Samba4/Auth

Revision as of 01:58, 20 October 2009 by Edewata (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Structures

auth_operations

struct auth_operations {

    const char *name;

    /* If you are using this interface, then you are probably
     * getting something wrong.  This interface is only for
     * security=server, and makes a number of compromises to allow
     * that.  It is not compatible with being a PDC.  */

    NTSTATUS (*get_challenge)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, DATA_BLOB *challenge);

    /* Given the user supplied info, check if this backend want to handle the password checking */

    NTSTATUS (*want_check)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx,
        const struct auth_usersupplied_info *user_info);

    /* Given the user supplied info, check a password */

    NTSTATUS (*check_password)(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx,
        const struct auth_usersupplied_info *user_info,
        struct auth_serversupplied_info **server_info);

    /* Lookup a 'server info' return based only on the principal */

    NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, 
        struct auth_context *auth_context,
        const char *principal,
        struct auth_serversupplied_info **server_info);
}

auth_method_context

struct auth_method_context {
    struct auth_method_context *prev, *next;
    struct auth_context *auth_ctx;
    const struct auth_operations *ops;
    int depth;
    void *private_data;
}

auth_context

struct auth_context {
    struct {
        /* Who set this up in the first place? */ 
        const char *set_by;

        bool may_be_modified;

        DATA_BLOB data; 
    } challenge;

    /* methods, in the order they should be called */
    struct auth_method_context *methods;

    /* the event context to use for calls that can block */
    struct tevent_context *event_ctx;

    /* the messaging context which can be used by backends */
    struct messaging_context *msg_ctx;

    /* loadparm context */
    struct loadparm_context *lp_ctx;

    NTSTATUS (*check_password)(struct auth_context *auth_ctx,
        TALLOC_CTX *mem_ctx,
        const struct auth_usersupplied_info *user_info, 
        struct auth_serversupplied_info **server_info);
	
    NTSTATUS (*get_challenge)(struct auth_context *auth_ctx, const uint8_t **_chal);

    bool (*challenge_may_be_modified)(struct auth_context *auth_ctx);

    NTSTATUS (*set_challenge)(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by);
	
    NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, 
        struct auth_context *auth_context,
        const char *principal,
        struct auth_serversupplied_info **server_info);
}