git.samba.org / obnox / samba / samba-obnox.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
s4:heimdal_build: remove unused openpty check
[obnox/samba/samba-obnox.git] / auth / common_auth.h
diff --git a/auth/common_auth.h b/auth/common_auth.h
index 40f7da4fe7341b0fcd7f2d2de77c68b69398dc1c..d1a775d431a7f2e965b76707b5e3ca6bde7267e8 100644 (file)
--- a/auth/common_auth.h
+++ b/auth/common_auth.h
@@ -25,7 +25,9 @@
 #define USER_INFO_CASE_INSENSITIVE_USERNAME 0x01 /* username may be in any case */
 #define USER_INFO_CASE_INSENSITIVE_PASSWORD 0x02 /* password may be in any case */
 #define USER_INFO_DONT_CHECK_UNIX_ACCOUNT   0x04 /* don't check unix account status */
-#define USER_INFO_INTERACTIVE_LOGON         0x08 /* don't check unix account status */
+#define USER_INFO_INTERACTIVE_LOGON         0x08 /* Interactive logon */
+#define USER_INFO_LOCAL_SAM_ONLY            0x10 /* Only authenticate against the local SAM, do not map missing passwords to NO_SUCH_USER */
+#define USER_INFO_INFO3_AND_NO_AUTHZ        0x20 /* Only fill in server_info->info3 and do not do any authorization steps */
 
 enum auth_password_state {
        AUTH_PASSWORD_PLAIN = 1,
@@ -77,13 +79,13 @@ struct loadparm_context;
 struct ldb_context;
 struct smb_krb5_context;
 
+#define AUTH_METHOD_LOCAL_SAM 0x01
+
 struct auth4_context {
        struct {
                /* Who set this up in the first place? */
                const char *set_by;
 
-               bool may_be_modified;
-
                DATA_BLOB data;
        } challenge;
 
@@ -102,20 +104,23 @@ struct auth4_context {
        /* SAM database for this local machine - to fill in local groups, or to authenticate local NTLM users */
        struct ldb_context *sam_ctx;
 
-       NTSTATUS (*check_password)(struct auth4_context *auth_ctx,
-                                  TALLOC_CTX *mem_ctx,
-                                  const struct auth_usersupplied_info *user_info,
-                                  struct auth_user_info_dc **user_info_dc);
+       /* Private data for the callbacks on this auth context */
+       void *private_data;
 
-       NTSTATUS (*get_challenge)(struct auth4_context *auth_ctx, uint8_t chal[8]);
+       NTSTATUS (*check_ntlm_password)(struct auth4_context *auth_ctx,
+                                       TALLOC_CTX *mem_ctx,
+                                       const struct auth_usersupplied_info *user_info,
+                                       void **server_returned_info,
+                                       DATA_BLOB *nt_session_key, DATA_BLOB *lm_session_key);
 
-       bool (*challenge_may_be_modified)(struct auth4_context *auth_ctx);
+       NTSTATUS (*get_ntlm_challenge)(struct auth4_context *auth_ctx, uint8_t chal[8]);
 
-       NTSTATUS (*set_challenge)(struct auth4_context *auth_ctx, const uint8_t chal[8], const char *set_by);
+       NTSTATUS (*set_ntlm_challenge)(struct auth4_context *auth_ctx, const uint8_t chal[8], const char *set_by);
 
-       NTSTATUS (*generate_session_info)(TALLOC_CTX *mem_ctx,
-                                         struct auth4_context *auth_context,
-                                         struct auth_user_info_dc *user_info_dc,
+       NTSTATUS (*generate_session_info)(struct auth4_context *auth_context,
+                                         TALLOC_CTX *mem_ctx,
+                                         void *server_returned_info,
+                                         const char *original_user_name,
                                          uint32_t session_info_flags,
                                          struct auth_session_info **session_info);
 
Michael's Samba GIT