Changeset 988 for vendor/current/source4/auth/auth.h
- Timestamp:
- Nov 24, 2016, 1:14:11 PM (9 years ago)
- File:
-
- 1 edited
-
vendor/current/source4/auth/auth.h (modified) (11 diffs)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source4/auth/auth.h
r740 r988 44 44 /* version 4 - subsequent samba4 version - metze */ 45 45 /* version 0 - till samba4 is stable - metze */ 46 #define AUTH_INTERFACE_VERSION 0 47 48 #define AUTH_SESSION_INFO_DEFAULT_GROUPS 0x01 /* Add the user to the default world and network groups */ 49 #define AUTH_SESSION_INFO_AUTHENTICATED 0x02 /* Add the user to the 'authenticated users' group */ 50 #define AUTH_SESSION_INFO_SIMPLE_PRIVILEGES 0x04 /* Use a trivial map between users and privilages, rather than a DB */ 46 #define AUTH4_INTERFACE_VERSION 0 51 47 52 48 struct auth_method_context; 53 49 struct auth_check_password_request; 54 struct auth _context;50 struct auth4_context; 55 51 struct auth_session_info; 56 52 struct ldb_dn; 53 struct smb_krb5_context; 57 54 58 55 struct auth_operations { 59 56 const char *name; 60 61 /* If you are using this interface, then you are probably62 * getting something wrong. This interface is only for63 * security=server, and makes a number of compromises to allow64 * that. It is not compatible with being a PDC. */65 66 NTSTATUS (*get_challenge)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, uint8_t chal[8]);67 57 68 58 /* Given the user supplied info, check if this backend want to handle the password checking */ … … 79 69 /* Lookup a 'session info interim' return based only on the principal or DN */ 80 70 NTSTATUS (*get_user_info_dc_principal)(TALLOC_CTX *mem_ctx, 81 struct auth _context *auth_context,71 struct auth4_context *auth_context, 82 72 const char *principal, 83 73 struct ldb_dn *user_dn, 84 74 struct auth_user_info_dc **interim_info); 75 uint32_t flags; 85 76 }; 86 77 87 78 struct auth_method_context { 88 79 struct auth_method_context *prev, *next; 89 struct auth _context *auth_ctx;80 struct auth4_context *auth_ctx; 90 81 const struct auth_operations *ops; 91 82 int depth; 92 83 void *private_data; 93 };94 95 struct auth_context {96 struct {97 /* Who set this up in the first place? */98 const char *set_by;99 100 bool may_be_modified;101 102 DATA_BLOB data;103 } challenge;104 105 /* methods, in the order they should be called */106 struct auth_method_context *methods;107 108 /* the event context to use for calls that can block */109 struct tevent_context *event_ctx;110 111 /* the messaging context which can be used by backends */112 struct messaging_context *msg_ctx;113 114 /* loadparm context */115 struct loadparm_context *lp_ctx;116 117 /* SAM database for this local machine - to fill in local groups, or to authenticate local NTLM users */118 struct ldb_context *sam_ctx;119 120 NTSTATUS (*check_password)(struct auth_context *auth_ctx,121 TALLOC_CTX *mem_ctx,122 const struct auth_usersupplied_info *user_info,123 struct auth_user_info_dc **user_info_dc);124 125 NTSTATUS (*get_challenge)(struct auth_context *auth_ctx, uint8_t chal[8]);126 127 bool (*challenge_may_be_modified)(struct auth_context *auth_ctx);128 129 NTSTATUS (*set_challenge)(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by);130 131 NTSTATUS (*get_user_info_dc_principal)(TALLOC_CTX *mem_ctx,132 struct auth_context *auth_ctx,133 const char *principal,134 struct ldb_dn *user_dn,135 struct auth_user_info_dc **user_info_dc);136 137 NTSTATUS (*generate_session_info)(TALLOC_CTX *mem_ctx,138 struct auth_context *auth_context,139 struct auth_user_info_dc *user_info_dc,140 uint32_t session_info_flags,141 struct auth_session_info **session_info);142 84 }; 143 85 … … 152 94 }; 153 95 154 NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth _context *auth_context,96 NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth4_context *auth_context, 155 97 enum auth_password_state to_state, 156 98 const struct auth_usersupplied_info *user_info_in, … … 158 100 159 101 #include "auth/session.h" 102 #include "auth/unix_token_proto.h" 160 103 #include "auth/system_session_proto.h" 161 104 #include "libcli/security/security.h" … … 166 109 struct cli_credentials; 167 110 168 NTSTATUS auth_get_challenge(struct auth _context *auth_ctx, uint8_t chal[8]);111 NTSTATUS auth_get_challenge(struct auth4_context *auth_ctx, uint8_t chal[8]); 169 112 NTSTATUS authsam_account_ok(TALLOC_CTX *mem_ctx, 170 113 struct ldb_context *sam_ctx, … … 176 119 bool allow_domain_trust, 177 120 bool password_change); 178 NTSTATUS authsam_expand_nested_groups(struct ldb_context *sam_ctx, 179 struct ldb_val *dn_val, const bool only_childs, const char *filter, 180 TALLOC_CTX *res_sids_ctx, struct dom_sid ***res_sids, 181 unsigned int *num_res_sids); 121 182 122 struct auth_session_info *system_session(struct loadparm_context *lp_ctx); 183 123 NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx, … … 192 132 struct auth_session_info **_session_info) ; 193 133 194 NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char * *methods,134 NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char * const *methods, 195 135 struct tevent_context *ev, 196 struct messaging_context *msg,136 struct imessaging_context *msg, 197 137 struct loadparm_context *lp_ctx, 198 138 struct ldb_context *sam_ctx, 199 struct auth _context **auth_ctx);139 struct auth4_context **auth_ctx); 200 140 const char **auth_methods_from_lp(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx); 201 141 202 142 NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, 203 143 struct tevent_context *ev, 204 struct messaging_context *msg,144 struct imessaging_context *msg, 205 145 struct loadparm_context *lp_ctx, 206 struct auth_context **auth_ctx); 207 NTSTATUS auth_context_create_from_ldb(TALLOC_CTX *mem_ctx, struct ldb_context *ldb, struct auth_context **auth_ctx); 146 struct auth4_context **auth_ctx); 208 147 209 NTSTATUS auth_check_password (struct auth_context *auth_ctx,148 NTSTATUS auth_check_password_wrapper(struct auth4_context *auth_ctx, 210 149 TALLOC_CTX *mem_ctx, 211 const struct auth_usersupplied_info *user_info, 150 const struct auth_usersupplied_info *user_info, 151 void **server_returned_info, 152 DATA_BLOB *user_session_key, DATA_BLOB *lm_session_key); 153 154 NTSTATUS auth_check_password(struct auth4_context *auth_ctx, 155 TALLOC_CTX *mem_ctx, 156 const struct auth_usersupplied_info *user_info, 212 157 struct auth_user_info_dc **user_info_dc); 213 158 NTSTATUS auth4_init(void); … … 216 161 NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx, 217 162 struct tevent_context *ev, 218 struct messaging_context *msg,163 struct imessaging_context *msg, 219 164 struct loadparm_context *lp_ctx, 220 165 const char *nt4_domain, … … 226 171 struct tevent_req *auth_check_password_send(TALLOC_CTX *mem_ctx, 227 172 struct tevent_context *ev, 228 struct auth _context *auth_ctx,173 struct auth4_context *auth_ctx, 229 174 const struct auth_usersupplied_info *user_info); 230 175 NTSTATUS auth_check_password_recv(struct tevent_req *req, … … 232 177 struct auth_user_info_dc **user_info_dc); 233 178 234 bool auth_challenge_may_be_modified(struct auth _context *auth_ctx);235 NTSTATUS auth_context_set_challenge(struct auth _context *auth_ctx, const uint8_t chal[8], const char *set_by);179 bool auth_challenge_may_be_modified(struct auth4_context *auth_ctx); 180 NTSTATUS auth_context_set_challenge(struct auth4_context *auth_ctx, const uint8_t chal[8], const char *set_by); 236 181 237 182 NTSTATUS auth_get_user_info_dc_principal(TALLOC_CTX *mem_ctx, 238 struct auth _context *auth_ctx,183 struct auth4_context *auth_ctx, 239 184 const char *principal, 240 185 struct ldb_dn *user_dn, … … 243 188 NTSTATUS samba_server_gensec_start(TALLOC_CTX *mem_ctx, 244 189 struct tevent_context *event_ctx, 245 struct messaging_context *msg_ctx,190 struct imessaging_context *msg_ctx, 246 191 struct loadparm_context *lp_ctx, 247 192 struct cli_credentials *server_credentials,
Note:
See TracChangeset
for help on using the changeset viewer.
