summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/auth.c17
-rw-r--r--source4/auth/auth.h59
-rw-r--r--source4/auth/auth_anonymous.c1
-rw-r--r--source4/auth/auth_developer.c1
-rw-r--r--source4/auth/auth_sam.c1
-rw-r--r--source4/auth/auth_simple.c1
-rw-r--r--source4/auth/auth_unix.c1
-rw-r--r--source4/auth/auth_util.c2
-rw-r--r--source4/auth/auth_winbind.c2
-rw-r--r--source4/auth/config.mk4
-rw-r--r--source4/auth/credentials/config.mk2
-rw-r--r--source4/auth/credentials/credentials.c70
-rw-r--r--source4/auth/credentials/credentials.h113
-rw-r--r--source4/auth/credentials/credentials_files.c14
-rw-r--r--source4/auth/credentials/credentials_krb5.c27
-rw-r--r--source4/auth/credentials/credentials_ntlm.c4
-rw-r--r--source4/auth/gensec/config.mk2
-rw-r--r--source4/auth/gensec/cyrus_sasl.c1
-rw-r--r--source4/auth/gensec/gensec.c47
-rw-r--r--source4/auth/gensec/gensec.h92
-rw-r--r--source4/auth/gensec/gensec_gssapi.c2
-rw-r--r--source4/auth/gensec/gensec_krb5.c2
-rw-r--r--source4/auth/gensec/schannel.c2
-rw-r--r--source4/auth/gensec/socket.c1
-rw-r--r--source4/auth/gensec/spnego.c1
-rw-r--r--source4/auth/kerberos/kerberos_util.c3
-rw-r--r--source4/auth/ntlmssp/ntlmssp.c2
-rw-r--r--source4/auth/ntlmssp/ntlmssp.h1
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c2
-rw-r--r--source4/auth/ntlmssp/ntlmssp_sign.c4
-rw-r--r--source4/auth/sam.c2
-rw-r--r--source4/auth/session.c11
-rw-r--r--source4/auth/session.h24
33 files changed, 412 insertions, 106 deletions
diff --git a/source4/auth/auth.c b/source4/auth/auth.c
index ed590f2ced..af3796a70d 100644
--- a/source4/auth/auth.c
+++ b/source4/auth/auth.c
@@ -21,6 +21,7 @@
#include "includes.h"
#include "lib/util/dlinklist.h"
#include "auth/auth.h"
+#include "auth/auth_proto.h"
#include "lib/events/events.h"
#include "build.h"
#include "param/param.h"
@@ -28,7 +29,7 @@
/***************************************************************************
Set a fixed challenge
***************************************************************************/
-NTSTATUS auth_context_set_challenge(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by)
+_PUBLIC_ NTSTATUS auth_context_set_challenge(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by)
{
auth_ctx->challenge.set_by = talloc_strdup(auth_ctx, set_by);
NT_STATUS_HAVE_NO_MEMORY(auth_ctx->challenge.set_by);
@@ -146,7 +147,7 @@ static void auth_check_password_sync_callback(struct auth_check_password_request
*
**/
-NTSTATUS auth_check_password(struct auth_context *auth_ctx,
+_PUBLIC_ NTSTATUS auth_check_password(struct auth_context *auth_ctx,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info)
@@ -218,7 +219,7 @@ static void auth_check_password_async_timed_handler(struct event_context *ev, st
*
**/
-void auth_check_password_send(struct auth_context *auth_ctx,
+_PUBLIC_ void auth_check_password_send(struct auth_context *auth_ctx,
const struct auth_usersupplied_info *user_info,
void (*callback)(struct auth_check_password_request *req, void *private_data),
void *private_data)
@@ -320,7 +321,7 @@ failed:
*
**/
-NTSTATUS auth_check_password_recv(struct auth_check_password_request *req,
+_PUBLIC_ NTSTATUS auth_check_password_recv(struct auth_check_password_request *req,
TALLOC_CTX *mem_ctx,
struct auth_serversupplied_info **server_info)
{
@@ -350,7 +351,7 @@ NTSTATUS auth_check_password_recv(struct auth_check_password_request *req,
Make a auth_info struct for the auth subsystem
- Allow the caller to specify the methods to use
***************************************************************************/
-NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods,
+_PUBLIC_ NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods,
struct event_context *ev,
struct messaging_context *msg,
struct loadparm_context *lp_ctx,
@@ -413,7 +414,7 @@ NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods,
Make a auth_info struct for the auth subsystem
- Uses default auth_methods, depending on server role and smb.conf settings
***************************************************************************/
-NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx,
+_PUBLIC_ NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx,
struct event_context *ev,
struct messaging_context *msg,
struct loadparm_context *lp_ctx,
@@ -447,7 +448,7 @@ static int num_backends;
The 'name' can be later used by other backends to find the operations
structure for this backend.
*/
-NTSTATUS auth_register(const struct auth_operations *ops)
+_PUBLIC_ NTSTATUS auth_register(const struct auth_operations *ops)
{
struct auth_operations *new_ops;
@@ -512,7 +513,7 @@ const struct auth_critical_sizes *auth_interface_version(void)
return &critical_sizes;
}
-NTSTATUS auth_init(void)
+_PUBLIC_ NTSTATUS auth_init(void)
{
static bool initialized = false;
diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index ff7132c3ff..da8aac48ef 100644
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -190,6 +190,63 @@ struct auth_critical_sizes {
#include "auth/session.h"
#include "auth/system_session_proto.h"
-#include "auth/auth_proto.h"
+
+struct ldb_message;
+struct ldb_context;
+NTSTATUS auth_get_challenge(struct auth_context *auth_ctx, const uint8_t **_chal);
+NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx,
+ struct ldb_context *sam_ctx,
+ uint32_t logon_parameters,
+ struct ldb_message *msg,
+ struct ldb_message *msg_domain_ref,
+ const char *logon_workstation,
+ const char *name_for_logs);
+struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
+NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx,
+ const char *netbios_name,
+ struct ldb_message *msg,
+ struct ldb_message *msg_domain_ref,
+ DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key,
+ struct auth_serversupplied_info **_server_info);
+NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx,
+ struct loadparm_context *lp_ctx,
+ struct auth_session_info **_session_info) ;
+NTSTATUS auth_nt_status_squash(NTSTATUS nt_status);
+
+NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods,
+ struct event_context *ev,
+ struct messaging_context *msg,
+ struct loadparm_context *lp_ctx,
+ struct auth_context **auth_ctx);
+
+NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx,
+ struct event_context *ev,
+ struct messaging_context *msg,
+ struct loadparm_context *lp_ctx,
+ struct auth_context **auth_ctx);
+
+NTSTATUS auth_check_password(struct auth_context *auth_ctx,
+ TALLOC_CTX *mem_ctx,
+ const struct auth_usersupplied_info *user_info,
+ struct auth_serversupplied_info **server_info);
+NTSTATUS auth_init(void);
+NTSTATUS auth_register(const struct auth_operations *ops);
+NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
+ struct event_context *ev,
+ struct messaging_context *msg,
+ struct loadparm_context *lp_ctx,
+ const char *nt4_domain,
+ const char *nt4_username,
+ const char *password,
+ struct auth_session_info **session_info);
+NTSTATUS auth_check_password_recv(struct auth_check_password_request *req,
+ TALLOC_CTX *mem_ctx,
+ struct auth_serversupplied_info **server_info);
+
+void auth_check_password_send(struct auth_context *auth_ctx,
