sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Code

auth/credentials: add cli_credentials_get_principal_obtained()

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15018

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Stefan Metzmacher 2024-03-13 17:50:56 +01:00
parent 5edd1e7c3e
commit 1e5546748c
2 changed files with 60 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
auth/credentials/credentials.c
View File

@ -268,6 +268,64 @@ _PUBLIC_ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
}
/**
* @brief Find out how the principal was obtained.
*
* @param cred A credentials context.
*
* @return The obtained information for the principal.
*/
_PUBLIC_ enum credentials_obtained
cli_credentials_get_principal_obtained(struct cli_credentials *cred)
{
if (cred->machine_account_pending) {
cli_credentials_set_machine_account(cred,
cred->machine_account_pending_lp_ctx);
}
if (cred->principal_obtained < cred->username_obtained
|| cred->principal_obtained < MAX(cred->domain_obtained, cred->realm_obtained)) {
const char *effective_username = NULL;
const char *effective_realm = NULL;
enum credentials_obtained effective_obtained;
/*
* We don't want to trigger a callbacks in
* cli_credentials_get_username()
* cli_credentials_get_domain()
* nor
* cli_credentials_get_realm()
*/
effective_username = cred->username;
if (effective_username == NULL || strlen(effective_username) == 0) {
return cred->username_obtained;
}
if (cred->domain_obtained > cred->realm_obtained) {
effective_realm = cred->domain;
effective_obtained = MIN(cred->domain_obtained,
cred->username_obtained);
} else {
effective_realm = cred->realm;
effective_obtained = MIN(cred->realm_obtained,
cred->username_obtained);
}
if (effective_realm == NULL || strlen(effective_realm) == 0) {
effective_realm = cred->domain;
effective_obtained = MIN(cred->domain_obtained,
cred->username_obtained);
}
if (effective_realm != NULL && strlen(effective_realm) != 0) {
return effective_obtained;
}
}
return cred->principal_obtained;
}
/**
* Obtain the client principal for this credentials context.
* @param cred credentials context

2
auth/credentials/credentials.h
View File

@ -280,6 +280,8 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
bool cli_credentials_set_username_callback(struct cli_credentials *cred,
const char *(*username_cb) (struct cli_credentials *));
enum credentials_obtained cli_credentials_get_principal_obtained(struct cli_credentials *cred);
/**
* Obtain the client principal for this credentials context.
* @param cred credentials context