#define USER_INFO_CASE_INSENSITIVE_USERNAME 0x01 /* username may be in any case */
#define USER_INFO_CASE_INSENSITIVE_PASSWORD 0x02 /* password may be in any case */
#define USER_INFO_DONT_CHECK_UNIX_ACCOUNT 0x04 /* don't check unix account status */
-#define USER_INFO_INTERACTIVE_LOGON 0x08 /* don't check unix account status */
+#define USER_INFO_INTERACTIVE_LOGON 0x08 /* Interactive logon */
+#define USER_INFO_LOCAL_SAM_ONLY 0x10 /* Only authenticate against the local SAM, do not map missing passwords to NO_SUCH_USER */
+#define USER_INFO_INFO3_AND_NO_AUTHZ 0x20 /* Only fill in server_info->info3 and do not do any authorization steps */
enum auth_password_state {
AUTH_PASSWORD_PLAIN = 1,
struct ldb_context;
struct smb_krb5_context;
+#define AUTH_METHOD_LOCAL_SAM 0x01
+
struct auth4_context {
struct {
/* Who set this up in the first place? */
const char *set_by;
- bool may_be_modified;
-
DATA_BLOB data;
} challenge;
/* Private data for the callbacks on this auth context */
void *private_data;
- NTSTATUS (*check_password)(struct auth4_context *auth_ctx,
- TALLOC_CTX *mem_ctx,
- const struct auth_usersupplied_info *user_info,
- struct auth_user_info_dc **user_info_dc);
-
- NTSTATUS (*get_challenge)(struct auth4_context *auth_ctx, uint8_t chal[8]);
+ NTSTATUS (*check_ntlm_password)(struct auth4_context *auth_ctx,
+ TALLOC_CTX *mem_ctx,
+ const struct auth_usersupplied_info *user_info,
+ void **server_returned_info,
+ DATA_BLOB *nt_session_key, DATA_BLOB *lm_session_key);
- bool (*challenge_may_be_modified)(struct auth4_context *auth_ctx);
+ NTSTATUS (*get_ntlm_challenge)(struct auth4_context *auth_ctx, uint8_t chal[8]);
- NTSTATUS (*set_challenge)(struct auth4_context *auth_ctx, const uint8_t chal[8], const char *set_by);
+ NTSTATUS (*set_ntlm_challenge)(struct auth4_context *auth_ctx, const uint8_t chal[8], const char *set_by);
- NTSTATUS (*generate_session_info)(TALLOC_CTX *mem_ctx,
- struct auth4_context *auth_context,
- struct auth_user_info_dc *user_info_dc,
+ NTSTATUS (*generate_session_info)(struct auth4_context *auth_context,
+ TALLOC_CTX *mem_ctx,
+ void *server_returned_info,
+ const char *original_user_name,
uint32_t session_info_flags,
struct auth_session_info **session_info);