From 589a42e2da7d7cd382deb94c57b0c6dbca269e55 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 13 Apr 2010 12:00:06 +1000 Subject: s4:auth Change auth_generate_session_info to take an auth context The auth context was in the past only for NTLM authentication, but we need a SAM, an event context and and loadparm context for calculating the local groups too, so re-use that infrustructure we already have in place. However, to avoid problems where we may not have an auth_context (in torture tests, for example), allow a simpler 'session_info' to be generated, by passing this via an indirection in gensec and an generate_session_info() function pointer in the struct auth_context. In the smb_server (for old-style session setups) we need to change the async context to a new 'struct sesssetup_context'. This allows us to use the auth_context in processing the authentication reply . Andrew Bartlett --- source4/auth/auth.h | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'source4/auth/auth.h') diff --git a/source4/auth/auth.h b/source4/auth/auth.h index bbdbbc3127a..915d10397ba 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -126,6 +126,7 @@ struct auth_serversupplied_info struct auth_method_context; struct auth_check_password_request; struct auth_context; +struct auth_session_info; struct auth_operations { const char *name; @@ -185,6 +186,9 @@ struct auth_context { /* loadparm context */ struct loadparm_context *lp_ctx; + /* SAM database for this local machine - to fill in local groups, or to authenticate local NTLM users */ + struct ldb_context *sam_ctx; + NTSTATUS (*check_password)(struct auth_context *auth_ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, @@ -201,6 +205,10 @@ struct auth_context { const char *principal, struct auth_serversupplied_info **server_info); + NTSTATUS (*generate_session_info)(TALLOC_CTX *mem_ctx, + struct auth_context *auth_context, + struct auth_serversupplied_info *server_info, + struct auth_session_info **session_info); }; /* this structure is used by backends to determine the size of some critical types */ -- cgit