From b41e14abfdc7301d5ae26ad95c031aa36c190fc8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 19 Aug 2006 01:04:54 +0000 Subject: r17610: Added the ability for firefox to drive the winbindd ntlm_auth module to allow it to use winbindd cached credentials.The credentials are currently only stored in a krb5 MIT environment - we need to add an option to winbindd to allow passwords to be stored even in an NTLM-only environment. Patch from Robert O'Callahan, modified with some fixes by me. Jeremy. (This used to be commit ae7cc298a113d8984557684bd6ad216cbb27cff3) --- source3/nsswitch/winbindd_nss.h | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) (limited to 'source3/nsswitch/winbindd_nss.h') diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h index 4a95a3cf42..b19026b4db 100644 --- a/source3/nsswitch/winbindd_nss.h +++ b/source3/nsswitch/winbindd_nss.h @@ -35,7 +35,7 @@ /* Update this when you change the interface. */ -#define WINBIND_INTERFACE_VERSION 16 +#define WINBIND_INTERFACE_VERSION 17 /* Have to deal with time_t being 4 or 8 bytes due to structure alignment. On a 64bit Linux box, we have to support a constant structure size @@ -153,6 +153,10 @@ enum winbindd_cmd { WINBINDD_DUAL_USERINFO, WINBINDD_DUAL_GETSIDALIASES, + /* Complete the challenge phase of the NTLM authentication + protocol using cached password. */ + WINBINDD_CCACHE_NTLMAUTH, + WINBINDD_NUM_CMDS }; @@ -292,8 +296,21 @@ struct winbindd_request { } dual_idmapset; BOOL list_all_domains; + struct { + uid_t uid; + fstring user; + /* the effective uid of the client, must be the uid for 'user'. + This is checked by the main daemon, trusted by children. */ + /* if the blobs are length zero, then this doesn't + produce an actual challenge response. It merely + succeeds if there are cached credentials available + that could be used. */ + uint32 initial_blob_len; /* blobs in extra_data */ + uint32 challenge_blob_len; + } ccache_ntlm_auth; + /* padding -- needed to fix alignment between 32bit and 64bit libs. - The size if the sizeof the union without the padding aligned on + The size is the sizeof the union without the padding aligned on an 8 byte boundary. --jerry */ char padding[1560]; @@ -426,6 +443,9 @@ struct winbindd_response { fstring shell; uint32 group_rid; } user_info; + struct { + uint32 auth_blob_len; /* blob in extra_data */ + } ccache_ntlm_auth; } data; /* Variable length return data */ -- cgit