mirror of
https://github.com/samba-team/samba.git
synced 2025-09-16 01:44:21 +03:00
s3:auth Rename user_info->smb_name -> user_info->client.account_name
This is closer to the structure I want for a common struct auth_usersupplied_info. Andrew Bartlett
This commit is contained in:
Andrew Bartlett
@@ -214,7 +214,7 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
|
|||||||
return NT_STATUS_LOGON_FAILURE;
|
return NT_STATUS_LOGON_FAILURE;
|
||||||
|
|
||||||
DEBUG(3, ("check_ntlm_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n",
|
DEBUG(3, ("check_ntlm_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n",
|
||||||
user_info->client_domain, user_info->smb_name, user_info->workstation_name));
|
user_info->client_domain, user_info->client.account_name, user_info->workstation_name));
|
||||||
|
|
||||||
DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n",
|
DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n",
|
||||||
user_info->domain, user_info->internal_username, user_info->workstation_name));
|
user_info->domain, user_info->internal_username, user_info->workstation_name));
|
||||||
@@ -241,14 +241,14 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* This needs to be sorted: If it doesn't match, what should we do? */
|
/* This needs to be sorted: If it doesn't match, what should we do? */
|
||||||
if (!check_domain_match(user_info->smb_name, user_info->domain))
|
if (!check_domain_match(user_info->client.account_name, user_info->domain))
|
||||||
return NT_STATUS_LOGON_FAILURE;
|
return NT_STATUS_LOGON_FAILURE;
|
||||||
|
|
||||||
for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) {
|
for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) {
|
||||||
NTSTATUS result;
|
NTSTATUS result;
|
||||||
|
|
||||||
mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name,
|
mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name,
|
||||||
user_info->domain, user_info->smb_name);
|
user_info->domain, user_info->client.account_name);
|
||||||
|
|
||||||
result = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info);
|
result = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info);
|
||||||
|
|
||||||
@@ -263,10 +263,10 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
|
|||||||
|
|
||||||
if (NT_STATUS_IS_OK(nt_status)) {
|
if (NT_STATUS_IS_OK(nt_status)) {
|
||||||
DEBUG(3, ("check_ntlm_password: %s authentication for user [%s] succeeded\n",
|
DEBUG(3, ("check_ntlm_password: %s authentication for user [%s] succeeded\n",
|
||||||
auth_method->name, user_info->smb_name));
|
auth_method->name, user_info->client.account_name));
|
||||||
} else {
|
} else {
|
||||||
DEBUG(5, ("check_ntlm_password: %s authentication for user [%s] FAILED with error %s\n",
|
DEBUG(5, ("check_ntlm_password: %s authentication for user [%s] FAILED with error %s\n",
|
||||||
auth_method->name, user_info->smb_name, nt_errstr(nt_status)));
|
auth_method->name, user_info->client.account_name, nt_errstr(nt_status)));
|
||||||
}
|
}
|
||||||
|
|
||||||
talloc_destroy(mem_ctx);
|
talloc_destroy(mem_ctx);
|
||||||
@@ -300,7 +300,7 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
|
|||||||
DEBUG((*server_info)->guest ? 5 : 2,
|
DEBUG((*server_info)->guest ? 5 : 2,
|
||||||
("check_ntlm_password: %sauthentication for user [%s] -> [%s] -> [%s] succeeded\n",
|
("check_ntlm_password: %sauthentication for user [%s] -> [%s] -> [%s] succeeded\n",
|
||||||
(*server_info)->guest ? "guest " : "",
|
(*server_info)->guest ? "guest " : "",
|
||||||
user_info->smb_name,
|
user_info->client.account_name,
|
||||||
user_info->internal_username,
|
user_info->internal_username,
|
||||||
unix_username));
|
unix_username));
|
||||||
}
|
}
|
||||||
@@ -311,7 +311,7 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
|
|||||||
/* failed authentication; check for guest lapping */
|
/* failed authentication; check for guest lapping */
|
||||||
|
|
||||||
DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
|
DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
|
||||||
