From 0d466258be1fc7156de469daec07b79701557168 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 5 Jun 2004 01:39:08 +0000 Subject: r1019: Push the auth subsystem away from using typedef, and over to the 'all goodness and light' struct ;-) Break apart the auth subsystem's return strucutres, into the parts that a netlogon call cares about, and the parts that are for a local session. This is the 'struct session_info' and it will almost completly replace the current information stored on a vuid, but be generic to all login methods (RPC over TCP, for example). Andrew Bartlett (This used to be commit d199697014d9562f9439a30b950fda798c5ef419) --- source4/smb_server/password.c | 21 ++++----------------- source4/smb_server/sesssetup.c | 38 +++++++++++++++++++------------------- 2 files changed, 23 insertions(+), 36 deletions(-) (limited to 'source4/smb_server') diff --git a/source4/smb_server/password.c b/source4/smb_server/password.c index ca89003cf1..075638852c 100644 --- a/source4/smb_server/password.c +++ b/source4/smb_server/password.c @@ -55,12 +55,10 @@ void invalidate_vuid(struct server_context *smb, uint16_t vuid) if (vuser == NULL) return; - - data_blob_free(&vuser->session_key); session_yield(vuser); - free_server_info(&vuser->server_info); + talloc_destroy(vuser->session_info->mem_ctx); DLIST_REMOVE(smb->users.validated_users, vuser); @@ -101,8 +99,7 @@ void invalidate_all_vuids(struct server_context *smb) */ int register_vuid(struct server_context *smb, - struct auth_serversupplied_info *server_info, - DATA_BLOB *session_key, + struct auth_session_info *session_info, const char *smb_name) { user_struct *vuser = NULL; @@ -135,18 +132,8 @@ int register_vuid(struct server_context *smb, vuser->vuid = smb->users.next_vuid; - vuser->session_key = *session_key; - - if (!server_info->ptok) { - DEBUG(1, ("server_info does not contain a user_token - cannot continue\n")); - free_server_info(&server_info); - - SAFE_FREE(vuser); - return UID_FIELD_INVALID; - } - /* use this to keep tabs on all our info from the authentication */ - vuser->server_info = server_info; + vuser->session_info = session_info; smb->users.next_vuid++; smb->users.num_validated_vuids++; @@ -156,7 +143,7 @@ int register_vuid(struct server_context *smb, if (!session_claim(smb, vuser)) { DEBUG(1,("Failed to claim session for vuid=%d\n", vuser->vuid)); invalidate_vuid(smb, vuser->vuid); - return -1; + return UID_FIELD_INVALID; } return vuser->vuid; diff --git a/source4/smb_server/sesssetup.c b/source4/smb_server/sesssetup.c index fdcc1d298a..12b17c366a 100644 --- a/source4/smb_server/sesssetup.c +++ b/source4/smb_server/sesssetup.c @@ -41,10 +41,10 @@ static void sesssetup_common_strings(struct request_context *req, static NTSTATUS sesssetup_old(struct request_context *req, union smb_sesssetup *sess) { NTSTATUS status; - auth_usersupplied_info *user_info = NULL; - auth_serversupplied_info *server_info = NULL; + struct auth_usersupplied_info *user_info = NULL; + struct auth_serversupplied_info *server_info = NULL; + struct auth_session_info *session_info; DATA_BLOB null_blob; - DATA_BLOB session_key; if (!req->smb->negotiate.done_sesssetup) { req->smb->negotiate.max_send = sess->old.in.bufsize; @@ -67,14 +67,13 @@ static NTSTATUS sesssetup_old(struct request_context *req, union smb_sesssetup * return nt_status_squash(status); } - if (server_info->user_session_key.data) { - session_key = data_blob(server_info->user_session_key.data, server_info->user_session_key.length); - } else { - session_key = data_blob(NULL, 0); + status = make_session_info(server_info, &session_info); + if (!NT_STATUS_IS_OK(status)) { + return nt_status_squash(status); } sess->old.out.action = 0; - sess->old.out.vuid = register_vuid(req->smb, server_info, &session_key, sess->old.in.user); + sess->old.out.vuid = register_vuid(req->smb, session_info, sess->old.in.user); sesssetup_common_strings(req, &sess->old.out.os, &sess->old.out.lanman, @@ -90,9 +89,9 @@ static NTSTATUS sesssetup_old(struct request_context *req, union smb_sesssetup * static NTSTATUS sesssetup_nt1(struct request_context *req, union smb_sesssetup *sess) { NTSTATUS status; - auth_usersupplied_info *user_info = NULL; - auth_serversupplied_info *server_info = NULL; - DATA_BLOB session_key; + struct auth_usersupplied_info *user_info = NULL; + struct auth_serversupplied_info *server_info = NULL; + struct auth_session_info *session_info; if (!req->smb->negotiate.done_sesssetup) { req->smb->negotiate.max_send = sess->nt1.in.bufsize; @@ -114,21 +113,22 @@ static NTSTATUS sesssetup_nt1(struct request_context *req, union smb_sesssetup * return nt_status_squash(status); } - if (server_info->user_session_key.data) { - session_key = data_blob(server_info->user_session_key.data, server_info->user_session_key.length); - } else { - session_key = data_blob(NULL, 0); + status = make_session_info(server_info, &session_info); + if (!NT_STATUS_IS_OK(status)) { + return nt_status_squash(status); } sess->nt1.out.action = 0; - sess->nt1.out.vuid = register_vuid(req->smb, server_info, &session_key, sess->old.in.user); + sess->nt1.out.vuid = register_vuid(req->smb, session_info, sess->old.in.user); + if (sess->nt1.out.vuid == UID_FIELD_INVALID) { + return NT_STATUS_ACCESS_DENIED; + } sesssetup_common_strings(req, &sess->nt1.out.os, &sess->nt1.out.lanman, &sess->nt1.out.domain); - - srv_setup_signing(req->smb, &session_key, &sess->nt1.in.password2); - + + srv_setup_signing(req->smb, &session_info->session_key, &sess->nt1.in.password2); return NT_STATUS_OK; } -- cgit