loadparm_context = {"_p_loadparm_context", "struct loadparm_context *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_long_long = {"_p_long_long", "int_least64_t *|int_fast64_t *|int64_t *|long long *|intmax_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_short = {"_p_short", "short *|int_least16_t *|int16_t *", 0, 0, (void*)0, 0};
static swig_type_info _swigt__p_signed_char = {"_p_signed_char", "signed char *|int_least8_t *|int_fast8_t *|int8_t *", 0, 0, (void*)0, 0};
@@ -2570,6 +2596,7 @@ static swig_type_info *swig_type_initial[] = {
&_swigt__p_auth_session_info,
&_swigt__p_char,
&_swigt__p_int,
+ &_swigt__p_loadparm_context,
&_swigt__p_long_long,
&_swigt__p_short,
&_swigt__p_signed_char,
@@ -2583,6 +2610,7 @@ static swig_cast_info _swigc__p_TALLOC_CTX[] = { {&_swigt__p_TALLOC_CTX, 0, 0,
static swig_cast_info _swigc__p_auth_session_info[] = { {&_swigt__p_auth_session_info, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_char[] = { {&_swigt__p_char, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_int[] = { {&_swigt__p_int, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_loadparm_context[] = { {&_swigt__p_loadparm_context, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_long_long[] = { {&_swigt__p_long_long, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_short[] = { {&_swigt__p_short, 0, 0, 0},{0, 0, 0, 0}};
static swig_cast_info _swigc__p_signed_char[] = { {&_swigt__p_signed_char, 0, 0, 0},{0, 0, 0, 0}};
@@ -2596,6 +2624,7 @@ static swig_cast_info *swig_cast_initial[] = {
_swigc__p_auth_session_info,
_swigc__p_char,
_swigc__p_int,
+ _swigc__p_loadparm_context,
_swigc__p_long_long,
_swigc__p_short,
_swigc__p_signed_char,
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index fd6ca1a336..b3e5352410 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -1322,7 +1322,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
} else if (!lp_parm_bool(global_loadparm, NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
- nt_status = sam_get_server_info_principal(mem_ctx, principal_string,
+ nt_status = sam_get_server_info_principal(mem_ctx, global_loadparm, principal_string,
&server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 391d231f97..eb8c74533b 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -595,7 +595,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
DEBUG(5, ("krb5_ticket_get_authorization_data_type failed to find PAC: %s\n",
smb_get_krb5_error_message(context,
ret, mem_ctx)));
- nt_status = sam_get_server_info_principal(mem_ctx, principal_string,
+ nt_status = sam_get_server_info_principal(mem_ctx, global_loadparm, principal_string,
&server_info);
krb5_free_principal(context, client_principal);
free(principal_string);
diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c
index 66358d7830..0c7c509954 100644
--- a/source4/auth/gensec/schannel_state.c
+++ b/source4/auth/gensec/schannel_state.c
@@ -50,7 +50,7 @@ struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_con
existed = file_exist(path);
ldb = ldb_wrap_connect(mem_ctx, lp_ctx, path,
- system_session(mem_ctx),
+ system_session(mem_ctx, lp_ctx),
NULL, LDB_FLG_NOSYNC, NULL);
talloc_free(path);
if (!ldb) {
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index 47d0910650..fdd7de7c71 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -442,7 +442,7 @@ NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- sam_ctx = samdb_connect(tmp_ctx, lp_ctx, system_session(tmp_ctx));
+ sam_ctx = samdb_connect(tmp_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx));
if (sam_ctx == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SYSTEM_SERVICE;
diff --git a/source4/auth/system_session.c b/source4/auth/system_session.c
index b50ce1f1bd..7c1e97b74f 100644
--- a/source4/auth/system_session.c
+++ b/source4/auth/system_session.c
@@ -150,11 +150,12 @@ static NTSTATUS generate_session_info(TALLOC_CTX *mem_ctx,
/**
Create a system session, with machine account credentials
*/
-_PUBLIC_ struct auth_session_info *system_session(TALLOC_CTX *mem_ctx)
+_PUBLIC_ struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
{
NTSTATUS nt_status;
struct auth_session_info *session_info = NULL;
nt_status = auth_system_session_info(mem_ctx,
+ lp_ctx,
&session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
return NULL;
@@ -205,11 +206,11 @@ static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx,
/*
Create a system session, but with anonymous credentials (so we do not need to open secrets.ldb)
*/
-_PUBLIC_ struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx)
+_PUBLIC_ struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
{
NTSTATUS nt_status;
struct auth_session_info *session_info = NULL;
- nt_status = _auth_system_session_info(mem_ctx, global_loadparm, false, &session_info);
+ nt_status = _auth_system_session_info(mem_ctx, lp_ctx, false, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
return NULL;
}
@@ -219,11 +220,12 @@ _PUBLIC_ struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx)
_PUBLIC_ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx,
+ struct loadparm_context *lp_ctx,
struct auth_session_info **_session_info)
{
return _auth_system_session_info(parent_ctx,
- global_loadparm,
- lp_parm_bool(global_loadparm, NULL, "system", "anonymous", false),
+ lp_ctx,
+ lp_parm_bool(lp_ctx, NULL, "system", "anonymous", false),
_session_info);
}