+ const struct auth_usersupplied_info *user_info,
+ void (*callback)(struct auth_check_password_request *req, void *private_data),
+ void *private_data);
+NTSTATUS auth_context_set_challenge(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by);
#endif /* _SMBAUTH_H_ */
diff --git a/source4/auth/auth_anonymous.c b/source4/auth/auth_anonymous.c
index 38c13d4b65..b93c7c2008 100644
--- a/source4/auth/auth_anonymous.c
+++ b/source4/auth/auth_anonymous.c
@@ -21,6 +21,7 @@
#include "includes.h"
#include "auth/auth.h"
+#include "auth/auth_proto.h"
#include "param/param.h"
/**
diff --git a/source4/auth/auth_developer.c b/source4/auth/auth_developer.c
index 0da947b68d..a2c9cbc828 100644
--- a/source4/auth/auth_developer.c
+++ b/source4/auth/auth_developer.c
@@ -21,6 +21,7 @@
#include "includes.h"
#include "auth/auth.h"
+#include "auth/auth_proto.h"
#include "libcli/security/security.h"
#include "librpc/gen_ndr/ndr_samr.h"
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 4cb8d2b304..4b467cee75 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -25,6 +25,7 @@
#include "lib/ldb/include/ldb.h"
#include "util/util_ldb.h"
#include "auth/auth.h"
+#include "auth/auth_proto.h"
#include "auth/auth_sam.h"
#include "dsdb/samdb/samdb.h"
#include "libcli/security/security.h"
diff --git a/source4/auth/auth_simple.c b/source4/auth/auth_simple.c
index 3c7bf5433a..50be02a353 100644
--- a/source4/auth/auth_simple.c
+++ b/source4/auth/auth_simple.c
@@ -25,6 +25,7 @@
#include "auth/auth.h"
#include "lib/events/events.h"
#include "param/param.h"
+#include "auth/session_proto.h"
/*
It's allowed to pass NULL as session_info,
diff --git a/source4/auth/auth_unix.c b/source4/auth/auth_unix.c
index 20e198701d..a417107025 100644
--- a/source4/auth/auth_unix.c
+++ b/source4/auth/auth_unix.c
@@ -21,6 +21,7 @@
#include "includes.h"
#include "auth/auth.h"
+#include "auth/auth_proto.h"
#include "system/passwd.h" /* needed by some systems for struct passwd */
#include "lib/socket/socket.h"
#include "auth/pam_errors.h"
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c
index 5d2bc6bac0..1d86b858cf 100644
--- a/source4/auth/auth_util.c
+++ b/source4/auth/auth_util.c
@@ -246,7 +246,7 @@ NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_contex
* @param nt_status NTSTATUS input for squashing.
* @return the 'squashed' nt_status
**/
-NTSTATUS auth_nt_status_squash(NTSTATUS nt_status)
+_PUBLIC_ NTSTATUS auth_nt_status_squash(NTSTATUS nt_status)
{
if NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) {
/* Match WinXP and don't give the game away */
diff --git a/source4/auth/auth_winbind.c b/source4/auth/auth_winbind.c
index 2f8074d3cb..149f549afa 100644
--- a/source4/auth/auth_winbind.c
+++ b/source4/auth/auth_winbind.c
@@ -23,6 +23,8 @@
#include "includes.h"
#include "auth/auth.h"
+#include "auth/auth_proto.h"
+#include "auth/session_proto.h"
#include "nsswitch/winbind_client.h"
#include "librpc/gen_ndr/ndr_netlogon.h"
#include "librpc/gen_ndr/ndr_winbind.h"
diff --git a/source4/auth/config.mk b/source4/auth/config.mk
index 369c5bb4e6..63aec09847 100644
--- a/source4/auth/config.mk
+++ b/source4/auth/config.mk
@@ -9,7 +9,7 @@ OBJ_FILES = session.o
PRIVATE_PROTO_HEADER = session_proto.h
PUBLIC_DEPENDENCIES = CREDENTIALS
-PUBLIC_HEADERS += auth/session.h
+# PUBLIC_HEADERS += auth/session.h
[SUBSYSTEM::auth_system_session]
OBJ_FILES = system_session.o
@@ -92,7 +92,7 @@ PRIVATE_DEPENDENCIES = LIBSAMBA-UTIL
# End SUBSYSTEM auth
#######################
-PUBLIC_HEADERS += auth/auth.h
+# PUBLIC_HEADERS += auth/auth.h
[PYTHON::swig_auth]
PUBLIC_DEPENDENCIES = auth_system_session
diff --git a/source4/auth/credentials/config.mk b/source4/auth/credentials/config.mk
index ef8db50109..83f2f0db93 100644
--- a/source4/auth/credentials/config.mk
+++ b/source4/auth/credentials/config.mk
@@ -12,7 +12,7 @@ PUBLIC_DEPENDENCIES = \
PRIVATE_DEPENDENCIES = \
SECRETS
-PUBLIC_HEADERS += $(addprefix auth/credentials/, credentials.h credentials_krb5.h)
+PUBLIC_HEADERS += auth/credentials/credentials.h
[PYTHON::swig_credentials]
PUBLIC_DEPENDENCIES = CREDENTIALS LIBCMDLINE_CREDENTIALS
diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c
index 6d5c1210c9..89dddc9e05 100644
--- a/source4/auth/credentials/credentials.c
+++ b/source4/auth/credentials/credentials.c
@@ -33,7 +33,7 @@
* Create a new credentials structure
* @param mem_ctx TALLOC_CTX parent for credentials structure
*/
-struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
+_PUBLIC_ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
{
struct cli_credentials *cred = talloc(mem_ctx, struct cli_credentials);
if (!cred) {
@@ -77,7 +77,7 @@ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
* Create a new anonymous credential
* @param mem_ctx TALLOC_CTX parent for credentials structure
*/
-struct cli_credentials *cli_credentials_init_anon(TALLOC_CTX *mem_ctx)
+_PUBLIC_ struct cli_credentials *cli_credentials_init_anon(TALLOC_CTX *mem_ctx)
{
struct cli_credentials *anon_credentials;
@@ -87,23 +87,23 @@ struct cli_credentials *cli_credentials_init_anon(TALLOC_CTX *mem_ctx)
return anon_credentials;
}
-void cli_credentials_set_kerberos_state(struct cli_credentials *creds,
+_PUBLIC_ void cli_credentials_set_kerberos_state(struct cli_credentials *creds,
enum credentials_use_kerberos use_kerberos)
{
creds->use_kerberos = use_kerberos;
}
-enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds)
+_PUBLIC_ enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds)
{
return creds->use_kerberos;
}
-void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features)
+_PUBLIC_ void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features)
{
creds->gensec_features = gensec_features;
}
-uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds)
+_PUBLIC_ uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds)
{
return creds->gensec_features;
}
@@ -115,7 +115,7 @@ uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds)
* @retval The username set on this context.
* @note Return value will never be NULL except by programmer error.
*/
-const char *cli_credentials_get_username(struct cli_credentials *cred)
+_PUBLIC_ const char *cli_credentials_get_username(struct cli_credentials *cred)
{
if (cred->machine_account_pending) {
cli_credentials_set_machine_account(cred,
@@ -134,7 +134,7 @@ const char *cli_credentials_get_username(struct cli_credentials *cred)
return cred->username;
}
-bool cli_credentials_set_username(struct cli_credentials *cred,
+_PUBLIC_ bool cli_credentials_set_username(struct cli_credentials *cred,
const char *val, enum credentials_obtained obtained)
{
if (obtained >= cred->username_obtained) {
@@ -159,7 +159,7 @@ bool cli_credentials_set_username_callback(struct cli_credentials *cred,
return false;
}
-bool cli_credentials_set_bind_dn(struct cli_credentials *cred,
+_PUBLIC_ bool cli_credentials_set_bind_dn(struct cli_credentials *cred,
const char *bind_dn)
{
cred->bind_dn = talloc_strdup(cred, bind_dn);
@@ -172,7 +172,7 @@ bool cli_credentials_set_bind_dn(struct cli_credentials *cred,
* @retval The username set on this context.