user_info->smb_name, user_info->internal_username,
|
user_info->client.account_name, user_info->internal_username,
|
||||||
nt_errstr(nt_status)));
|
nt_errstr(nt_status)));
|
||||||
ZERO_STRUCTP(server_info);
|
ZERO_STRUCTP(server_info);
|
||||||
|
|
||||||
|
|||||||
@@ -93,7 +93,7 @@ static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_
|
|||||||
|
|
||||||
DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
|
DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
|
||||||
|
|
||||||
fstrcpy(user, user_info->smb_name);
|
fstrcpy(user, user_info->client.account_name);
|
||||||
|
|
||||||
if (strnequal("NT_STATUS", user, strlen("NT_STATUS"))) {
|
if (strnequal("NT_STATUS", user, strlen("NT_STATUS"))) {
|
||||||
strupper_m(user);
|
strupper_m(user);
|
||||||
|
|||||||
@@ -308,7 +308,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
|
|||||||
mem_ctx,
|
mem_ctx,
|
||||||
user_info->logon_parameters,/* flags such as 'allow workstation logon' */
|
user_info->logon_parameters,/* flags such as 'allow workstation logon' */
|
||||||
dc_name, /* server name */
|
dc_name, /* server name */
|
||||||
user_info->smb_name, /* user name logging on. */
|
user_info->client.account_name, /* user name logging on. */
|
||||||
user_info->client_domain, /* domain name */
|
user_info->client_domain, /* domain name */
|
||||||
user_info->workstation_name,/* workstation name */
|
user_info->workstation_name,/* workstation name */
|
||||||
chal, /* 8 byte challenge. */
|
chal, /* 8 byte challenge. */
|
||||||
@@ -324,7 +324,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
|
|||||||
if (!NT_STATUS_IS_OK(nt_status)) {
|
if (!NT_STATUS_IS_OK(nt_status)) {
|
||||||
DEBUG(0,("domain_client_validate: unable to validate password "
|
DEBUG(0,("domain_client_validate: unable to validate password "
|
||||||
"for user %s in domain %s to Domain controller %s. "
|
"for user %s in domain %s to Domain controller %s. "
|
||||||
"Error was %s.\n", user_info->smb_name,
|
"Error was %s.\n", user_info->client.account_name,
|
||||||
user_info->client_domain, dc_name,
|
user_info->client_domain, dc_name,
|
||||||
nt_errstr(nt_status)));
|
nt_errstr(nt_status)));
|
||||||
|
|
||||||
@@ -334,7 +334,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
nt_status = make_server_info_info3(mem_ctx,
|
nt_status = make_server_info_info3(mem_ctx,
|
||||||
user_info->smb_name,
|
user_info->client.account_name,
|
||||||
domain,
|
domain,
|
||||||
server_info,
|
server_info,
|
||||||
info3);
|
info3);
|
||||||
@@ -355,7 +355,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
netsamlogon_cache_store(user_info->smb_name, info3);
|
netsamlogon_cache_store(user_info->client.account_name, info3);
|
||||||
TALLOC_FREE(info3);
|
TALLOC_FREE(info3);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -83,7 +83,7 @@ static NTSTATUS netlogond_validate(TALLOC_CTX *mem_ctx,
|
|||||||
user_info->logon_parameters, /* flags such as 'allow
|
user_info->logon_parameters, /* flags such as 'allow
|
||||||
* workstation logon' */
|
* workstation logon' */
|
||||||
global_myname(), /* server name */
|
global_myname(), /* server name */
|
||||||
user_info->smb_name, /* user name logging on. */
|
user_info->client.account_name, /* user name logging on. */
|
||||||
user_info->client_domain, /* domain name */
|
user_info->client_domain, /* domain name */
|
||||||
user_info->workstation_name, /* workstation name */
|
user_info->workstation_name, /* workstation name */
|
||||||
(uchar *)auth_context->challenge.data, /* 8 byte challenge. */
|
(uchar *)auth_context->challenge.data, /* 8 byte challenge. */
|
||||||
@@ -281,7 +281,7 @@ static NTSTATUS check_netlogond_security(const struct auth_context *auth_context
|
|||||||
|
|
||||||
okay:
|
okay:
|
||||||
|
|
||||||
status = make_server_info_info3(mem_ctx, user_info->smb_name,
|
status = make_server_info_info3(mem_ctx, user_info->client.account_name,
|
||||||
user_info->domain, server_info,
|
user_info->domain, server_info,
|
||||||
info3);
|
info3);
|
||||||
if (!NT_STATUS_IS_OK(status)) {
|
if (!NT_STATUS_IS_OK(status)) {
