summaryrefslogtreecommitdiffstats
path: root/source3/auth
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2009-05-26 12:48:58 +0200
committerStefan Metzmacher <metze@samba.org>2009-06-03 17:54:37 +0200
commite16e7146b378e8e89bf25adc66d806bac7feaeb6 (patch)
tree3749acfaa0e0121050f6ff8cfebb3e60e37533ac /source3/auth
parentf20ded603b488b4eaca8b4bf1009e61ead851f85 (diff)
downloadsamba-e16e7146b378e8e89bf25adc66d806bac7feaeb6.tar.gz
samba-e16e7146b378e8e89bf25adc66d806bac7feaeb6.tar.xz
samba-e16e7146b378e8e89bf25adc66d806bac7feaeb6.zip
s3:smbd: move negprot related globals to struct smbd_server_connection
metze
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_compat.c26
1 files changed, 15 insertions, 11 deletions
diff --git a/source3/auth/auth_compat.c b/source3/auth/auth_compat.c
index 925c0d4f81..d8087e6588 100644
--- a/source3/auth/auth_compat.c
+++ b/source3/auth/auth_compat.c
@@ -62,7 +62,8 @@ NTSTATUS check_plaintext_password(const char *smb_name, DATA_BLOB plaintext_pass
return nt_status;
}
-static NTSTATUS pass_check_smb(const char *smb_name,
+static NTSTATUS pass_check_smb(struct auth_context *actx,
+ const char *smb_name,
const char *domain,
DATA_BLOB lm_pwd,
DATA_BLOB nt_pwd,
@@ -72,14 +73,16 @@ static NTSTATUS pass_check_smb(const char *smb_name,
{
NTSTATUS nt_status;
auth_serversupplied_info *server_info = NULL;
- if (encrypted) {
+ if (encrypted) {
auth_usersupplied_info *user_info = NULL;
+ if (actx == NULL) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
make_user_info_for_reply_enc(&user_info, smb_name,
domain,
lm_pwd,
nt_pwd);
- nt_status = negprot_global_auth_context->check_ntlm_password(negprot_global_auth_context,
- user_info, &server_info);
+ nt_status = actx->check_ntlm_password(actx, user_info, &server_info);
free_user_info(&user_info);
} else {
nt_status = check_plaintext_password(smb_name, plaintext_password, &server_info);
@@ -93,11 +96,12 @@ check if a username/password pair is ok via the auth subsystem.
return True if the password is correct, False otherwise
****************************************************************************/
-bool password_ok(const char *smb_name, DATA_BLOB password_blob)
+bool password_ok(struct auth_context *actx, bool global_encrypted,
+ const char *smb_name, DATA_BLOB password_blob)
{
DATA_BLOB null_password = data_blob_null;
- bool encrypted = (global_encrypted_passwords_negotiated && (password_blob.length == 24 || password_blob.length > 46));
+ bool encrypted = (global_encrypted && (password_blob.length == 24 || password_blob.length > 46));
if (encrypted) {
/*
@@ -106,23 +110,23 @@ bool password_ok(const char *smb_name, DATA_BLOB password_blob)
* Vista sends NTLMv2 here - we need to try the client given workgroup.
*/
if (get_session_workgroup()) {
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, get_session_workgroup(), null_password, password_blob, null_password, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, get_session_workgroup(), null_password, password_blob, null_password, encrypted))) {
return True;
}
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, get_session_workgroup(), password_blob, null_password, null_password, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, get_session_workgroup(), password_blob, null_password, null_password, encrypted))) {
return True;
}
}
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), null_password, password_blob, null_password, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), null_password, password_blob, null_password, encrypted))) {
return True;
}
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), password_blob, null_password, null_password, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), password_blob, null_password, null_password, encrypted))) {
return True;
}
} else {
- if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), null_password, null_password, password_blob, encrypted))) {
+ if (NT_STATUS_IS_OK(pass_check_smb(actx, smb_name, lp_workgroup(), null_password, null_password, password_blob, encrypted))) {
return True;
}
}