1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

winbindd: rename winbindd_pam_auth_pac_send and let it return validation

Just a preperational step. The next commit will update the caller to
make use of the validation info.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Stefan Metzmacher 2018-02-09 08:38:18 +01:00 committed by Ralph Boehme
parent 5444cc4e7e
commit 8422c001be
3 changed files with 28 additions and 18 deletions

View File

@ -2893,8 +2893,10 @@ out:
return status;
}
NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
struct netr_SamInfo3 **info3)
NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
bool *p_is_trusted,
uint16_t *p_validation_level,
union netr_Validation **p_validation)
{
struct winbindd_request *req = state->request;
DATA_BLOB pac_blob;
@ -2909,6 +2911,10 @@ NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
bool is_trusted = false;
uint32_t i;
*p_is_trusted = false;
*p_validation_level = 0;
*p_validation = NULL;
pac_blob = data_blob_const(req->extra_data.data, req->extra_len);
result = extract_pac_vrfy_sigs(state->mem_ctx, pac_blob, &pac_data);
if (NT_STATUS_IS_OK(result)) {
@ -3004,14 +3010,21 @@ NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
}
}
*info3 = info3_copy;
*p_is_trusted = is_trusted;
*p_validation_level = validation_level;
*p_validation = validation;
return NT_STATUS_OK;
}
#else /* HAVE_KRB5 */
NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
struct netr_SamInfo3 **info3)
NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
bool *p_is_trusted,
uint16_t *p_validation_level,
union netr_Validation **p_validation);
{
*p_is_trusted = false;
*p_validation_level = 0;
*p_validation = NULL;
return NT_STATUS_NO_SUCH_USER;
}
#endif /* HAVE_KRB5 */

View File

@ -49,12 +49,15 @@ struct tevent_req *winbindd_pam_auth_crap_send(
state->flags = request->flags;
if (state->flags & WBFLAG_PAM_AUTH_PAC) {
struct netr_SamInfo3 *info3 = NULL;
bool is_trusted = false;
uint16_t validation_level;
union netr_Validation *validation = NULL;
NTSTATUS status;
status = winbindd_pam_auth_pac_send(cli, &info3);
status = winbindd_pam_auth_pac_verify(cli,
&is_trusted,
&validation_level,
&validation);
if (tevent_req_nterror(req, status)) {
return tevent_req_post(req, ev);
}
@ -67,14 +70,6 @@ struct tevent_req *winbindd_pam_auth_crap_send(
state->response->result = WINBINDD_PENDING;
state->response->length = sizeof(struct winbindd_response);
status = map_info3_to_validation(talloc_tos(),
info3,
&validation_level,
&validation);
if (tevent_req_nterror(req, status)) {
return tevent_req_post(req, ev);
}
status = append_auth_data(state->response,
state->response,
state->flags,

View File

@ -419,8 +419,10 @@ enum winbindd_result winbindd_dual_pam_chauthtok(struct winbindd_domain *contact
enum winbindd_result winbindd_dual_pam_logoff(struct winbindd_domain *domain,
struct winbindd_cli_state *state) ;
enum winbindd_result winbindd_dual_pam_chng_pswd_auth_crap(struct winbindd_domain *domainSt, struct winbindd_cli_state *state);
NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
struct netr_SamInfo3 **info3);
NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
bool *p_is_trusted,
uint16_t *p_validation_level,
union netr_Validation **p_validation);
NTSTATUS winbind_dual_SamLogon(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,