sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-27 22:50:26 +03:00
Code

auth: Add "auth_description" to allow logs to distinguish simple bind (etc)

Browse Source 
This will allow the authentication log to indicate clearly how the password was
supplied to the server.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
This commit is contained in:
Andrew Bartlett 2017-02-21 11:57:57 +13:00
parent 5f5756db71
commit ea3f00f2b5
5 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
auth/common_auth.h
View File

@ -82,6 +82,7 @@ struct auth_usersupplied_info
} netlogon_trust_account;
const char *service_description;
const char *auth_description;
};
struct auth_method_context;

1
auth/ntlmssp/ntlmssp_server.c
View File

@ -720,6 +720,7 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec
user_info->remote_host = gensec_get_remote_address(gensec_security);
user_info->service_description
= gensec_get_target_service_description(gensec_security);
user_info->auth_description = "NTLMSSP";
user_info->password_state = AUTH_PASSWORD_RESPONSE;
user_info->password.response.lanman = ntlmssp_state->lm_resp;

6
source3/smbd/sesssetup.c
View File

@ -103,6 +103,8 @@ static NTSTATUS check_guest_password(const struct tsocket_address *remote_addres
return NT_STATUS_NO_MEMORY;
}
user_info->auth_description = "guest";
nt_status = auth_check_password_session_info(auth_context,
mem_ctx, user_info, session_info);
TALLOC_FREE(user_info);
@ -899,6 +901,8 @@ void reply_sesssetup_and_X(struct smb_request *req)
sconn->remote_address,
"SMB",
lm_resp, nt_resp);
user_info->auth_description = "bare-NTLM";
if (NT_STATUS_IS_OK(nt_status)) {
nt_status = auth_check_password_session_info(negprot_auth_context,
req, user_info, &session_info);
@ -925,6 +929,8 @@ void reply_sesssetup_and_X(struct smb_request *req)
nt_status = NT_STATUS_NO_MEMORY;
}
user_info->auth_description = "plaintext";
if (NT_STATUS_IS_OK(nt_status)) {
nt_status = auth_check_password_session_info(plaintext_auth_context,
req, user_info, &session_info);

4
source4/auth/ntlm/auth_simple.c
View File

@ -86,7 +86,9 @@ _PUBLIC_ NTSTATUS authenticate_ldap_simple_bind(TALLOC_CTX *mem_ctx,
user_info->remote_host = remote_address;
user_info->local_host = local_address;
user_info->service_description = "ldap simple bind";
user_info->service_description = "ldap";
user_info->auth_description = "simple bind";
user_info->password_state = AUTH_PASSWORD_PLAIN;
user_info->password.plaintext = talloc_strdup(user_info, password);

2
source4/rpc_server/netlogon/dcerpc_netlogon.c
View File

@ -909,6 +909,7 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
case NetlogonServiceInformation:
case NetlogonInteractiveTransitiveInformation:
case NetlogonServiceTransitiveInformation:
user_info->auth_description = "interactive";
user_info->logon_parameters
= r->in.logon->password->identity_info.parameter_control;
@ -932,6 +933,7 @@ static NTSTATUS dcesrv_netr_LogonSamLogon_base(struct dcesrv_call_state *dce_cal
break;
case NetlogonNetworkInformation:
case NetlogonNetworkTransitiveInformation:
user_info->auth_description = "network";
nt_status = auth_context_set_challenge(
auth_context,