s4-winbind: support the s3 response flags on krb5 auth too

This fixes the samba4.blackbox.wbinfo test, which was failing on a
wbinfo -K command

diff --git a/source4/winbind/wb_pam_auth.c b/source4/winbind/wb_pam_auth.c
index b2579fd6df191691b0404d3222d6c2e3156819dc..0a9c37911bf423c13b1b182297258fd2d0d8bac0 100644 (file)
--- a/source4/winbind/wb_pam_auth.c
+++ b/source4/winbind/wb_pam_auth.c
@@ -260,11 +260,31 @@ struct composite_context *wb_cmd_pam_auth_send(TALLOC_CTX *mem_ctx,
                                         chal, nt_resp, lm_resp);
 }
 
-NTSTATUS wb_cmd_pam_auth_recv(struct composite_context *c)
+NTSTATUS wb_cmd_pam_auth_recv(struct composite_context *c,
+                             TALLOC_CTX *mem_ctx,
+                             DATA_BLOB *info3,
+                             struct netr_UserSessionKey *user_session_key,
+                             struct netr_LMSessionKey *lm_key,
+                             char **unix_username)
 {
-       struct pam_auth_crap_state *state =
-               talloc_get_type(c->private_data, struct pam_auth_crap_state);
-       NTSTATUS status = composite_wait(c);
-       talloc_free(state);
-       return status;
+       struct pam_auth_crap_state *state =
+               talloc_get_type(c->private_data, struct pam_auth_crap_state);
+       NTSTATUS status = composite_wait(c);
+       if (NT_STATUS_IS_OK(status)) {
+               if (info3) {
+                       info3->length = state->info3.length;
+                       info3->data = talloc_steal(mem_ctx, state->info3.data);
+               }
+               if (user_session_key) {
+                       *user_session_key = state->user_session_key;
+               }
+               if (lm_key) {
+                       *lm_key = state->lm_key;
+               }
+               if (unix_username) {
+                       *unix_username = talloc_steal(mem_ctx, state->unix_username);
+               }
+       }
+       talloc_free(state);
+       return status;
 }

diff --git a/source4/winbind/wb_samba3_cmd.c b/source4/winbind/wb_samba3_cmd.c
index 280c47a274fc1849503ef40f5e001da59fe626c7..c5fba92f147d7b3bdd72781dfc4da081252045cc 100644 (file)
--- a/source4/winbind/wb_samba3_cmd.c
+++ b/source4/winbind/wb_samba3_cmd.c
@@ -299,7 +299,7 @@ static void check_machacc_recv(struct composite_context *ctx)
                                struct wbsrv_samba3_call);
        NTSTATUS status;
 
-       status = wb_cmd_pam_auth_recv(ctx);
+       status = wb_cmd_pam_auth_recv(ctx, s3call, NULL, NULL, NULL, NULL);
 
        if (!NT_STATUS_IS_OK(status)) goto done;
 
@@ -734,11 +734,48 @@ static void pam_auth_recv(struct composite_context *ctx)
                talloc_get_type(ctx->async.private_data,
                                struct wbsrv_samba3_call);
        NTSTATUS status;
+       DATA_BLOB info3;
+       struct netr_UserSessionKey user_session_key;
+       struct netr_LMSessionKey lm_key;
+       char *unix_username;
 
-       status = wb_cmd_pam_auth_recv(ctx);
+       status = wb_cmd_pam_auth_recv(ctx, s3call, &info3, 
+                                     &user_session_key, &lm_key, &unix_username);
 
        if (!NT_STATUS_IS_OK(status)) goto done;
 
+       if (s3call->request.flags & WBFLAG_PAM_USER_SESSION_KEY) {
+               memcpy(s3call->response.data.auth.user_session_key, 
+                      &user_session_key.key,
+                      sizeof(s3call->response.data.auth.user_session_key));
+       }
+
+       if (s3call->request.flags & WBFLAG_PAM_INFO3_TEXT) {
+               status = wb_samba3_append_info3_as_txt(ctx, s3call, info3);
+               if (!NT_STATUS_IS_OK(status)) {
+                       DEBUG(10,("Failed to append INFO3 (TXT): %s\n",
+                                 nt_errstr(status)));
+                       goto done;
+               }
+       }
+
+       if (s3call->request.flags & WBFLAG_PAM_INFO3_NDR) {
+               s3call->response.extra_data.data = info3.data;
+               s3call->response.length += info3.length;
+       }
+
+       if (s3call->request.flags & WBFLAG_PAM_LMKEY) {
+               memcpy(s3call->response.data.auth.first_8_lm_hash, 
+                      lm_key.key,
+                      sizeof(s3call->response.data.auth.first_8_lm_hash));
+       }
+       
+       if (s3call->request.flags & WBFLAG_PAM_UNIX_NAME) {
+               s3call->response.extra_data.data = unix_username;
+               s3call->response.length += strlen(unix_username)+1;
+       }
+       
+
  done:
        wbsrv_samba3_async_auth_epilogue(status, s3call);
 }