|
||||||
|
|||||||
@@ -63,7 +63,7 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co
|
|||||||
}
|
}
|
||||||
|
|
||||||
secret_str_len = strlen(user_info->domain) + 1 +
|
secret_str_len = strlen(user_info->domain) + 1 +
|
||||||
strlen(user_info->smb_name) + 1 +
|
strlen(user_info->client.account_name) + 1 +
|
||||||
16 + 1 + /* 8 bytes of challenge going to 16 */
|
16 + 1 + /* 8 bytes of challenge going to 16 */
|
||||||
48 + 1 + /* 24 bytes of challenge going to 48 */
|
48 + 1 + /* 24 bytes of challenge going to 48 */
|
||||||
48 + 1;
|
48 + 1;
|
||||||
@@ -75,7 +75,7 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co
|
|||||||
|
|
||||||
safe_strcpy( secret_str, user_info->domain, secret_str_len - 1);
|
safe_strcpy( secret_str, user_info->domain, secret_str_len - 1);
|
||||||
safe_strcat( secret_str, "\n", secret_str_len - 1);
|
safe_strcat( secret_str, "\n", secret_str_len - 1);
|
||||||
safe_strcat( secret_str, user_info->smb_name, secret_str_len - 1);
|
safe_strcat( secret_str, user_info->client.account_name, secret_str_len - 1);
|
||||||
safe_strcat( secret_str, "\n", secret_str_len - 1);
|
safe_strcat( secret_str, "\n", secret_str_len - 1);
|
||||||
|
|
||||||
for (i = 0; i < 8; i++) {
|
for (i = 0; i < 8; i++) {
|
||||||
@@ -109,7 +109,7 @@ static NTSTATUS script_check_user_credentials(const struct auth_context *auth_co
|
|||||||
|
|
||||||
if (ret) {
|
if (ret) {
|
||||||
DEBUG(1,("script_check_user_credentials: failed to authenticate %s\\%s\n",
|
DEBUG(1,("script_check_user_credentials: failed to authenticate %s\\%s\n",
|
||||||
user_info->domain, user_info->smb_name ));
|
user_info->domain, user_info->client.account_name ));
|
||||||
/* auth failed. */
|
/* auth failed. */
|
||||||
return NT_STATUS_NO_SUCH_USER;
|
return NT_STATUS_NO_SUCH_USER;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -395,14 +395,14 @@ use this machine as the password server.\n"));
|
|||||||
if (!user_info->encrypted) {
|
if (!user_info->encrypted) {
|
||||||
/* Plaintext available */
|
/* Plaintext available */
|
||||||
nt_status = cli_session_setup(
|
nt_status = cli_session_setup(
|
||||||
cli, user_info->smb_name,
|
cli, user_info->client.account_name,
|
||||||
(char *)user_info->plaintext_password.data,
|
(char *)user_info->plaintext_password.data,
|
||||||
user_info->plaintext_password.length,
|
user_info->plaintext_password.length,
|
||||||
NULL, 0, user_info->domain);
|
NULL, 0, user_info->domain);
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
nt_status = cli_session_setup(
|
nt_status = cli_session_setup(
|
||||||
cli, user_info->smb_name,
|
cli, user_info->client.account_name,
|
||||||
(char *)user_info->lm_resp.data,
|
(char *)user_info->lm_resp.data,
|
||||||
user_info->lm_resp.length,
|
user_info->lm_resp.length,
|
||||||
(char *)user_info->nt_resp.data,
|
(char *)user_info->nt_resp.data,
|
||||||
|
|||||||
@@ -63,7 +63,7 @@ static NTSTATUS check_wbc_security(const struct auth_context *auth_context,
|
|||||||
|
|
||||||
DEBUG(10, ("Check auth for: [%s]", user_info->internal_username));
|
DEBUG(10, ("Check auth for: [%s]", user_info->internal_username));
|
||||||
|
|
||||||
params.account_name = user_info->smb_name;
|
params.account_name = user_info->client.account_name;
|
||||||
params.domain_name = user_info->domain;
|
params.domain_name = user_info->domain;
|
||||||
params.workstation_name = user_info->workstation_name;
|
params.workstation_name = user_info->workstation_name;
|
||||||
|
|
||||||
@@ -120,7 +120,7 @@ static NTSTATUS check_wbc_security(const struct auth_context *auth_context,
|
|||||||
DEBUG(10,("wbcAuthenticateUserEx succeeded\n"));
|
DEBUG(10,("wbcAuthenticateUserEx succeeded\n"));
|
||||||
|
|
||||||
nt_status = make_server_info_wbcAuthUserInfo(mem_ctx,
|
nt_status = make_server_info_wbcAuthUserInfo(mem_ctx,
|
||||||
user_info->smb_name,
|
user_info->client.account_name,
|
||||||
user_info->domain,
|
user_info->domain,
|
||||||
info, server_info);
|
info, server_info);
|
||||||
wbcFreeMemory(info);
|
wbcFreeMemory(info);
|
||||||
