sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-25 17:57:42 +03:00
Code

auth: Fill in user_info->service_description from all callers

Browse Source 
This will allow the logging code to make clear which protocol an authentication was for.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
Andrew Bartlett 2017-02-20 14:52:07 +13:00
parent 2235982092
commit c048918959
9 changed files with 49 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
source3/auth/auth_ntlmssp.c
View File

@ -169,6 +169,7 @@ NTSTATUS auth3_check_password(struct auth4_context *auth4_context,
user_info->client.domain_name,
user_info->workstation_name,
user_info->remote_host,
user_info->service_description,
user_info->password.response.lanman.data ? &user_info->password.response.lanman : NULL,
user_info->password.response.nt.data ? &user_info->password.response.nt : NULL,
NULL, NULL, NULL,

20
source3/auth/auth_util.c
View File

@ -97,6 +97,7 @@ NTSTATUS make_user_info_map(TALLOC_CTX *mem_ctx,
const char *client_domain,
const char *workstation_name,
const struct tsocket_address *remote_address,
const char *service_description,
const DATA_BLOB *lm_pwd,
const DATA_BLOB *nt_pwd,
const struct samr_Password *lm_interactive_pwd,
@ -149,10 +150,11 @@ NTSTATUS make_user_info_map(TALLOC_CTX *mem_ctx,
* primary domain name */
result = make_user_info(mem_ctx, user_info, smb_name, internal_username,
client_domain, domain, workstation_name,
remote_address, lm_pwd, nt_pwd,
lm_interactive_pwd, nt_interactive_pwd,
plaintext, password_state);
client_domain, domain, workstation_name,
remote_address, service_description,
lm_pwd, nt_pwd,
lm_interactive_pwd, nt_interactive_pwd,
plaintext, password_state);
if (NT_STATUS_IS_OK(result)) {
/* We have tried mapping */
(*user_info)->mapped_state = true;
@ -188,6 +190,7 @@ bool make_user_info_netlogon_network(TALLOC_CTX *mem_ctx,
smb_name, client_domain,
workstation_name,
remote_address,
"SamLogon",
lm_pwd_len ? &lm_blob : NULL,
nt_pwd_len ? &nt_blob : NULL,
NULL, NULL, NULL,
@ -259,6 +262,7 @@ bool make_user_info_netlogon_interactive(TALLOC_CTX *mem_ctx,
user_info,
smb_name, client_domain, workstation_name,
remote_address,
"SamLogon",
lm_interactive_pwd ? &local_lm_blob : NULL,
nt_interactive_pwd ? &local_nt_blob : NULL,
lm_interactive_pwd ? &lm_pwd : NULL,
@ -286,6 +290,7 @@ bool make_user_info_for_reply(TALLOC_CTX *mem_ctx,
const char *smb_name,
const char *client_domain,
const struct tsocket_address *remote_address,
const char *service_description,
const uint8_t chal[8],
DATA_BLOB plaintext_password)
{
@ -333,6 +338,7 @@ bool make_user_info_for_reply(TALLOC_CTX *mem_ctx,
user_info, smb_name, smb_name, client_domain, client_domain,
get_remote_machine_name(),
remote_address,
service_description,
local_lm_blob.data ? &local_lm_blob : NULL,
local_nt_blob.data ? &local_nt_blob : NULL,
NULL, NULL,
@ -357,7 +363,8 @@ NTSTATUS make_user_info_for_reply_enc(TALLOC_CTX *mem_ctx,
const char *smb_name,
const char *client_domain,
const struct tsocket_address *remote_address,
DATA_BLOB lm_resp, DATA_BLOB nt_resp)
const char *service_description,
DATA_BLOB lm_resp, DATA_BLOB nt_resp)
{
bool allow_raw = lp_raw_ntlmv2_auth();
@ -378,6 +385,7 @@ NTSTATUS make_user_info_for_reply_enc(TALLOC_CTX *mem_ctx,
client_domain, client_domain,
get_remote_machine_name(),
remote_address,
service_description,
lm_resp.data && (lm_resp.length > 0) ? &lm_resp : NULL,
nt_resp.data && (nt_resp.length > 0) ? &nt_resp : NULL,
NULL, NULL, NULL,
@ -390,6 +398,7 @@ NTSTATUS make_user_info_for_reply_enc(TALLOC_CTX *mem_ctx,
bool make_user_info_guest(TALLOC_CTX *mem_ctx,
const struct tsocket_address *remote_address,
const char *service_description,
struct auth_usersupplied_info **user_info)
{
NTSTATUS nt_status;
@ -400,6 +409,7 @@ bool make_user_info_guest(TALLOC_CTX *mem_ctx,
"","",
"",
remote_address,
service_description,
NULL, NULL,
NULL, NULL,
NULL,