* @note Return value will be NULL if not specified explictly
*/
-const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
+_PUBLIC_ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
{
return cred->bind_dn;
}
@@ -184,7 +184,7 @@ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
* @retval The username set on this context.
* @note Return value will never be NULL except by programmer error.
*/
-const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx)
+_PUBLIC_ const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx)
{
if (cred->machine_account_pending) {
cli_credentials_set_machine_account(cred,
@@ -246,7 +246,7 @@ bool cli_credentials_set_principal_callback(struct cli_credentials *cred,
* function to determine if authentication has been explicitly
* requested */
-bool cli_credentials_authentication_requested(struct cli_credentials *cred)
+_PUBLIC_ bool cli_credentials_authentication_requested(struct cli_credentials *cred)
{
if (cred->bind_dn) {
return true;
@@ -275,7 +275,7 @@ bool cli_credentials_authentication_requested(struct cli_credentials *cred)
* @param cred credentials context
* @retval If set, the cleartext password, otherwise NULL
*/
-const char *cli_credentials_get_password(struct cli_credentials *cred)
+_PUBLIC_ const char *cli_credentials_get_password(struct cli_credentials *cred)
{
if (cred->machine_account_pending) {
cli_credentials_set_machine_account(cred,
@@ -297,7 +297,7 @@ const char *cli_credentials_get_password(struct cli_credentials *cred)
/* Set a password on the credentials context, including an indication
* of 'how' the password was obtained */
-bool cli_credentials_set_password(struct cli_credentials *cred,
+_PUBLIC_ bool cli_credentials_set_password(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
@@ -313,7 +313,7 @@ bool cli_credentials_set_password(struct cli_credentials *cred,
return false;
}
-bool cli_credentials_set_password_callback(struct cli_credentials *cred,
+_PUBLIC_ bool cli_credentials_set_password_callback(struct cli_credentials *cred,
const char *(*password_cb) (struct cli_credentials *))
{
if (cred->password_obtained < CRED_CALLBACK) {
@@ -358,7 +358,7 @@ bool cli_credentials_set_old_password(struct cli_credentials *cred,
* @param cred credentials context
* @retval If set, the cleartext password, otherwise NULL
*/
-const struct samr_Password *cli_credentials_get_nt_hash(struct cli_credentials *cred,
+_PUBLIC_ const struct samr_Password *cli_credentials_get_nt_hash(struct cli_credentials *cred,
TALLOC_CTX *mem_ctx)
{
const char *password = cli_credentials_get_password(cred);
@@ -377,7 +377,7 @@ const struct samr_Password *cli_credentials_get_nt_hash(struct cli_credentials *
}
}
-bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
+_PUBLIC_ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
const struct samr_Password *nt_hash,
enum credentials_obtained obtained)
{
@@ -401,7 +401,7 @@ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
* @retval The domain set on this context.
* @note Return value will never be NULL except by programmer error.
*/
-const char *cli_credentials_get_domain(struct cli_credentials *cred)
+_PUBLIC_ const char *cli_credentials_get_domain(struct cli_credentials *cred)
{
if (cred->machine_account_pending) {
cli_credentials_set_machine_account(cred,
@@ -421,7 +421,7 @@ const char *cli_credentials_get_domain(struct cli_credentials *cred)
}
-bool cli_credentials_set_domain(struct cli_credentials *cred,
+_PUBLIC_ bool cli_credentials_set_domain(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
@@ -456,7 +456,7 @@ bool cli_credentials_set_domain_callback(struct cli_credentials *cred,
* @retval The realm set on this context.
* @note Return value will never be NULL except by programmer error.
*/
-const char *cli_credentials_get_realm(struct cli_credentials *cred)
+_PUBLIC_ const char *cli_credentials_get_realm(struct cli_credentials *cred)
{
if (cred->machine_account_pending) {
cli_credentials_set_machine_account(cred,
@@ -479,7 +479,7 @@ const char *cli_credentials_get_realm(struct cli_credentials *cred)
* Set the realm for this credentials context, and force it to
* uppercase for the sainity of our local kerberos libraries
*/
-bool cli_credentials_set_realm(struct cli_credentials *cred,
+_PUBLIC_ bool cli_credentials_set_realm(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
@@ -512,7 +512,7 @@ bool cli_credentials_set_realm_callback(struct cli_credentials *cred,
* @retval The workstation name set on this context.
* @note Return value will never be NULL except by programmer error.
*/
-const char *cli_credentials_get_workstation(struct cli_credentials *cred)
+_PUBLIC_ const char *cli_credentials_get_workstation(struct cli_credentials *cred)
{
if (cred->workstation_obtained == CRED_CALLBACK &&
!cred->callback_running) {
@@ -525,7 +525,7 @@ const char *cli_credentials_get_workstation(struct cli_credentials *cred)
return cred->workstation;
}
-bool cli_credentials_set_workstation(struct cli_credentials *cred,
+_PUBLIC_ bool cli_credentials_set_workstation(struct cli_credentials *cred,
const char *val,
enum credentials_obtained obtained)
{
@@ -560,7 +560,7 @@ bool cli_credentials_set_workstation_callback(struct cli_credentials *cred,
* @param obtained This enum describes how 'specified' this password is
*/
-void cli_credentials_parse_string(struct cli_credentials *credentials, const char *data, enum credentials_obtained obtained)
+_PUBLIC_ void cli_credentials_parse_string(struct cli_credentials *credentials, const char *data, enum credentials_obtained obtained)
{
char *uname, *p;
@@ -597,7 +597,7 @@ void cli_credentials_parse_string(struct cli_credentials *credentials, const cha
* @param mem_ctx The memory context to place the result on
*/
-const char *cli_credentials_get_unparsed_name(struct cli_credentials *credentials, TALLOC_CTX *mem_ctx)
+_PUBLIC_ const char *cli_credentials_get_unparsed_name(struct cli_credentials *credentials, TALLOC_CTX *mem_ctx)
{
const char *bind_dn = cli_credentials_get_bind_dn(credentials);
const char *domain;
@@ -625,7 +625,7 @@ const char *cli_credentials_get_unparsed_name(struct cli_credentials *credential
*
* @param cred Credentials structure to fill in
*/
-void cli_credentials_set_conf(struct cli_credentials *cred,
+_PUBLIC_ void cli_credentials_set_conf(struct cli_credentials *cred,
struct loadparm_context *lp_ctx)
{
cli_credentials_set_username(cred, "", CRED_UNINITIALISED);
@@ -640,7 +640,7 @@ void cli_credentials_set_conf(struct cli_credentials *cred,
*
* @param cred Credentials structure to fill in
*/
-void cli_credentials_guess(struct cli_credentials *cred,
+_PUBLIC_ void cli_credentials_guess(struct cli_credentials *cred,
struct loadparm_context *lp_ctx)
{
char *p;
@@ -683,7 +683,7 @@ void cli_credentials_guess(struct cli_credentials *cred,
* Attach NETLOGON credentials for use with SCHANNEL
*/
-void cli_credentials_set_netlogon_creds(struct cli_credentials *cred,
+_PUBLIC_ void cli_credentials_set_netlogon_creds(struct cli_credentials *cred,
struct creds_CredentialState *netlogon_creds)
{
cred->netlogon_creds = talloc_reference(cred, netlogon_creds);
@@ -702,7 +702,7 @@ struct creds_CredentialState *cli_credentials_get_netlogon_creds(struct cli_cred
* Set NETLOGON secure channel type
*/
-void cli_credentials_set_secure_channel_type(struct cli_credentials *cred,
+_PUBLIC_ void cli_credentials_set_secure_channel_type(struct cli_credentials *cred,
enum netr_SchannelType secure_channel_type)
{
cred->secure_channel_type = secure_channel_type;
@@ -712,7 +712,7 @@ void cli_credentials_set_secure_channel_type(struct cli_credentials *cred,
* Return NETLOGON secure chanel type
*/
-enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred)
