along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-struct auth_usersupplied_info {
- DATA_BLOB lm_resp;
- DATA_BLOB nt_resp;
- DATA_BLOB lm_interactive_pwd;
- DATA_BLOB nt_interactive_pwd;
- DATA_BLOB plaintext_password;
-
- bool encrypted;
-
- bool was_mapped; /* Did the username map actually match? */
- char *client_domain; /* domain name string */
- char *domain; /* domain name after mapping */
- char *internal_username; /* username after mapping */
- char *smb_name; /* username before mapping */
- char *wksta_name; /* workstation name (netbios calling
- * name) unicode string */
-
- uint32 logon_parameters;
+#include "../auth/common_auth.h"
+struct extra_auth_info {
+ struct dom_sid user_sid;
+ struct dom_sid pgid_sid;
};
struct auth_serversupplied_info {
bool guest;
-
- struct dom_sid *sids; /* These SIDs are preliminary between
- check_ntlm_password and the token creation. */
- size_t num_sids;
+ bool system;
struct unix_user_token utok;
/* NT group information taken from the info3 structure */
- NT_USER_TOKEN *ptok;
+ struct security_token *security_token;
/* This is the final session key, as used by SMB signing, and
* (truncated to 16 bytes) encryption on the SAMR and LSA pipes
* and is set from the Kerberos session key using
* krb5_auth_con_getremotesubkey().
*
- * Bootom line, it is not the same as the session keys in info3.
+ * Bottom line, it is not the same as the session keys in info3.
*/
DATA_BLOB user_session_key;
struct netr_SamInfo3 *info3;
- void *pam_handle;
+ /* this structure is filled *only* in pathological cases where the user
+ * sid or the primary group sid are not sids of the domain. Normally
+ * this happens only for unix accounts that have unix domain sids.
+ * This is checked only when info3.rid and/or info3.primary_gid are set
+ * to the special invalid value of 0xFFFFFFFF */
+ struct extra_auth_info extra;
/*
* This is a token from /etc/passwd and /etc/group
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info);
NTSTATUS (*nt_status_squash)(NTSTATUS nt_status);
- void (*free)(struct auth_context **auth_context);
};
typedef struct auth_methods
struct auth_ntlmssp_state;
/* Changed from 1 -> 2 to add the logon_parameters field. */
-#define AUTH_INTERFACE_VERSION 2
+/* Changed from 2 -> 3 when we reworked many auth structures to use IDL or be in common with Samba4 */
+#define AUTH_INTERFACE_VERSION 3
#endif /* _SMBAUTH_H_ */