summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/auth_sam.c2
-rw-r--r--source4/auth/auth_simple.c2
-rw-r--r--source4/auth/gensec/gensec_gssapi.c4
-rw-r--r--source4/auth/gensec/gensec_krb5.c4
-rw-r--r--source4/auth/gensec/schannel.c5
-rw-r--r--source4/auth/gensec/schannel_state.c11
-rw-r--r--source4/auth/ntlmssp/ntlmssp_server.c2
-rw-r--r--source4/auth/sam.c3
-rw-r--r--source4/auth/session.c8
-rw-r--r--source4/auth/session.h3
10 files changed, 28 insertions, 16 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 4b467cee75..731e489ba0 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -289,7 +289,7 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx
return NT_STATUS_NO_MEMORY;
}
- sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
+ sam_ctx = samdb_connect(tmp_ctx, ctx->auth_ctx->event_ctx, ctx->auth_ctx->lp_ctx, system_session(mem_ctx, ctx->auth_ctx->lp_ctx));
if (sam_ctx == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SYSTEM_SERVICE;
diff --git a/source4/auth/auth_simple.c b/source4/auth/auth_simple.c
index 50be02a353..e7039c3657 100644
--- a/source4/auth/auth_simple.c
+++ b/source4/auth/auth_simple.c
@@ -90,7 +90,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
}
if (session_info) {
- nt_status = auth_generate_session_info(tmp_ctx, lp_ctx, server_info, session_info);
+ nt_status = auth_generate_session_info(tmp_ctx, ev, lp_ctx, server_info, session_info);
if (NT_STATUS_IS_OK(nt_status)) {
talloc_steal(mem_ctx, *session_info);
diff --git a/source4/auth/gensec/gensec_gssapi.c b/source4/auth/gensec/gensec_gssapi.c
index cbee557d5a..cc0d40469e 100644
--- a/source4/auth/gensec/gensec_gssapi.c
+++ b/source4/auth/gensec/gensec_gssapi.c
@@ -1327,7 +1327,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
} else if (!lp_parm_bool(gensec_security->lp_ctx, NULL, "gensec", "require_pac", false)) {
DEBUG(1, ("Unable to find PAC, resorting to local user lookup: %s\n",
gssapi_error_string(mem_ctx, maj_stat, min_stat, gensec_gssapi_state->gss_oid)));
- nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->lp_ctx, principal_string,
+ nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
&server_info);
if (!NT_STATUS_IS_OK(nt_status)) {
@@ -1342,7 +1342,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
}
/* references the server_info into the session_info */
- nt_status = auth_generate_session_info(mem_ctx, gensec_security->lp_ctx, server_info, &session_info);
+ nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(mem_ctx);
return nt_status;
diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index 8abc0f8583..47df2ccfcc 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -603,7 +603,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
DEBUG(5, ("krb5_ticket_get_authorization_data_type failed to find PAC: %s\n",
smb_get_krb5_error_message(context,
ret, mem_ctx)));
- nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->lp_ctx, principal_string,
+ nt_status = sam_get_server_info_principal(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, principal_string,
&server_info);
krb5_free_principal(context, client_principal);
free(principal_string);
@@ -651,7 +651,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
}
/* references the server_info into the session_info */
- nt_status = auth_generate_session_info(mem_ctx, gensec_security->lp_ctx, server_info, &session_info);
+ nt_status = auth_generate_session_info(mem_ctx, gensec_security->event_ctx, gensec_security->lp_ctx, server_info, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
talloc_free(mem_ctx);
diff --git a/source4/auth/gensec/schannel.c b/source4/auth/gensec/schannel.c
index b3117ee9b2..f21202b86f 100644
--- a/source4/auth/gensec/schannel.c
+++ b/source4/auth/gensec/schannel.c
@@ -125,7 +125,8 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
}
/* pull the session key for this client */
- status = schannel_fetch_session_key(out_mem_ctx, gensec_security->lp_ctx, workstation,
+ status = schannel_fetch_session_key(out_mem_ctx, gensec_security->event_ctx,
+ gensec_security->lp_ctx, workstation,
domain, &creds);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("Could not find session key for attempted schannel connection from %s: %s\n",
@@ -189,7 +190,7 @@ static NTSTATUS schannel_session_info(struct gensec_security *gensec_security,
struct auth_session_info **_session_info)
{
struct schannel_state *state = talloc_get_type(gensec_security->private_data, struct schannel_state);
- return auth_anonymous_session_info(state, gensec_security->lp_ctx, _session_info);
+ return auth_anonymous_session_info(state, gensec_security->event_ctx, gensec_security->lp_ctx, _session_info);
}
static NTSTATUS schannel_start(struct gensec_security *gensec_security)
diff --git a/source4/auth/gensec/schannel_state.c b/source4/auth/gensec/schannel_state.c
index 0c7c509954..0f7c4ca11d 100644
--- a/source4/auth/gensec/schannel_state.c
+++ b/source4/auth/gensec/schannel_state.c
@@ -32,7 +32,8 @@
/**
connect to the schannel ldb
*/
-struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx)
+struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct event_context *ev_ctx,
+ struct loadparm_context *lp_ctx)
{
char *path;
struct ldb_context *ldb;
@@ -49,7 +50,7 @@ struct ldb_context *schannel_db_connect(TALLOC_CTX *mem_ctx, struct loadparm_con
existed = file_exist(path);