5
source3/auth/proto.h
View File

@ -162,6 +162,7 @@ NTSTATUS make_user_info_map(TALLOC_CTX *mem_ctx,
const char *client_domain,
const char *workstation_name,
const struct tsocket_address *remote_address,
const char *service_description,
const DATA_BLOB *lm_pwd,
const DATA_BLOB *nt_pwd,
const struct samr_Password *lm_interactive_pwd,
@ -194,6 +195,7 @@ bool make_user_info_for_reply(TALLOC_CTX *mem_ctx,
const char *smb_name,
const char *client_domain,
const struct tsocket_address *remote_address,
const char *service_description,
const uint8_t chal[8],
DATA_BLOB plaintext_password);
NTSTATUS make_user_info_for_reply_enc(TALLOC_CTX *mem_ctx,
@ -201,9 +203,11 @@ NTSTATUS make_user_info_for_reply_enc(TALLOC_CTX *mem_ctx,
const char *smb_name,
const char *client_domain,
const struct tsocket_address *remote_address,
const char *service_description,
DATA_BLOB lm_resp, DATA_BLOB nt_resp);
bool make_user_info_guest(TALLOC_CTX *mem_ctx,
const struct tsocket_address *remote_address,
const char *service_description,
struct auth_usersupplied_info **user_info);
struct samu;
@ -272,6 +276,7 @@ NTSTATUS make_user_info(TALLOC_CTX *mem_ctx,
const char *domain,
const char *workstation_name,
const struct tsocket_address *remote_address,
const char *service_description,
const DATA_BLOB *lm_pwd,
const DATA_BLOB *nt_pwd,
const struct samr_Password *lm_interactive_pwd,

7
source3/auth/user_info.c
View File

@ -49,6 +49,7 @@ NTSTATUS make_user_info(TALLOC_CTX *mem_ctx,
const char *domain,
const char *workstation_name,
const struct tsocket_address *remote_address,
const char *service_description,
const DATA_BLOB *lm_pwd,
const DATA_BLOB *nt_pwd,
const struct samr_Password *lm_interactive_pwd,
@ -105,6 +106,12 @@ NTSTATUS make_user_info(TALLOC_CTX *mem_ctx,
return NT_STATUS_NO_MEMORY;
}
user_info->service_description = talloc_strdup(user_info, service_description);
if (user_info->service_description == NULL) {
TALLOC_FREE(user_info);
return NT_STATUS_NO_MEMORY;
}
DEBUG(5,("making blobs for %s's user_info struct\n", internal_username));
if (lm_pwd && lm_pwd->data) {

5
source3/smbd/sesssetup.c
View File

@ -97,7 +97,8 @@ static NTSTATUS check_guest_password(const struct tsocket_address *remote_addres
auth_context->get_ntlm_challenge(auth_context,
chal);
if (!make_user_info_guest(talloc_tos(), remote_address, &user_info)) {
if (!make_user_info_guest(talloc_tos(), remote_address, "SMB",
&user_info)) {
TALLOC_FREE(auth_context);
return NT_STATUS_NO_MEMORY;
}
@ -896,6 +897,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
&user_info, user,
domain,
sconn->remote_address,
"SMB",
lm_resp, nt_resp);
if (NT_STATUS_IS_OK(nt_status)) {
nt_status = auth_check_password_session_info(negprot_auth_context,
@ -917,6 +919,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
&user_info,
user, domain,
sconn->remote_address,
"SMB",
chal,
plaintext_password)) {
nt_status = NT_STATUS_NO_MEMORY;

3
source3/torture/pdbtest.c
View File

@ -282,7 +282,8 @@ static bool test_auth(TALLOC_CTX *mem_ctx, struct samu *pdb_entry)
status = make_user_info(mem_ctx,
&user_info, pdb_get_username(pdb_entry), pdb_get_username(pdb_entry),
pdb_get_domain(pdb_entry), pdb_get_domain(pdb_entry), lp_netbios_name(),
tsocket_address, NULL, &nt_resp, NULL, NULL, NULL,
tsocket_address, "pdbtest",
NULL, &nt_resp, NULL, NULL, NULL,
AUTH_PASSWORD_RESPONSE);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("Failed to test authentication with check_sam_security_info3: %s\n", nt_errstr(status)));

10
source3/winbindd/winbindd_pam.c
View File

@ -1254,8 +1254,16 @@ static NTSTATUS winbindd_dual_auth_passdb(TALLOC_CTX *mem_ctx,
TALLOC_FREE(frame);
return NT_STATUS_NO_MEMORY;
}
/*
* TODO: We should get the service description passed in from
* the winbind client, so we can have "smb2", "squid" or "samr" logged
* here.
*/
status = make_user_info(frame, &user_info, user, user, domain, domain,
lp_netbios_name(), local, lm_resp, nt_resp, NULL, NULL,
lp_netbios_name(), local,
"winbind",
lm_resp, nt_resp, NULL, NULL,
NULL, AUTH_PASSWORD_RESPONSE);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("make_user_info failed: %s\n", nt_errstr(status)));

2
source4/rpc_server/netlogon/dcerpc_netlogon.c
View File

@ -858,6 +858,8 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
user_info = talloc_zero(mem_ctx, struct auth_usersupplied_info);
NT_STATUS_HAVE_NO_MEMORY(user_info);
user_info->service_description = "SamLogon";
netlogon_creds_decrypt_samlogon_logon(creds,
r->in.logon_level,
r->in.logon);

4
source4/smb_server/smb/sesssetup.c
View File

@ -150,6 +150,8 @@ static void sesssetup_old(struct smbsrv_request *req, union smb_sesssetup *sess)
user_info = talloc_zero(req, struct auth_usersupplied_info);
if (!user_info) goto nomem;
user_info->service_description = "SMB";
user_info->mapped_state = false;
user_info->logon_parameters = 0;
@ -328,6 +330,8 @@ static void sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *sess)
user_info = talloc_zero(req, struct auth_usersupplied_info);
if (!user_info) goto nomem;
user_info->service_description = "SMB";
user_info->mapped_state = false;
user_info->logon_parameters = 0;
user_info->flags = 0;