+_PUBLIC_ enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred)
{
return cred->secure_channel_type;
}
@@ -720,7 +720,7 @@ enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_creden
/**
* Fill in a credentials structure as the anonymous user
*/
-void cli_credentials_set_anonymous(struct cli_credentials *cred)
+_PUBLIC_ void cli_credentials_set_anonymous(struct cli_credentials *cred)
{
cli_credentials_set_username(cred, "", CRED_SPECIFIED);
cli_credentials_set_domain(cred, "", CRED_SPECIFIED);
@@ -734,7 +734,7 @@ void cli_credentials_set_anonymous(struct cli_credentials *cred)
* @retval true if anonymous, false if a username is specified
*/
-bool cli_credentials_is_anonymous(struct cli_credentials *cred)
+_PUBLIC_ bool cli_credentials_is_anonymous(struct cli_credentials *cred)
{
const char *username;
@@ -763,7 +763,7 @@ bool cli_credentials_is_anonymous(struct cli_credentials *cred)
*
* @retval whether the credentials struct is finished
*/
-bool cli_credentials_wrong_password(struct cli_credentials *cred)
+_PUBLIC_ bool cli_credentials_wrong_password(struct cli_credentials *cred)
{
if (cred->password_obtained != CRED_CALLBACK_RESULT) {
return false;
@@ -779,7 +779,7 @@ bool cli_credentials_wrong_password(struct cli_credentials *cred)
/*
set the common event context for this set of credentials
*/
-void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev)
+_PUBLIC_ void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev)
{
cred->ev = ev;
}
@@ -787,7 +787,7 @@ void cli_credentials_set_event_context(struct cli_credentials *cred, struct even
/*
set the common event context for this set of credentials
*/
-struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred)
+_PUBLIC_ struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred)
{
if (cred->ev == NULL) {
cred->ev = event_context_find(cred);
diff --git a/source4/auth/credentials/credentials.h b/source4/auth/credentials/credentials.h
index 1b205c61ce..afcb300638 100644
--- a/source4/auth/credentials/credentials.h
+++ b/source4/auth/credentials/credentials.h
@@ -132,6 +132,117 @@ struct ccache_container;
struct gssapi_creds_container;
-#include "auth/credentials/credentials_proto.h"
+const char *cli_credentials_get_workstation(struct cli_credentials *cred);
+bool cli_credentials_set_workstation(struct cli_credentials *cred,
+ const char *val,
+ enum credentials_obtained obtained);
+bool cli_credentials_is_anonymous(struct cli_credentials *cred);
+struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx);
+void cli_credentials_set_anonymous(struct cli_credentials *cred);
+bool cli_credentials_wrong_password(struct cli_credentials *cred);
+const char *cli_credentials_get_password(struct cli_credentials *cred);
+void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALLOC_CTX *mem_ctx,
+ const char **username,
+ const char **domain);
+NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_CTX *mem_ctx,
+ int *flags,
+ DATA_BLOB challenge, DATA_BLOB target_info,
+ DATA_BLOB *_lm_response, DATA_BLOB *_nt_response,
+ DATA_BLOB *_lm_session_key, DATA_BLOB *_session_key);
+const char *cli_credentials_get_realm(struct cli_credentials *cred);
+const char *cli_credentials_get_username(struct cli_credentials *cred);
+int cli_credentials_get_krb5_context(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ struct smb_krb5_context **smb_krb5_context);
+int cli_credentials_get_ccache(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ struct ccache_container **ccc);
+int cli_credentials_get_keytab(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ struct keytab_container **_ktc);
+const char *cli_credentials_get_domain(struct cli_credentials *cred);
+struct creds_CredentialState *cli_credentials_get_netlogon_creds(struct cli_credentials *cred);
+void cli_credentials_set_machine_account_pending(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx);
+void cli_credentials_set_conf(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx);
+const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx);
+int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ struct gssapi_creds_container **_gcc);
+int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ struct gssapi_creds_container **_gcc);
+void cli_credentials_set_event_context(struct cli_credentials *cred, struct event_context *ev);
+void cli_credentials_set_kerberos_state(struct cli_credentials *creds,
+ enum credentials_use_kerberos use_kerberos);
+struct event_context *cli_credentials_get_event_context(struct cli_credentials *cred);
+bool cli_credentials_set_domain(struct cli_credentials *cred,
+ const char *val,
+ enum credentials_obtained obtained);
+bool cli_credentials_set_username(struct cli_credentials *cred,
+ const char *val, enum credentials_obtained obtained);
+bool cli_credentials_set_password(struct cli_credentials *cred,
+ const char *val,
+ enum credentials_obtained obtained);
+struct cli_credentials *cli_credentials_init_anon(TALLOC_CTX *mem_ctx);
+void cli_credentials_parse_string(struct cli_credentials *credentials, const char *data, enum credentials_obtained obtained);
+const struct samr_Password *cli_credentials_get_nt_hash(struct cli_credentials *cred,
+ TALLOC_CTX *mem_ctx);
+bool cli_credentials_set_realm(struct cli_credentials *cred,
+ const char *val,
+ enum credentials_obtained obtained);
+void cli_credentials_set_secure_channel_type(struct cli_credentials *cred,
+ enum netr_SchannelType secure_channel_type);
+void cli_credentials_set_netlogon_creds(struct cli_credentials *cred,
+ struct creds_CredentialState *netlogon_creds);
+NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred,
+ struct smb_krb5_context *smb_krb5_context);
+NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ const char *serviceprincipal);
+NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx);
+bool cli_credentials_authentication_requested(struct cli_credentials *cred);
+void cli_credentials_guess(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx);
+bool cli_credentials_set_bind_dn(struct cli_credentials *cred,
+ const char *bind_dn);
+const char *cli_credentials_get_bind_dn(struct cli_credentials *cred);
+bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file, enum credentials_obtained obtained);
+const char *cli_credentials_get_unparsed_name(struct cli_credentials *credentials, TALLOC_CTX *mem_ctx);
+bool cli_credentials_set_password_callback(struct cli_credentials *cred,
+ const char *(*password_cb) (struct cli_credentials *));
+enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred);
+void cli_credentials_set_kvno(struct cli_credentials *cred,
+ int kvno);
+bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
+ const struct samr_Password *nt_hash,
+ enum credentials_obtained obtained);
+int cli_credentials_set_keytab_name(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ const char *keytab_name,
+ enum credentials_obtained obtained);
+int cli_credentials_update_keytab(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx);
+void cli_credentials_set_gensec_features(struct cli_credentials *creds, uint32_t gensec_features);
+uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds);
+int cli_credentials_set_ccache(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ const char *name,
+ enum credentials_obtained obtained);
+bool cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained);
+bool cli_credentials_parse_password_fd(struct cli_credentials *credentials,
+ int fd, enum credentials_obtained obtained);
+void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
+ enum credentials_obtained obtained);
+void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal);
+enum credentials_use_kerberos cli_credentials_get_kerberos_state(struct cli_credentials *creds);
+NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
+ struct loadparm_context *lp_ctx,
+ struct ldb_context *ldb,
+ const char *base,
+ const char *filter);
+ int cli_credentials_get_kvno(struct cli_credentials *cred);
#endif /* __CREDENTIALS_H__ */
diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c
index c1001c9622..8bcbc65575 100644
--- a/source4/auth/credentials/credentials_files.c
+++ b/source4/auth/credentials/credentials_files.c
@@ -39,7 +39,7 @@
* @param obtained This enum describes how 'specified' this password is
*/
-bool cli_credentials_parse_password_fd(struct cli_credentials *credentials,
+_PUBLIC_ bool cli_credentials_parse_password_fd(struct cli_credentials *credentials,
int fd, enum credentials_obtained obtained)
{
char *p;
@@ -83,7 +83,7 @@ bool cli_credentials_parse_password_fd(struct cli_credentials *credentials,
* @param obtained This enum describes how 'specified' this password is
*/
-bool cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained)
+_PUBLIC_ bool cli_credentials_parse_password_file(struct cli_credentials *credentials, const char *file, enum credentials_obtained obtained)
{
int fd = open(file, O_RDONLY, 0);
bool ret;
@@ -109,7 +109,7 @@ bool cli_credentials_parse_password_file(struct cli_credentials *credentials, co
* @param obtained This enum describes how 'specified' this password is
*/
-bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file, enum credentials_obtained obtained)
+_PUBLIC_ bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file, enum credentials_obtained obtained)
{
uint16_t len = 0;
char *ptr, *val, *param;
@@ -168,7 +168,7 @@ bool cli_credentials_parse_file(struct cli_credentials *cred, const char *file,
* @param cred Credentials structure to fill in
* @retval NTSTATUS error detailing any failure
*/
-NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
+_PUBLIC_ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
struct ldb_context *ldb,
const char *base,
@@ -326,7 +326,7 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
* @param cred Credentials structure to fill in
* @retval NTSTATUS error detailing any failure
*/
-NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
+_PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
struct loadparm_context *lp_ctx)
{
char *filter;
@@ -369,7 +369,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
* @param cred Credentials structure to fill in
* @retval NTSTATUS error detailing any failure
*/
-NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+_PUBLIC_ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
const char *serviceprincipal)
{
@@ -395,7 +395,7 @@ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
* than during, popt processing.
*
*/
-void cli_credentials_set_machine_account_pending(struct cli_credentials *cred,
+_PUBLIC_ void cli_credentials_set_machine_account_pending(struct cli_credentials *cred,
struct loadparm_context *lp_ctx)
{
cred->machine_account_pending = true;
diff --git a/source4/auth/credentials/credentials_krb5.c b/source4/auth/credentials/credentials_krb5.c
index 52bf9f124f..cd9285b09d 100644
--- a/source4/auth/credentials/credentials_krb5.c
+++ b/source4/auth/credentials/credentials_krb5.c
@@ -25,10 +25,11 @@
#include "system/kerberos.h"
#include "auth/kerberos/kerberos.h"
#include "auth/credentials/credentials.h"
+#include "auth/credentials/credentials_proto.h"
#include "auth/credentials/credentials_krb5.h"
#include "param/param.h"
-int cli_credentials_get_krb5_context(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
struct smb_krb5_context **smb_krb5_context)
{
@@ -52,7 +53,7 @@ int cli_credentials_get_krb5_context(struct cli_credentials *cred,
* otherwise we might have problems with the krb5 context already
* being here.
*/
-NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred,
+_PUBLIC_ NTSTATUS cli_credentials_set_krb5_context(struct cli_credentials *cred,
struct smb_krb5_context *smb_krb5_context)
{
if (!talloc_reference(cred, smb_krb5_context)) {
@@ -126,7 +127,7 @@ static int free_dccache(struct ccache_container *ccc) {
return 0;
}
-int cli_credentials_set_ccache(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_set_ccache(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
const char *name,
enum credentials_obtained obtained)
@@ -251,7 +252,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
return ret;
}
-int cli_credentials_get_ccache(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_ccache(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
struct ccache_container **ccc)
{
@@ -315,7 +316,7 @@ void cli_credentials_invalidate_client_gss_creds(struct cli_credentials *cred,
}
}
-void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
+_PUBLIC_ void cli_credentials_invalidate_ccache(struct cli_credentials *cred,
enum credentials_obtained obtained)
{
/* If the caller just changed the username/password etc, then
@@ -346,7 +347,7 @@ static int free_gssapi_creds(struct gssapi_creds_container *gcc)
return 0;
}
-int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc)
{
@@ -454,7 +455,7 @@ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
* attached to this context. If this hasn't been done or set before,
* it will be generated from the password.
*/
-int cli_credentials_get_keytab(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_keytab(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
struct keytab_container **_ktc)
{
@@ -508,7 +509,7 @@ int cli_credentials_get_keytab(struct cli_credentials *cred,
/* Given the name of a keytab (presumably in the format
* FILE:/etc/krb5.keytab), open it and attach it */
-int cli_credentials_set_keytab_name(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
const char *keytab_name,
enum credentials_obtained obtained)
@@ -547,7 +548,7 @@ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
return ret;
}
-int cli_credentials_update_keytab(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_update_keytab(struct cli_credentials *cred,
struct loadparm_context *lp_ctx)
{
krb5_error_code ret;
@@ -583,7 +584,7 @@ int cli_credentials_update_keytab(struct cli_credentials *cred,
/* Get server gss credentials (in gsskrb5, this means the keytab) */
-int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
+_PUBLIC_ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
struct loadparm_context *lp_ctx,
struct gssapi_creds_container **_gcc)
{
@@ -657,7 +658,7 @@ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
* Set Kerberos KVNO
*/
-void cli_credentials_set_kvno(struct cli_credentials *cred,
+_PUBLIC_ void cli_credentials_set_kvno(struct cli_credentials *cred,
int kvno)
{
cred->kvno = kvno;
@@ -667,7 +668,7 @@ void cli_credentials_set_kvno(struct cli_credentials *cred,
* Return Kerberos KVNO
*/
-int cli_credentials_get_kvno(struct cli_credentials *cred)
+_PUBLIC_ int cli_credentials_get_kvno(struct cli_credentials *cred)
{
return cred->kvno;
}
@@ -693,7 +694,7 @@ const char *cli_credentials_get_salt_principal(struct cli_credentials *cred)
return cred->salt_principal;
}
-void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal)
+_PUBLIC_ void cli_credentials_set_salt_principal(struct cli_credentials *cred, const char *principal)
{
cred->salt_principal = talloc_strdup(cred, principal);
}
diff --git a/source4/auth/credentials/credentials_ntlm.c b/source4/auth/credentials/credentials_ntlm.c
index 04f1d312e6..b88f2018df 100644
--- a/source4/auth/credentials/credentials_ntlm.c
+++ b/source4/auth/credentials/credentials_ntlm.c
@@ -27,7 +27,7 @@
#include "libcli/auth/libcli_auth.h"
#include "auth/credentials/credentials.h"
-void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALLOC_CTX *mem_ctx,
