1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00

s4:kdc: Add parameters for claims and device info to authn_policy_authenticate_to_service()

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton 2023-09-27 15:49:59 +13:00 committed by Joseph Sutton
parent 3ae7599830
commit 2f9d2ff895
4 changed files with 15 additions and 3 deletions

View File

@ -822,7 +822,10 @@ static NTSTATUS authsam_check_netlogon_trust(TALLOC_CTX *mem_ctx,
lp_ctx, lp_ctx,
AUTHN_POLICY_AUTH_TYPE_NTLM, AUTHN_POLICY_AUTH_TYPE_NTLM,
user_info_dc, user_info_dc,
NULL /* device_info */,
(struct auth_claims) {},
authn_server_policy, authn_server_policy,
(struct authn_policy_flags) {},
&server_audit_info); &server_audit_info);
if (server_audit_info != NULL) { if (server_audit_info != NULL) {
*server_audit_info_out = talloc_move(mem_ctx, &server_audit_info); *server_audit_info_out = talloc_move(mem_ctx, &server_audit_info);

View File

@ -1177,7 +1177,10 @@ NTSTATUS authn_policy_authenticate_to_service(TALLOC_CTX *mem_ctx,
struct loadparm_context* lp_ctx, struct loadparm_context* lp_ctx,
const enum authn_policy_auth_type auth_type, const enum authn_policy_auth_type auth_type,
const struct auth_user_info_dc *user_info, const struct auth_user_info_dc *user_info,
const struct auth_user_info_dc *device_info,
const struct auth_claims auth_claims,
const struct authn_server_policy *server_policy, const struct authn_server_policy *server_policy,
const struct authn_policy_flags authn_policy_flags,
struct authn_audit_info **server_audit_info_out) struct authn_audit_info **server_audit_info_out)
{ {
NTSTATUS status = NT_STATUS_OK; NTSTATUS status = NT_STATUS_OK;
@ -1210,12 +1213,12 @@ NTSTATUS authn_policy_authenticate_to_service(TALLOC_CTX *mem_ctx,
samdb, samdb,
lp_ctx, lp_ctx,
user_info, user_info,
NULL /* device_info */, device_info,
(struct auth_claims) {}, auth_claims,
&server_policy->policy, &server_policy->policy,
authn_int64_none() /* tgt_lifetime_raw */, authn_int64_none() /* tgt_lifetime_raw */,
event, event,
(struct authn_policy_flags) {}, authn_policy_flags,
restrictions, restrictions,
server_audit_info_out); server_audit_info_out);
return status; return status;

View File

@ -129,7 +129,10 @@ NTSTATUS authn_policy_authenticate_to_service(TALLOC_CTX *mem_ctx,
struct loadparm_context* lp_ctx, struct loadparm_context* lp_ctx,
enum authn_policy_auth_type auth_type, enum authn_policy_auth_type auth_type,
const struct auth_user_info_dc *user_info, const struct auth_user_info_dc *user_info,
const struct auth_user_info_dc *device_info,
const struct auth_claims auth_claims,
const struct authn_server_policy *server_policy, const struct authn_server_policy *server_policy,
const struct authn_policy_flags authn_policy_flags,
struct authn_audit_info **server_audit_info_out); struct authn_audit_info **server_audit_info_out);
/* Create a structure containing auditing information. */ /* Create a structure containing auditing information. */

View File

@ -1671,7 +1671,10 @@ krb5_error_code samba_kdc_allowed_to_authenticate_to(TALLOC_CTX *mem_ctx,
lp_ctx, lp_ctx,
AUTHN_POLICY_AUTH_TYPE_KERBEROS, AUTHN_POLICY_AUTH_TYPE_KERBEROS,
client_info, client_info,
NULL /* device_info */,
(struct auth_claims) {},
server_policy, server_policy,
(struct authn_policy_flags) {},
server_audit_info_out); server_audit_info_out);
if (!NT_STATUS_IS_OK(status)) { if (!NT_STATUS_IS_OK(status)) {
if (status_out != NULL) { if (status_out != NULL) {