Samba4/Auth: Difference between revisions
From SambaWiki
No edit summary |
|||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
= Structures = |
= Structures = |
||
== auth_usersupplied_info == |
|||
<pre> |
|||
struct auth_usersupplied_info { |
|||
const char *workstation_name; |
|||
struct socket_address *remote_host; |
|||
uint32_t logon_parameters; |
|||
bool mapped_state; |
|||
/* the values the client gives us */ |
|||
struct { |
|||
const char *account_name; |
|||
const char *domain_name; |
|||
} client, mapped; |
|||
enum auth_password_state password_state; |
|||
union { |
|||
struct { |
|||
DATA_BLOB lanman; |
|||
DATA_BLOB nt; |
|||
} response; |
|||
struct { |
|||
struct samr_Password *lanman; |
|||
struct samr_Password *nt; |
|||
} hash; |
|||
char *plaintext; |
|||
} password; |
|||
uint32_t flags; |
|||
}; |
|||
</pre> |
|||
== auth_operations == |
== auth_operations == |
||
Line 32: | Line 68: | ||
const char *principal, |
const char *principal, |
||
struct auth_serversupplied_info **server_info); |
struct auth_serversupplied_info **server_info); |
||
} |
}; |
||
</pre> |
</pre> |
||
Line 44: | Line 80: | ||
int depth; |
int depth; |
||
void *private_data; |
void *private_data; |
||
} |
}; |
||
</pre> |
</pre> |
||
Line 51: | Line 87: | ||
<pre> |
<pre> |
||
struct auth_context { |
struct auth_context { |
||
struct { |
struct { |
||
/* Who set this up in the first place? */ |
/* Who set this up in the first place? */ |
||
Line 87: | Line 124: | ||
const char *principal, |
const char *principal, |
||
struct auth_serversupplied_info **server_info); |
struct auth_serversupplied_info **server_info); |
||
} |
}; |
||
</pre> |
</pre> |
Latest revision as of 02:08, 20 October 2009
Structures
auth_usersupplied_info
struct auth_usersupplied_info { const char *workstation_name; struct socket_address *remote_host; uint32_t logon_parameters; bool mapped_state; /* the values the client gives us */ struct { const char *account_name; const char *domain_name; } client, mapped; enum auth_password_state password_state; union { struct { DATA_BLOB lanman; DATA_BLOB nt; } response; struct { struct samr_Password *lanman; struct samr_Password *nt; } hash; char *plaintext; } password; uint32_t flags; };
auth_operations
struct auth_operations { const char *name; /* If you are using this interface, then you are probably * getting something wrong. This interface is only for * security=server, and makes a number of compromises to allow * that. It is not compatible with being a PDC. */ NTSTATUS (*get_challenge)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *challenge); /* Given the user supplied info, check if this backend want to handle the password checking */ NTSTATUS (*want_check)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info); /* Given the user supplied info, check a password */ NTSTATUS (*check_password)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); /* Lookup a 'server info' return based only on the principal */ NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, const char *principal, struct auth_serversupplied_info **server_info); };
auth_method_context
struct auth_method_context { struct auth_method_context *prev, *next; struct auth_context *auth_ctx; const struct auth_operations *ops; int depth; void *private_data; };
auth_context
struct auth_context { struct { /* Who set this up in the first place? */ const char *set_by; bool may_be_modified; DATA_BLOB data; } challenge; /* methods, in the order they should be called */ struct auth_method_context *methods; /* the event context to use for calls that can block */ struct tevent_context *event_ctx; /* the messaging context which can be used by backends */ struct messaging_context *msg_ctx; /* loadparm context */ struct loadparm_context *lp_ctx; NTSTATUS (*check_password)(struct auth_context *auth_ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); NTSTATUS (*get_challenge)(struct auth_context *auth_ctx, const uint8_t **_chal); bool (*challenge_may_be_modified)(struct auth_context *auth_ctx); NTSTATUS (*set_challenge)(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by); NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, const char *principal, struct auth_serversupplied_info **server_info); };