+_PUBLIC_ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALLOC_CTX *mem_ctx,
const char **username,
const char **domain)
{
@@ -40,7 +40,7 @@ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *cred, TALL
}
}
-NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_CTX *mem_ctx,
+_PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred, TALLOC_CTX *mem_ctx,
int *flags,
DATA_BLOB challenge, DATA_BLOB target_info,
DATA_BLOB *_lm_response, DATA_BLOB *_nt_response,
diff --git a/source4/auth/gensec/config.mk b/source4/auth/gensec/config.mk
index b60f039284..14864f7e4c 100644
--- a/source4/auth/gensec/config.mk
+++ b/source4/auth/gensec/config.mk
@@ -11,7 +11,7 @@ PUBLIC_DEPENDENCIES = \
# End SUBSYSTEM gensec
#################################
-PUBLIC_HEADERS += $(addprefix auth/gensec/, gensec.h spnego.h)
+PUBLIC_HEADERS += auth/gensec/gensec.h
################################################
# Start MODULE gensec_krb5
diff --git a/source4/auth/gensec/cyrus_sasl.c b/source4/auth/gensec/cyrus_sasl.c
index cb7bcb71d8..06a7b8a382 100644
--- a/source4/auth/gensec/cyrus_sasl.c
+++ b/source4/auth/gensec/cyrus_sasl.c
@@ -23,6 +23,7 @@
#include "auth/auth.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
#include "lib/socket/socket.h"
#include <sasl/sasl.h>
diff --git a/source4/auth/gensec/gensec.c b/source4/auth/gensec/gensec.c
index cd2066d9fd..59c19b96ab 100644
--- a/source4/auth/gensec/gensec.c
+++ b/source4/auth/gensec/gensec.c
@@ -27,6 +27,7 @@
#include "librpc/rpc/dcerpc.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
#include "param/param.h"
/* the list of currently registered GENSEC backends */
@@ -35,7 +36,7 @@ static int gensec_num_backends;
/* Return all the registered mechs. Don't modify the return pointer,
* but you may talloc_reference it if convient */
-struct gensec_security_ops **gensec_security_all(void)
+_PUBLIC_ struct gensec_security_ops **gensec_security_all(void)
{
return generic_security_ops;
}
@@ -45,7 +46,7 @@ struct gensec_security_ops **gensec_security_all(void)
* gensec_security_all(), or from cli_credentials_gensec_list() (ie,
* an existing list we have trimmed down) */
-struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
+_PUBLIC_ struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
struct gensec_security_ops **old_gensec_list,
struct cli_credentials *creds)
{
@@ -572,7 +573,7 @@ _PUBLIC_ NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx,
@param gensec_security Returned GENSEC context pointer.
@note The mem_ctx is only a parent and may be NULL.
*/
-NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
+_PUBLIC_ NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
struct event_context *ev,
struct loadparm_context *lp_ctx,
struct messaging_context *msg,
@@ -637,7 +638,7 @@ static NTSTATUS gensec_start_mech(struct gensec_security *gensec_security)
* @param auth_level DCERPC auth level
*/
-NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
uint8_t auth_type, uint8_t auth_level)
{
gensec_security->ops = gensec_security_by_authtype(gensec_security, auth_type);
@@ -663,7 +664,7 @@ NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
return gensec_start_mech(gensec_security);
}
-const char *gensec_get_name_by_authtype(uint8_t authtype)
+_PUBLIC_ const char *gensec_get_name_by_authtype(uint8_t authtype)
{
const struct gensec_security_ops *ops;
ops = gensec_security_by_authtype(NULL, authtype);
@@ -674,7 +675,7 @@ const char *gensec_get_name_by_authtype(uint8_t authtype)
}
-const char *gensec_get_name_by_oid(const char *oid_string)
+_PUBLIC_ const char *gensec_get_name_by_oid(const char *oid_string)
{
const struct gensec_security_ops *ops;
ops = gensec_security_by_oid(NULL, oid_string);
@@ -704,7 +705,7 @@ NTSTATUS gensec_start_mech_by_ops(struct gensec_security *gensec_security,
* well-known #define to hook it in.
*/
-NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
const char *mech_oid)
{
gensec_security->ops = gensec_security_by_oid(gensec_security, mech_oid);
@@ -720,7 +721,7 @@ NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
*
*/
-NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security,
const char *sasl_name)
{
gensec_security->ops = gensec_security_by_sasl_name(gensec_security, sasl_name);
@@ -769,7 +770,7 @@ _PUBLIC_ NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_
*
*/
-NTSTATUS gensec_start_mech_by_name(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_start_mech_by_name(struct gensec_security *gensec_security,
const char *name)
{
gensec_security->ops = gensec_security_by_name(gensec_security, name);
@@ -783,7 +784,7 @@ NTSTATUS gensec_start_mech_by_name(struct gensec_security *gensec_security,
/*
wrappers for the gensec function pointers
*/
-NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
@@ -802,7 +803,7 @@ NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security,
sig);
}
-NTSTATUS gensec_check_packet(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_check_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
@@ -818,7 +819,7 @@ NTSTATUS gensec_check_packet(struct gensec_security *gensec_security,
return gensec_security->ops->check_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
}
-NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
@@ -834,7 +835,7 @@ NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security,
return gensec_security->ops->seal_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
}
-NTSTATUS gensec_sign_packet(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_sign_packet(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
@@ -850,7 +851,7 @@ NTSTATUS gensec_sign_packet(struct gensec_security *gensec_security,
return gensec_security->ops->sign_packet(gensec_security, mem_ctx, data, length, whole_pdu, pdu_length, sig);
}
-size_t gensec_sig_size(struct gensec_security *gensec_security, size_t data_size)
+_PUBLIC_ size_t gensec_sig_size(struct gensec_security *gensec_security, size_t data_size)
{
if (!gensec_security->ops->sig_size) {
return 0;
@@ -880,7 +881,7 @@ size_t gensec_max_input_size(struct gensec_security *gensec_security)
return gensec_security->ops->max_input_size(gensec_security);
}
-NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const DATA_BLOB *in,
DATA_BLOB *out)
@@ -891,7 +892,7 @@ NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
return gensec_security->ops->wrap(gensec_security, mem_ctx, in, out);
}
-NTSTATUS gensec_unwrap(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_unwrap(struct gensec_security *gensec_security,
TALLOC_CTX *mem_ctx,
const DATA_BLOB *in,
DATA_BLOB *out)
@@ -902,7 +903,7 @@ NTSTATUS gensec_unwrap(struct gensec_security *gensec_security,
return gensec_security->ops->unwrap(gensec_security, mem_ctx, in, out);
}
-NTSTATUS gensec_session_key(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_session_key(struct gensec_security *gensec_security,
DATA_BLOB *session_key)
{
if (!gensec_security->ops->session_key) {
@@ -925,7 +926,7 @@ NTSTATUS gensec_session_key(struct gensec_security *gensec_security,
*
*/
-NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
+_PUBLIC_ NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
struct auth_session_info **session_info)
{
if (!gensec_security->ops->session_info) {
@@ -1065,7 +1066,7 @@ _PUBLIC_ NTSTATUS gensec_set_credentials(struct gensec_security *gensec_security
*
*/
-struct cli_credentials *gensec_get_credentials(struct gensec_security *gensec_security)
+_PUBLIC_ struct cli_credentials *gensec_get_credentials(struct gensec_security *gensec_security)
{
if (!gensec_security) {
return NULL;
@@ -1135,7 +1136,7 @@ _PUBLIC_ const char *gensec_get_target_hostname(struct gensec_security *gensec_s
* cryptographic tokens, to avoid certain attacks.
