summaryrefslogtreecommitdiffstats
path: root/source/auth/auth_server.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2002-01-01 03:10:32 +0000
committerAndrew Bartlett <abartlet@samba.org>2002-01-01 03:10:32 +0000
commitd870edce76ecca259230fbdbdacd0c86793b4837 (patch)
treed7ad7961abd3c52f66a756375998276a6d589859 /source/auth/auth_server.c
parentfe9d77791583737320f8c7560861168df7388c2f (diff)
downloadsamba-d870edce76ecca259230fbdbdacd0c86793b4837.tar.gz
samba-d870edce76ecca259230fbdbdacd0c86793b4837.tar.xz
samba-d870edce76ecca259230fbdbdacd0c86793b4837.zip
A farily large commit:
- Move rpc_client/cli_trust.c to smbd/change_trust_pw.c - It hasn't been used by anything else since smbpasswd lost its -j - Add a TALLOC_CTX to the auth subsytem. These are only valid for the length of the calls to the individual modules, if you want a longer context hide it in your private data. Similarly, all returns (like the server_info) should still be malloced. - Move the 'ntdomain' module (security=domain in oldspeak) over to use the new libsmb domain logon code. Also rework much of the code to use some better helper functions for the connection - getting us much better error returns (the new code is NTSTATUS). The only remaining thing to do is to figure out if tpot's 0xdead 0xbeef for the LUID feilds is sufficient, or if we should do random LUIDs as per the old code. Similarly, I'll move winbind over to this when I get a chance. This leaves the SPOOLSS code and some cli_pipe code as the only stuff still in rpc_client, at least as far as smbd is concerned. While I've given this a basic rundown, any testing is as always appriciated. Andrew Bartlett
Diffstat (limited to 'source/auth/auth_server.c')
-rw-r--r--source/auth/auth_server.c21
1 files changed, 11 insertions, 10 deletions
diff --git a/source/auth/auth_server.c b/source/auth/auth_server.c
index 7e43d529d27..7178e3147c4 100644
--- a/source/auth/auth_server.c
+++ b/source/auth/auth_server.c
@@ -29,7 +29,7 @@ extern userdom_struct current_user_info;
Support for server level security.
****************************************************************************/
-static struct cli_state *server_cryptkey(void)
+static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
{
struct cli_state *cli = NULL;
fstring desthost;
@@ -43,7 +43,7 @@ static struct cli_state *server_cryptkey(void)
/* security = server just can't function with spnego */
cli->use_spnego = False;
- pserver = strdup(lp_passwordserver());
+ pserver = talloc_strdup(mem_ctx, lp_passwordserver());
p = pserver;
while(next_token( &p, desthost, LIST_SEP, sizeof(desthost))) {
@@ -67,8 +67,6 @@ static struct cli_state *server_cryptkey(void)
}
}
- SAFE_FREE(pserver);
-
if (!connected_ok) {
DEBUG(0,("password server not available\n"));
cli_shutdown(cli);
@@ -136,9 +134,11 @@ static void send_server_keepalive(void **private_data_pointer)
Get the challenge out of a password server.
****************************************************************************/
-static DATA_BLOB auth_get_challenge_server(void **my_private_data, const struct authsupplied_info *auth_info)
+static DATA_BLOB auth_get_challenge_server(void **my_private_data,
+ TALLOC_CTX *mem_ctx,
+ const struct authsupplied_info *auth_info)
{
- struct cli_state *cli = server_cryptkey();
+ struct cli_state *cli = server_cryptkey(mem_ctx);
if (cli) {
DEBUG(3,("using password server validation\n"));
@@ -175,9 +175,10 @@ static DATA_BLOB auth_get_challenge_server(void **my_private_data, const struct
****************************************************************************/
static NTSTATUS check_smbserver_security(void *my_private_data,
- const auth_usersupplied_info *user_info,
- const auth_authsupplied_info *auth_info,
- auth_serversupplied_info **server_info)
+ TALLOC_CTX *mem_ctx,
+ const auth_usersupplied_info *user_info,
+ const auth_authsupplied_info *auth_info,
+ auth_serversupplied_info **server_info)
{
struct cli_state *cli;
static unsigned char badpass[24];
@@ -202,7 +203,7 @@ static NTSTATUS check_smbserver_security(void *my_private_data,
if (cli) {
} else {
- cli = server_cryptkey();
+ cli = server_cryptkey(mem_ctx);
locally_made_cli = True;
}