From a2ce53c1f5301ffcf990dbab837c328ea22739b6 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 8 Feb 2011 16:53:13 +1100 Subject: s4-auth Rework auth subsystem to remove struct auth_serversupplied_info This changes auth_serversupplied_info into the IDL-defined struct auth_user_info_dc. This then in turn contains a struct auth_user_info, which is the only part of the structure that is mainted into the struct session_info. The idea here is to avoid keeping the incomplete results of the authentication (such as session keys, lists of SID memberships etc) in a namespace where it may be confused for the finalised results. Andrew Barltett --- source4/smb_server/smb/sesssetup.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) (limited to 'source4/smb_server/smb/sesssetup.c') diff --git a/source4/smb_server/smb/sesssetup.c b/source4/smb_server/smb/sesssetup.c index 6b50bcb48e..5e4e3e514f 100644 --- a/source4/smb_server/smb/sesssetup.c +++ b/source4/smb_server/smb/sesssetup.c @@ -68,24 +68,24 @@ static void sesssetup_old_send(struct tevent_req *subreq) struct smbsrv_request *req = state->req; union smb_sesssetup *sess = talloc_get_type(req->io_ptr, union smb_sesssetup); - struct auth_serversupplied_info *server_info = NULL; + struct auth_user_info_dc *user_info_dc = NULL; struct auth_session_info *session_info; struct smbsrv_session *smb_sess; NTSTATUS status; uint32_t flags; - status = auth_check_password_recv(subreq, req, &server_info); + status = auth_check_password_recv(subreq, req, &user_info_dc); TALLOC_FREE(subreq); if (!NT_STATUS_IS_OK(status)) goto failed; flags = AUTH_SESSION_INFO_DEFAULT_GROUPS; - if (server_info->authenticated) { + if (user_info_dc->info->authenticated) { flags |= AUTH_SESSION_INFO_AUTHENTICATED; } - /* This references server_info into session_info */ + /* This references user_info_dc into session_info */ status = req->smb_conn->negotiate.auth_context->generate_session_info(req, req->smb_conn->negotiate.auth_context, - server_info, flags, &session_info); + user_info_dc, flags, &session_info); if (!NT_STATUS_IS_OK(status)) goto failed; /* allocate a new session */ @@ -198,26 +198,25 @@ static void sesssetup_nt1_send(struct tevent_req *subreq) struct sesssetup_context *state = tevent_req_callback_data(subreq, struct sesssetup_context); struct smbsrv_request *req = state->req; union smb_sesssetup *sess = talloc_get_type(req->io_ptr, union smb_sesssetup); - struct auth_serversupplied_info *server_info = NULL; + struct auth_user_info_dc *user_info_dc = NULL; struct auth_session_info *session_info; struct smbsrv_session *smb_sess; uint32_t flags; NTSTATUS status; - status = auth_check_password_recv(subreq, req, &server_info); + status = auth_check_password_recv(subreq, req, &user_info_dc); TALLOC_FREE(subreq); if (!NT_STATUS_IS_OK(status)) goto failed; flags = AUTH_SESSION_INFO_DEFAULT_GROUPS; - if (server_info->authenticated) { + if (user_info_dc->info->authenticated) { flags |= AUTH_SESSION_INFO_AUTHENTICATED; } - - /* This references server_info into session_info */ + /* This references user_info_dc into session_info */ status = state->auth_context->generate_session_info(req, state->auth_context, - server_info, + user_info_dc, flags, &session_info); if (!NT_STATUS_IS_OK(status)) goto failed; -- cgit