Samba4/Auth
From SambaWiki
Structures
auth_usersupplied_info
struct auth_usersupplied_info { const char *workstation_name; struct socket_address *remote_host; uint32_t logon_parameters; bool mapped_state; /* the values the client gives us */ struct { const char *account_name; const char *domain_name; } client, mapped; enum auth_password_state password_state; union { struct { DATA_BLOB lanman; DATA_BLOB nt; } response; struct { struct samr_Password *lanman; struct samr_Password *nt; } hash; char *plaintext; } password; uint32_t flags; };
auth_operations
struct auth_operations { const char *name; /* If you are using this interface, then you are probably * getting something wrong. This interface is only for * security=server, and makes a number of compromises to allow * that. It is not compatible with being a PDC. */ NTSTATUS (*get_challenge)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *challenge); /* Given the user supplied info, check if this backend want to handle the password checking */ NTSTATUS (*want_check)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info); /* Given the user supplied info, check a password */ NTSTATUS (*check_password)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); /* Lookup a 'server info' return based only on the principal */ NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, const char *principal, struct auth_serversupplied_info **server_info); };
auth_method_context
struct auth_method_context { struct auth_method_context *prev, *next; struct auth_context *auth_ctx; const struct auth_operations *ops; int depth; void *private_data; };
auth_context
struct auth_context { struct { /* Who set this up in the first place? */ const char *set_by; bool may_be_modified; DATA_BLOB data; } challenge; /* methods, in the order they should be called */ struct auth_method_context *methods; /* the event context to use for calls that can block */ struct tevent_context *event_ctx; /* the messaging context which can be used by backends */ struct messaging_context *msg_ctx; /* loadparm context */ struct loadparm_context *lp_ctx; NTSTATUS (*check_password)(struct auth_context *auth_ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); NTSTATUS (*get_challenge)(struct auth_context *auth_ctx, const uint8_t **_chal); bool (*challenge_may_be_modified)(struct auth_context *auth_ctx); NTSTATUS (*set_challenge)(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by); NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, const char *principal, struct auth_serversupplied_info **server_info); };