*/
-NTSTATUS gensec_set_my_addr(struct gensec_security *gensec_security, struct socket_address *my_addr)
+_PUBLIC_ NTSTATUS gensec_set_my_addr(struct gensec_security *gensec_security, struct socket_address *my_addr)
{
gensec_security->my_addr = my_addr;
if (my_addr && !talloc_reference(gensec_security, my_addr)) {
@@ -1144,7 +1145,7 @@ NTSTATUS gensec_set_my_addr(struct gensec_security *gensec_security, struct sock
return NT_STATUS_OK;
}
-NTSTATUS gensec_set_peer_addr(struct gensec_security *gensec_security, struct socket_address *peer_addr)
+_PUBLIC_ NTSTATUS gensec_set_peer_addr(struct gensec_security *gensec_security, struct socket_address *peer_addr)
{
gensec_security->peer_addr = peer_addr;
if (peer_addr && !talloc_reference(gensec_security, peer_addr)) {
@@ -1164,7 +1165,7 @@ struct socket_address *gensec_get_my_addr(struct gensec_security *gensec_securit
return NULL;
}
-struct socket_address *gensec_get_peer_addr(struct gensec_security *gensec_security)
+_PUBLIC_ struct socket_address *gensec_get_peer_addr(struct gensec_security *gensec_security)
{
if (gensec_security->peer_addr) {
return gensec_security->peer_addr;
@@ -1264,7 +1265,7 @@ static int sort_gensec(struct gensec_security_ops **gs1, struct gensec_security_
/*
initialise the GENSEC subsystem
*/
-NTSTATUS gensec_init(struct loadparm_context *lp_ctx)
+_PUBLIC_ NTSTATUS gensec_init(struct loadparm_context *lp_ctx)
{
static bool initialized = false;
diff --git a/source4/auth/gensec/gensec.h b/source4/auth/gensec/gensec.h
index 3413e5c8ce..7a1abfbc3b 100644
--- a/source4/auth/gensec/gensec.h
+++ b/source4/auth/gensec/gensec.h
@@ -199,6 +199,96 @@ NTSTATUS gensec_packet_full_request(struct gensec_security *gensec_security,
struct loadparm_context;
-#include "auth/gensec/gensec_proto.h"
+NTSTATUS gensec_subcontext_start(TALLOC_CTX *mem_ctx,
+ struct gensec_security *parent,
+ struct gensec_security **gensec_security);
+NTSTATUS gensec_client_start(TALLOC_CTX *mem_ctx,
+ struct gensec_security **gensec_security,
+ struct event_context *ev,
+ struct loadparm_context *lp_ctx);
+NTSTATUS gensec_start_mech_by_sasl_list(struct gensec_security *gensec_security,
+ const char **sasl_names);
+NTSTATUS gensec_update(struct gensec_security *gensec_security, TALLOC_CTX *out_mem_ctx,
+ const DATA_BLOB in, DATA_BLOB *out);
+void gensec_update_send(struct gensec_security *gensec_security, const DATA_BLOB in,
+ void (*callback)(struct gensec_update_request *req, void *private_data),
+ void *private_data);
+NTSTATUS gensec_update_recv(struct gensec_update_request *req, TALLOC_CTX *out_mem_ctx, DATA_BLOB *out);
+void gensec_want_feature(struct gensec_security *gensec_security,
+ uint32_t feature);
+bool gensec_have_feature(struct gensec_security *gensec_security,
+ uint32_t feature);
+NTSTATUS gensec_set_credentials(struct gensec_security *gensec_security, struct cli_credentials *credentials);
+NTSTATUS gensec_set_target_service(struct gensec_security *gensec_security, const char *service);
+const char *gensec_get_target_service(struct gensec_security *gensec_security);
+NTSTATUS gensec_set_target_hostname(struct gensec_security *gensec_security, const char *hostname);
+const char *gensec_get_target_hostname(struct gensec_security *gensec_security);
+NTSTATUS gensec_session_key(struct gensec_security *gensec_security,
+ DATA_BLOB *session_key);
+NTSTATUS gensec_start_mech_by_oid(struct gensec_security *gensec_security,
+ const char *mech_oid);
+const char *gensec_get_name_by_oid(const char *oid_string);
+struct cli_credentials *gensec_get_credentials(struct gensec_security *gensec_security);
+struct socket_address *gensec_get_peer_addr(struct gensec_security *gensec_security);
+NTSTATUS gensec_init(struct loadparm_context *lp_ctx);
+NTSTATUS gensec_unseal_packet(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ const DATA_BLOB *sig);
+NTSTATUS gensec_check_packet(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ const DATA_BLOB *sig);
+size_t gensec_sig_size(struct gensec_security *gensec_security, size_t data_size);
+NTSTATUS gensec_seal_packet(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ DATA_BLOB *sig);
+NTSTATUS gensec_sign_packet(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const uint8_t *data, size_t length,
+ const uint8_t *whole_pdu, size_t pdu_length,
+ DATA_BLOB *sig);
+NTSTATUS gensec_start_mech_by_authtype(struct gensec_security *gensec_security,
+ uint8_t auth_type, uint8_t auth_level);
+const char *gensec_get_name_by_authtype(uint8_t authtype);
+NTSTATUS gensec_server_start(TALLOC_CTX *mem_ctx,
+ struct event_context *ev,
+ struct loadparm_context *lp_ctx,
+ struct messaging_context *msg,
+ struct gensec_security **gensec_security);
+NTSTATUS gensec_session_info(struct gensec_security *gensec_security,
+ struct auth_session_info **session_info);
+NTSTATUS auth_nt_status_squash(NTSTATUS nt_status);
+struct creds_CredentialState;
+NTSTATUS dcerpc_schannel_creds(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ struct creds_CredentialState **creds);
+NTSTATUS gensec_set_peer_addr(struct gensec_security *gensec_security, struct socket_address *peer_addr);
+NTSTATUS gensec_set_my_addr(struct gensec_security *gensec_security, struct socket_address *my_addr);
+
+NTSTATUS gensec_start_mech_by_name(struct gensec_security *gensec_security,
+ const char *name);
+
+NTSTATUS gensec_unwrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const DATA_BLOB *in,
+ DATA_BLOB *out);
+NTSTATUS gensec_wrap(struct gensec_security *gensec_security,
+ TALLOC_CTX *mem_ctx,
+ const DATA_BLOB *in,
+ DATA_BLOB *out);
+
+struct gensec_security_ops **gensec_security_all(void);
+struct gensec_security_ops **gensec_use_kerberos_mechs(TALLOC_CTX *mem_ctx,
+ struct gensec_security_ops **old_gensec_list,
+ struct cli_credentials *creds);
+
+NTSTATUS gensec_start_mech_by_sasl_name(struct gensec_security *gensec_security,
+ const char *sasl_name);
+
#endif /* __GENSEC_H__ */
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index d8cdb90197..e7dcb4ea68 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -34,7 +34,9 @@
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
#include "param/param.h"
+#include "auth/session_proto.h"
enum gensec_gssapi_sasl_state
{
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 88432c7f89..ae601b19c2 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -36,7 +36,9 @@
#include "auth/credentials/credentials.h"
#include "auth/credentials/credentials_krb5.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
#include "param/param.h"
+#include "auth/session_proto.h"
enum GENSEC_KRB5_STATE {
GENSEC_KRB5_SERVER_START,
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index 96e3478982..b3117ee9b2 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -25,11 +25,13 @@
#include "auth/auth.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
#include "auth/gensec/schannel.h"
#include "auth/gensec/schannel_state.h"
#include "auth/gensec/schannel_proto.h"
#include "librpc/rpc/dcerpc.h"
#include "param/param.h"
+#include "auth/session_proto.h"
