summaryrefslogtreecommitdiff
path: root/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-12-31 22:45:51 +1100
committerStefan Metzmacher <metze@samba.org>2012-01-11 08:59:34 +0100
commit14c8a13d3e2b2eb199e9eb26fa41f89bc380509e (patch)
treed6914966c03c312c15f45a6272cfebf9cec142b5 /auth
parentb21351463192d72f0b4faeace81bea12b47f810e (diff)
downloadsamba-14c8a13d3e2b2eb199e9eb26fa41f89bc380509e.tar.gz
auth: make auth4_context common to provide access to generate_session_info_pac()
By providing this context, a function pointer for generate_session_info_pac() can be inserted into gensec, allowing the s3 PAC processing in an otherwise more generic gensec module. Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'auth')
-rw-r--r--auth/common_auth.h59
1 files changed, 59 insertions, 0 deletions
diff --git a/auth/common_auth.h b/auth/common_auth.h
index e9c4bb5f63..ce3444ce7a 100644
--- a/auth/common_auth.h
+++ b/auth/common_auth.h
@@ -65,4 +65,63 @@ struct auth_usersupplied_info
uint32_t flags;
};
+struct auth_method_context;
+struct tevent_context;
+struct imessaging_context;
+struct loadparm_context;
+struct ldb_context;
+struct smb_krb5_context;
+
+struct auth4_context {
+ struct {
+ /* Who set this up in the first place? */
+ const char *set_by;
+
+ bool may_be_modified;
+
+ DATA_BLOB data;
+ } challenge;
+
+ /* methods, in the order they should be called */
+ struct auth_method_context *methods;
+
+ /* the event context to use for calls that can block */
+ struct tevent_context *event_ctx;
+
+ /* the messaging context which can be used by backends */
+ struct imessaging_context *msg_ctx;
+
+ /* loadparm context */
+ struct loadparm_context *lp_ctx;
+
+ /* SAM database for this local machine - to fill in local groups, or to authenticate local NTLM users */
+ struct ldb_context *sam_ctx;
+
+ NTSTATUS (*check_password)(struct auth4_context *auth_ctx,
+ TALLOC_CTX *mem_ctx,
+ const struct auth_usersupplied_info *user_info,
+ struct auth_user_info_dc **user_info_dc);
+
+ NTSTATUS (*get_challenge)(struct auth4_context *auth_ctx, uint8_t chal[8]);
+
+ bool (*challenge_may_be_modified)(struct auth4_context *auth_ctx);
+
+ NTSTATUS (*set_challenge)(struct auth4_context *auth_ctx, const uint8_t chal[8], const char *set_by);
+
+ NTSTATUS (*generate_session_info)(TALLOC_CTX *mem_ctx,
+ struct auth4_context *auth_context,
+ struct auth_user_info_dc *user_info_dc,
+ uint32_t session_info_flags,
+ struct auth_session_info **session_info);
+
+ NTSTATUS (*generate_session_info_pac)(struct auth4_context *auth_ctx,
+ TALLOC_CTX *mem_ctx,
+ struct smb_krb5_context *smb_krb5_context,
+ DATA_BLOB *pac_blob,
+ const char *principal_name,
+ const struct tsocket_address *remote_address,
+ uint32_t session_info_flags,
+ struct auth_session_info **session_info);
+};
+
#endif