- ldb = ldb_wrap_connect(mem_ctx, lp_ctx, path,
+ ldb = ldb_wrap_connect(mem_ctx, ev_ctx, lp_ctx, path,
system_session(mem_ctx, lp_ctx),
NULL, LDB_FLG_NOSYNC, NULL);
talloc_free(path);
@@ -137,6 +138,7 @@ NTSTATUS schannel_store_session_key_ldb(TALLOC_CTX *mem_ctx,
}
NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
+ struct event_context *ev_ctx,
struct loadparm_context *lp_ctx,
struct creds_CredentialState *creds)
{
@@ -144,7 +146,7 @@ NTSTATUS schannel_store_session_key(TALLOC_CTX *mem_ctx,
NTSTATUS nt_status;
int ret;
- ldb = schannel_db_connect(mem_ctx, lp_ctx);
+ ldb = schannel_db_connect(mem_ctx, ev_ctx, lp_ctx);
if (!ldb) {
return NT_STATUS_ACCESS_DENIED;
}
@@ -268,6 +270,7 @@ NTSTATUS schannel_fetch_session_key_ldb(TALLOC_CTX *mem_ctx,
}
NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
+ struct event_context *ev_ctx,
struct loadparm_context *lp_ctx,
const char *computer_name,
const char *domain,
@@ -276,7 +279,7 @@ NTSTATUS schannel_fetch_session_key(TALLOC_CTX *mem_ctx,
NTSTATUS nt_status;
struct ldb_context *ldb;
- ldb = schannel_db_connect(mem_ctx, lp_ctx);
+ ldb = schannel_db_connect(mem_ctx, ev_ctx, lp_ctx);
if (!ldb) {
return NT_STATUS_ACCESS_DENIED;
}
diff --git a/source4/auth/ntlmssp/ntlmssp_server.c b/source4/auth/ntlmssp/ntlmssp_server.c
index 12802b7e79..d8ef2a20b8 100644
--- a/source4/auth/ntlmssp/ntlmssp_server.c
+++ b/source4/auth/ntlmssp/ntlmssp_server.c
@@ -725,7 +725,7 @@ NTSTATUS gensec_ntlmssp_session_info(struct gensec_security *gensec_security,
NTSTATUS nt_status;
struct gensec_ntlmssp_state *gensec_ntlmssp_state = (struct gensec_ntlmssp_state *)gensec_security->private_data;
- nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->lp_ctx, gensec_ntlmssp_state->server_info, session_info);
+ nt_status = auth_generate_session_info(gensec_ntlmssp_state, gensec_security->event_ctx, gensec_security->lp_ctx, gensec_ntlmssp_state->server_info, session_info);
NT_STATUS_NOT_OK_RETURN(nt_status);
(*session_info)->session_key = data_blob_talloc(*session_info,
diff --git a/source4/auth/sam.c b/source4/auth/sam.c
index ed44754993..a2090afcdc 100644
--- a/source4/auth/sam.c
+++ b/source4/auth/sam.c
@@ -428,6 +428,7 @@ NTSTATUS sam_get_results_principal(struct ldb_context *sam_ctx,
/* Used in the gensec_gssapi and gensec_krb5 server-side code, where the PAC isn't available */
NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
const char *principal,
struct auth_serversupplied_info **server_info)
@@ -445,7 +446,7 @@ NTSTATUS sam_get_server_info_principal(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
- sam_ctx = samdb_connect(tmp_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx));
+ sam_ctx = samdb_connect(tmp_ctx, event_ctx, lp_ctx, system_session(tmp_ctx, lp_ctx));
if (sam_ctx == NULL) {
talloc_free(tmp_ctx);
return NT_STATUS_INVALID_SYSTEM_SERVICE;
diff --git a/source4/auth/session.c b/source4/auth/session.c
index 112eac95d8..8f5e8d6c56 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -31,11 +31,12 @@
#include "auth/session_proto.h"
_PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx)
{
NTSTATUS nt_status;
struct auth_session_info *session_info = NULL;
- nt_status = auth_anonymous_session_info(mem_ctx, lp_ctx, &session_info);
+ nt_status = auth_anonymous_session_info(mem_ctx, event_ctx, lp_ctx, &session_info);
if (!NT_STATUS_IS_OK(nt_status)) {
return NULL;
}
@@ -43,6 +44,7 @@ _PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
}
_PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct auth_session_info **_session_info)
{
@@ -60,7 +62,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
}
/* references the server_info into the session_info */
- nt_status = auth_generate_session_info(parent_ctx, lp_ctx, server_info, &session_info);
+ nt_status = auth_generate_session_info(parent_ctx, event_ctx, lp_ctx, server_info, &session_info);
talloc_free(mem_ctx);
NT_STATUS_NOT_OK_RETURN(nt_status);
@@ -151,6 +153,7 @@ _PUBLIC_ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
}
_PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct auth_serversupplied_info *server_info,
struct auth_session_info **_session_info)
@@ -168,6 +171,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
session_info->session_key = server_info->user_session_key;
nt_status = security_token_create(session_info,
+ event_ctx,
lp_ctx,
server_info->account_sid,
server_info->primary_group_sid,
diff --git a/source4/auth/session.h b/source4/auth/session.h
index 87fc47791a..9b5fba7f39 100644
--- a/source4/auth/session.h
+++ b/source4/auth/session.h
@@ -36,6 +36,7 @@ NTSTATUS auth_anonymous_server_info(TALLOC_CTX *mem_ctx,
const char *netbios_name,
struct auth_serversupplied_info **_server_info) ;
NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx,
struct auth_serversupplied_info *server_info,
struct auth_session_info **_session_info) ;
@@ -46,10 +47,12 @@ NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx,
union netr_Validation *validation,
struct auth_serversupplied_info **_server_info);
NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx,
+ struct event_context *ev_ctx,
struct loadparm_context *lp_ctx,
struct auth_session_info **_session_info);
struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
+ struct event_context *event_ctx,
struct loadparm_context *lp_ctx);
generated by cgit (git 2.34.1) at 2024-06-24 13:13:04 +0000