static size_t schannel_sig_size(struct gensec_security *gensec_security, size_t data_size)
{
diff --git a/source4/auth/gensec/socket.c b/source4/auth/gensec/socket.c
index 4dc05e8cc4..27449bf610 100644
--- a/source4/auth/gensec/socket.c
+++ b/source4/auth/gensec/socket.c
@@ -24,6 +24,7 @@
#include "lib/socket/socket.h"
#include "lib/stream/packet.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
static const struct socket_ops gensec_socket_ops;
diff --git a/source4/auth/gensec/spnego.c b/source4/auth/gensec/spnego.c
index f593d17d4b..1544326bb1 100644
--- a/source4/auth/gensec/spnego.c
+++ b/source4/auth/gensec/spnego.c
@@ -26,6 +26,7 @@
#include "librpc/gen_ndr/ndr_dcerpc.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
enum spnego_state_position {
SPNEGO_SERVER_START,
diff --git a/source4/auth/kerberos/kerberos_util.c b/source4/auth/kerberos/kerberos_util.c
index e905e3e704..9002715065 100644
--- a/source4/auth/kerberos/kerberos_util.c
+++ b/source4/auth/kerberos/kerberos_util.c
@@ -24,6 +24,7 @@
#include "system/kerberos.h"
#include "auth/kerberos/kerberos.h"
#include "auth/credentials/credentials.h"
+#include "auth/credentials/credentials_proto.h"
#include "auth/credentials/credentials_krb5.h"
struct principal_container {
@@ -634,7 +635,7 @@ int smb_krb5_update_keytab(TALLOC_CTX *parent_ctx,
return ret;
}
-_PUBLIC_ int smb_krb5_create_memory_keytab(TALLOC_CTX *parent_ctx,
+int smb_krb5_create_memory_keytab(TALLOC_CTX *parent_ctx,
struct cli_credentials *machine_account,
struct smb_krb5_context *smb_krb5_context,
const char **enctype_strings,
diff --git a/source4/auth/ntlmssp/ntlmssp.c b/source4/auth/ntlmssp/ntlmssp.c
index 8901488004..64bfebd3d1 100644
--- a/source4/auth/ntlmssp/ntlmssp.c
+++ b/source4/auth/ntlmssp/ntlmssp.c
@@ -27,7 +27,9 @@
#include "librpc/gen_ndr/ndr_dcerpc.h"
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
+#include "auth/gensec/gensec_proto.h"
#include "auth/auth.h"
+#include "auth/auth_proto.h"
#include "param/param.h"
/**
diff --git a/source4/auth/ntlmssp/ntlmssp.h b/source4/auth/ntlmssp/ntlmssp.h
index 5efc0a2eb1..df950e4756 100644
--- a/source4/auth/ntlmssp/ntlmssp.h
+++ b/source4/auth/ntlmssp/ntlmssp.h
@@ -186,4 +186,5 @@ struct gensec_ntlmssp_state
struct loadparm_context;
struct auth_session_info;
+
#include "auth/ntlmssp/proto.h"
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index eb6dbc5bca..12802b7e79 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -30,7 +30,9 @@
#include "auth/credentials/credentials.h"
#include "auth/gensec/gensec.h"
#include "auth/auth.h"
+#include "auth/auth_proto.h"
#include "param/param.h"
+#include "auth/session_proto.h"
/**
* Set a username on an NTLMSSP context - ensures it is talloc()ed
diff --git a/source4/auth/ntlmssp/ntlmssp_sign.c b/source4/auth/ntlmssp/ntlmssp_sign.c
index b003dc865f..063b16f539 100644
--- a/source4/auth/ntlmssp/ntlmssp_sign.c
+++ b/source4/auth/ntlmssp/ntlmssp_sign.c
@@ -134,7 +134,7 @@ static NTSTATUS ntlmssp_make_packet_signature(struct gensec_ntlmssp_state *gense
}
/* TODO: make this non-public */
-_PUBLIC_ NTSTATUS gensec_ntlmssp_sign_packet(struct gensec_security *gensec_security,
+NTSTATUS gensec_ntlmssp_sign_packet(struct gensec_security *gensec_security,
TALLOC_CTX *sig_mem_ctx,
const uint8_t *data, size_t length,
const uint8_t *whole_pdu, size_t pdu_length,
@@ -306,7 +306,7 @@ NTSTATUS gensec_ntlmssp_unseal_packet(struct gensec_security *gensec_security,
Initialise the state for NTLMSSP signing.
*/
/* TODO: make this non-public */
-_PUBLIC_ NTSTATUS ntlmssp_sign_init(struct gensec_ntlmssp_state *gensec_ntlmssp_state)
+NTSTATUS ntlmssp_sign_init(struct gensec_ntlmssp_state *gensec_ntlmssp_state)
{
TALLOC_CTX *mem_ctx = talloc_new(gensec_ntlmssp_state);
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index b171fc57b9..ed44754993 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -383,7 +383,7 @@ _PUBLIC_ NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_conte
return NT_STATUS_OK;
}
-_PUBLIC_ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
+NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
TALLOC_CTX *mem_ctx, const char *principal,
struct ldb_message ***msgs,
struct ldb_message ***msgs_domain_ref)
diff --git a/source4/auth/session.c b/source4/auth/session.c
index c86fff90df..112eac95d8 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -28,8 +28,9 @@
#include "dsdb/samdb/samdb.h"
#include "auth/credentials/credentials.h"
#include "param/param.h"
+#include "auth/session_proto.h"
-struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
+_PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
struct loadparm_context *lp_ctx)
{
NTSTATUS nt_status;
@@ -41,7 +42,7 @@ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
return session_info;
}
-NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
+_PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
struct loadparm_context *lp_ctx,
struct auth_session_info **_session_info)
{
@@ -77,7 +78,7 @@ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
return NT_STATUS_OK;
}
-NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
+_PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
const char *netbios_name,
struct auth_serversupplied_info **_server_info)
{
@@ -149,7 +150,7 @@ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
-NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
+_PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
struct loadparm_context *lp_ctx,
struct auth_serversupplied_info *server_info,
struct auth_session_info **_session_info)
@@ -199,7 +200,7 @@ void auth_session_info_debug(int dbg_lev,
/**
* Make a server_info struct from the info3 returned by a domain logon
*/
-NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
+_PUBLIC_ NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
const char *account_name,
uint16_t validation_level,
union netr_Validation *validation,
diff --git a/source4/auth/session.h b/source4/auth/session.h
index 039c005bb0..87fc47791a 100644
--- a/source4/auth/session.h
+++ b/source4/auth/session.h
@@ -29,6 +29,28 @@ struct auth_session_info {
};
#include "librpc/gen_ndr/netlogon.h"
-#include "auth/session_proto.h"
+
+struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
+struct auth_session_info *system_session(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx) ;
+NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
+ const char *netbios_name,
+ struct auth_serversupplied_info **_server_info) ;
+NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx,
+ struct auth_serversupplied_info *server_info,
+ struct auth_session_info **_session_info) ;
+
+NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
+ const char *account_name,
+ uint16_t validation_level,
+ union netr_Validation *validation,
+ struct auth_serversupplied_info **_server_info);
+NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
+ struct loadparm_context *lp_ctx,
+ struct auth_session_info **_session_info);
+
+struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
+ struct loadparm_context *lp_ctx);
+
#endif /* _SAMBA_AUTH_SESSION_H */