#define AUTH_SESSION_INFO_DEFAULT_GROUPS 0x01 /* Add the user to the default world and network groups */
#define AUTH_SESSION_INFO_AUTHENTICATED 0x02 /* Add the user to the 'authenticated users' group */
#define AUTH_SESSION_INFO_SIMPLE_PRIVILEGES 0x04 /* Use a trivial map between users and privilages, rather than a DB */
+#define AUTH_SESSION_INFO_UNIX_TOKEN 0x08 /* The returned token must have the unix_token and unix_info elements provided */
struct auth_method_context;
struct auth_check_password_request;
struct auth_session_info **session_info)
{
NTSTATUS nt_status;
- uint32_t flags = AUTH_SESSION_INFO_DEFAULT_GROUPS;
+ uint32_t session_info_flags = 0;
+
+ if (gensec_security->want_features & GENSEC_FEATURE_UNIX_TOKEN) {
+ session_info_flags |= AUTH_SESSION_INFO_UNIX_TOKEN;
+ }
+
+ session_info_flags |= AUTH_SESSION_INFO_DEFAULT_GROUPS;
if (user_info_dc->info->authenticated) {
- flags |= AUTH_SESSION_INFO_AUTHENTICATED;
+ session_info_flags |= AUTH_SESSION_INFO_AUTHENTICATED;
}
+
if (gensec_security->auth_context) {
nt_status = gensec_security->auth_context->generate_session_info(mem_ctx, gensec_security->auth_context,
user_info_dc,
- flags,
+ session_info_flags,
session_info);
} else {
- flags |= AUTH_SESSION_INFO_SIMPLE_PRIVILEGES;
+ session_info_flags |= AUTH_SESSION_INFO_SIMPLE_PRIVILEGES;
nt_status = auth_generate_session_info(mem_ctx,
NULL,
NULL,
- user_info_dc, flags,
+ user_info_dc, session_info_flags,
session_info);
}
return nt_status;
#define GENSEC_FEATURE_DATAGRAM_MODE 0x00000020
#define GENSEC_FEATURE_SIGN_PKT_HEADER 0x00000040
#define GENSEC_FEATURE_NEW_SPNEGO 0x00000080
+#define GENSEC_FEATURE_UNIX_TOKEN 0x00000100
/* GENSEC mode */
enum gensec_role
git.samba.org / sfrench / samba-autobuild / .git / commitdiff