From ece6eae4d8862a564c581a3f3808c04edab6cb19 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Wed, 22 Dec 2010 17:17:07 +1100
Subject: s4-auth Add function to obtain any user's session_info from a given
 LDB

This will be a building block for a tokenGroups test, which can
compare against a remote server (in particular the rootDSE) against
what we would calculate the tokenGroups to be.

(this meant moving some parts out of the auth_sam code into the
containing library)

Andrew Bartlett
---
 source4/auth/session.c | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

(limited to 'source4/auth/session.c')

diff --git a/source4/auth/session.c b/source4/auth/session.c
index c4bd351b0e..124fdb989b 100644
--- a/source4/auth/session.c
+++ b/source4/auth/session.c
@@ -23,6 +23,7 @@
 
 #include "includes.h"
 #include "auth/auth.h"
+#include "auth/auth_sam.h"
 #include "libcli/security/security.h"
 #include "libcli/auth/libcli_auth.h"
 #include "dsdb/samdb/samdb.h"
@@ -195,6 +196,44 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx,
 	return NT_STATUS_OK;
 }
 
+/* Produce a session_info for an arbitary DN or principal in the local
+ * DB, assuming the local DB holds all the groups
+ *
+ * Supply either a principal or a DN
+ */
+NTSTATUS authsam_get_session_info_principal(TALLOC_CTX *mem_ctx,
+					    struct loadparm_context *lp_ctx,
+					    struct ldb_context *sam_ctx,
+					    const char *principal,
+					    struct ldb_dn *user_dn,
+					    uint32_t session_info_flags,
+					    struct auth_session_info **session_info)
+{
+	NTSTATUS nt_status;
+	struct auth_serversupplied_info *server_info;
+	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+	if (!tmp_ctx) {
+		return NT_STATUS_NO_MEMORY;
+	}
+	nt_status = authsam_get_server_info_principal(tmp_ctx, lp_ctx, sam_ctx,
+						      principal, user_dn,
+						      &server_info);
+	if (!NT_STATUS_IS_OK(nt_status)) {
+		talloc_free(tmp_ctx);
+		return nt_status;
+	}
+
+	nt_status = auth_generate_session_info(tmp_ctx, lp_ctx, sam_ctx,
+					       server_info, session_info_flags,
+					       session_info);
+
+	if (NT_STATUS_IS_OK(nt_status)) {
+		talloc_steal(mem_ctx, *session_info);
+	}
+	talloc_free(tmp_ctx);
+	return NT_STATUS_OK;
+}
+
 /**
  * prints a struct auth_session_info security token to debug output.
  */
-- 
cgit