|
|||||||
@@ -59,7 +59,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
|
|||||||
|
|
||||||
/* Send off request */
|
/* Send off request */
|
||||||
|
|
||||||
params.account_name = user_info->smb_name;
|
params.account_name = user_info->client.account_name;
|
||||||
params.domain_name = user_info->domain;
|
params.domain_name = user_info->domain;
|
||||||
params.workstation_name = user_info->workstation_name;
|
params.workstation_name = user_info->workstation_name;
|
||||||
|
|
||||||
@@ -114,7 +114,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
|
|||||||
}
|
}
|
||||||
|
|
||||||
nt_status = make_server_info_wbcAuthUserInfo(mem_ctx,
|
nt_status = make_server_info_wbcAuthUserInfo(mem_ctx,
|
||||||
user_info->smb_name,
|
user_info->client.account_name,
|
||||||
user_info->domain,
|
user_info->domain,
|
||||||
info, server_info);
|
info, server_info);
|
||||||
wbcFreeMemory(info);
|
wbcFreeMemory(info);
|
||||||
|
|||||||
@@ -99,7 +99,7 @@ static NTSTATUS sam_password_ok(TALLOC_CTX *mem_ctx,
|
|||||||
challenge,
|
challenge,
|
||||||
&user_info->lm_resp, &user_info->nt_resp,
|
&user_info->lm_resp, &user_info->nt_resp,
|
||||||
username,
|
username,
|
||||||
user_info->smb_name,
|
user_info->client.account_name,
|
||||||
user_info->client_domain,
|
user_info->client_domain,
|
||||||
lm_hash,
|
lm_hash,
|
||||||
nt_hash,
|
nt_hash,
|
||||||
|
|||||||
@@ -52,8 +52,8 @@ NTSTATUS make_user_info(struct auth_usersupplied_info **user_info,
|
|||||||
|
|
||||||
DEBUG(5,("making strings for %s's user_info struct\n", internal_username));
|
DEBUG(5,("making strings for %s's user_info struct\n", internal_username));
|
||||||
|
|
||||||
(*user_info)->smb_name = SMB_STRDUP(smb_name);
|
(*user_info)->client.account_name = SMB_STRDUP(smb_name);
|
||||||
if ((*user_info)->smb_name == NULL) {
|
if ((*user_info)->client.account_name == NULL) {
|
||||||
free_user_info(user_info);
|
free_user_info(user_info);
|
||||||
return NT_STATUS_NO_MEMORY;
|
return NT_STATUS_NO_MEMORY;
|
||||||
}
|
}
|
||||||
@@ -113,11 +113,11 @@ void free_user_info(struct auth_usersupplied_info **user_info)
|
|||||||
{
|
{
|
||||||
DEBUG(5,("attempting to free (and zero) a user_info structure\n"));
|
DEBUG(5,("attempting to free (and zero) a user_info structure\n"));
|
||||||
if (*user_info != NULL) {
|
if (*user_info != NULL) {
|
||||||
if ((*user_info)->smb_name) {
|
if ((*user_info)->client.account_name) {
|
||||||
DEBUG(10,("structure was created for %s\n",
|
DEBUG(10,("structure was created for %s\n",
|
||||||
(*user_info)->smb_name));
|
(*user_info)->client.account_name));
|
||||||
}
|
}
|
||||||
SAFE_FREE((*user_info)->smb_name);
|
SAFE_FREE((*user_info)->client.account_name);
|
||||||
SAFE_FREE((*user_info)->internal_username);
|
SAFE_FREE((*user_info)->internal_username);
|
||||||
SAFE_FREE((*user_info)->client_domain);
|
SAFE_FREE((*user_info)->client_domain);
|
||||||
SAFE_FREE((*user_info)->domain);
|
SAFE_FREE((*user_info)->domain);
|
||||||
|
|||||||
@@ -27,12 +27,14 @@ struct auth_usersupplied_info {
|
|||||||
DATA_BLOB plaintext_password;
|
DATA_BLOB plaintext_password;
|
||||||
|
|
||||||
bool encrypted;
|
bool encrypted;
|
||||||
|
struct {
|
||||||
|
char *account_name; /* username before mapping */
|
||||||
|
} client;
|
||||||
|
|
||||||
bool was_mapped; /* Did the username map actually match? */
|
bool was_mapped; /* Did the username map actually match? */
|
||||||
char *client_domain; /* domain name string */
|
char *client_domain; /* domain name string */
|
||||||
char *domain; /* domain name after mapping */
|
char *domain; /* domain name after mapping */
|
||||||
char *internal_username; /* username after mapping */
|
char *internal_username; /* username after mapping */
|
||||||
char *smb_name; /* username before mapping */
|
|
||||||
const char *workstation_name; /* workstation name (netbios calling
|
const char *workstation_name; /* workstation name (netbios calling
|
||||||
* name) unicode string */
|
* name) unicode string */
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user