X-Git-Url: http://git.samba.org/samba.git/?p=kai%2Fsamba.git;a=blobdiff_plain;f=source3%2Finclude%2Fauth.h;h=e37f181082e2d152b85085b52c58c7e9cfb2c546;hp=028f8303da8e35318f5a03e3b7f340ef44cc187e;hb=58fe4d9c20203f6f55c8e995402e156becb91b3e;hpb=6ad80352dd2523c310258de3211a2af0f1763d2a

diff --git a/source3/include/auth.h b/source3/include/auth.h
index 028f8303da8..e37f181082e 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -1,8 +1,7 @@
 #ifndef _SMBAUTH_H_
 #define _SMBAUTH_H_
 /* 
-   Unix SMB/Netbios implementation.
-   Version 2.2
+   Unix SMB/CIFS implementation.
    Standardised Authentication types
    Copyright (C) Andrew Bartlett 2001
    
@@ -35,64 +34,128 @@ typedef struct unicode_string
 	uchar *unistr;
 } AUTH_UNISTR;
 
-/* AUTH_BUFFER - 8-bit byte buffer */
-typedef struct auth_buffer
-{
-	int len;
-	uint8 *buffer;
-} AUTH_BUFFER;
-
-typedef struct net_password
-{
-	AUTH_BUFFER lm_resp;
-	AUTH_BUFFER nt_resp;
-} auth_net_password;
-
 typedef struct interactive_password
 {
 	OWF_INFO          lm_owf;              /* LM OWF Password */
 	OWF_INFO          nt_owf;              /* NT OWF Password */
 } auth_interactive_password;
 
-typedef struct plaintext_password
-{
-	AUTH_STR password;
-} auth_plaintext_password;
+#define AUTH_FLAG_NONE        0x000000
+#define AUTH_FLAG_PLAINTEXT   0x000001
+#define AUTH_FLAG_LM_RESP     0x000002
+#define AUTH_FLAG_NTLM_RESP   0x000004
+#define AUTH_FLAG_NTLMv2_RESP 0x000008
 
-typedef struct usersupplied_info
+typedef struct auth_usersupplied_info
 {
 	
- 	AUTH_BUFFER lm_resp;
-	AUTH_BUFFER nt_resp;
+ 	DATA_BLOB lm_resp;
+	DATA_BLOB nt_resp;
 	auth_interactive_password * interactive_password;
-        AUTH_STR plaintext_password;
+ 	DATA_BLOB plaintext_password;
+	
+	BOOL encrypted;
 	
-	uint8 chal[8];
+	uint32 auth_flags;
 
-	AUTH_STR           requested_domain;     /* domain name string */
+	AUTH_STR           client_domain;          /* domain name string */
 	AUTH_STR           domain;               /* domain name after mapping */
-	AUTH_STR           requested_username;
-	AUTH_STR           smb_username;         /* user name string (after mapping) */
+	AUTH_STR           internal_username;    /* username after mapping */
+	AUTH_STR           smb_name;        /* username before mapping */
 	AUTH_STR           wksta_name;           /* workstation name (netbios calling name) unicode string */
 	
 } auth_usersupplied_info;
 
-typedef struct serversupplied_info
+#define SAM_FILL_NAME  0x01
+#define SAM_FILL_INFO3 0x02
+#define SAM_FILL_SAM   0x04
+#define SAM_FILL_UNIX  0x08
+#define SAM_FILL_ALL (SAM_FILL_NAME | SAM_FILL_INFO3 | SAM_FILL_SAM | SAM_FILL_UNIX)
+
+typedef struct auth_serversupplied_info 
 {
-	AUTH_STR full_name;
-	AUTH_STR unix_user;
-	
 	BOOL guest;
 	
-	uid_t unix_uid;
-	gid_t unix_gid;
-	
 	/* This groups info is needed for when we become_user() for this uid */
 	int n_groups;
 	gid_t *groups;
 	
-	uchar session_key[16];
+	/* NT group information taken from the info3 structure */
+	
+	NT_USER_TOKEN *ptok;
+	
+	uint8 session_key[16];
+	
+	uint8 first_8_lm_hash[8];
+
+	uint32 sam_fill_level;  /* How far is this structure filled? */
+	
+	SAM_ACCOUNT *sam_account;
+	
+	void *pam_handle;
 	
 } auth_serversupplied_info;
 
+struct auth_context {
+	DATA_BLOB challenge; 
+
+	/* Who set this up in the first place? */ 
+	const char *challenge_set_by; 
+
+	struct auth_methods *challenge_set_method; 
+	/* What order are the various methods in?   Try to stop it changing under us */ 
+	struct auth_methods *auth_method_list;	
+
+	TALLOC_CTX *mem_ctx;
+	const uint8 *(*get_ntlm_challenge)(struct auth_context *auth_context);
+	NTSTATUS (*check_ntlm_password)(const struct auth_context *auth_context,
+					const struct auth_usersupplied_info *user_info, 
+					struct auth_serversupplied_info **server_info);
+	NTSTATUS (*nt_status_squash)(NTSTATUS nt_status);
+	void (*free)(struct auth_context **auth_context);
+};
+
+typedef struct auth_methods
+{
+	struct auth_methods *prev, *next;
+	const char *name; /* What name got this module */
+
+	NTSTATUS (*auth)(const struct auth_context *auth_context,
+			 void *my_private_data, 
+			 TALLOC_CTX *mem_ctx,
+			 const struct auth_usersupplied_info *user_info, 
+			 auth_serversupplied_info **server_info);
+
+	DATA_BLOB (*get_chal)(const struct auth_context *auth_context,
+			      void **my_private_data, 
+			      TALLOC_CTX *mem_ctx);
+	
+	/* Used to keep tabs on things like the cli for SMB server authentication */
+	void *private_data;
+	
+	/* Function to clean up the above arbitary structure */
+	void (*free_private_data)(void **private_data);
+
+	/* Function to send a keepalive message on the above structure */
+	void (*send_keepalive)(void **private_data);
+
+} auth_methods;
+
+typedef NTSTATUS (*auth_init_function)(struct auth_context *, const char *, struct auth_methods **);
+
+struct auth_init_function_entry {
+	const char *name;
+	/* Function to create a member of the authmethods list */
+
+	auth_init_function init;
+};
+
+typedef struct auth_ntlmssp_state
+{
+	TALLOC_CTX *mem_ctx;
+	struct auth_context *auth_context;
+	struct auth_serversupplied_info *server_info;
+	struct ntlmssp_state *ntlmssp_state;
+} AUTH_NTLMSSP_STATE;
+
 #endif /* _SMBAUTH_H_ */