From ac29f519363d994052e4f6ec44c7bae40cd0d9a9 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 6 Nov 2004 01:20:28 +0000 Subject: r3570: Export the user's group list from ntlm_auth, via a new command 'UG' (user groups). The form of this is not final, but is this should be a discussion point with the squid team. Andrew Bartlett (This used to be commit cbb0c67d06f75c2d8841a95ba8837124160ffd49) --- source4/utils/ntlm_auth.c | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) (limited to 'source4/utils') diff --git a/source4/utils/ntlm_auth.c b/source4/utils/ntlm_auth.c index feaae17abb..8d7f750af6 100644 --- a/source4/utils/ntlm_auth.c +++ b/source4/utils/ntlm_auth.c @@ -332,6 +332,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, (strncmp(buf, "KK ", 3) != 0) && (strncmp(buf, "AF ", 3) != 0) && (strncmp(buf, "NA ", 3) != 0) && + (strncmp(buf, "UG", 2) != 0) && (strncmp(buf, "PW ", 3) != 0)) { DEBUG(1, ("SPNEGO request [%s] invalid\n", buf)); mux_printf(mux_id, "BH\n"); @@ -405,8 +406,8 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, talloc_strndup((*gensec_state), (const char *)in.data, in.length)))) { - DEBUG(1, ("Out of memory\n")); - mux_printf(mux_id, "BH\n"); + DEBUG(1, ("gensec_set_password failed: %s\n", nt_errstr(nt_status))); + mux_printf(mux_id, "BH %s\n", nt_errstr(nt_status)); data_blob_free(&in); return; } @@ -416,6 +417,33 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode, return; } + if (strncmp(buf, "UG", 2) == 0) { + int i; + char *grouplist = NULL; + struct auth_session_info *session_info; + + if (!NT_STATUS_IS_OK(gensec_session_info(*gensec_state, &session_info))) { + DEBUG(1, ("gensec_session_info failed: %s\n", nt_errstr(nt_status))); + mux_printf(mux_id, "BH %s\n", nt_errstr(nt_status)); + data_blob_free(&in); + return; + } + + /* get the string onto the context */ + grouplist = talloc_strdup(session_info, ""); + + for (i=0; i< session_info->nt_user_token->num_sids; i++) { + grouplist = talloc_asprintf_append(grouplist, "%s,", + dom_sid_string(session_info, + session_info->nt_user_token->user_sids[i])); + } + + mux_printf(mux_id, "GL %s\n", grouplist); + free_session_info(&session_info); + data_blob_free(&in); + return; + } + /* update */ nt_status = gensec_update(*gensec_state, NULL, in, &out); -- cgit