19
19
along with this program. If not, see <http://www.gnu.org/licenses/>.
22
typedef struct auth_usersupplied_info {
25
DATA_BLOB lm_interactive_pwd;
26
DATA_BLOB nt_interactive_pwd;
27
DATA_BLOB plaintext_password;
31
bool was_mapped; /* Did the username map actually match? */
32
char *client_domain; /* domain name string */
33
char *domain; /* domain name after mapping */
34
char *internal_username; /* username after mapping */
35
char *smb_name; /* username before mapping */
36
char *wksta_name; /* workstation name (netbios calling
37
* name) unicode string */
39
uint32 logon_parameters;
41
} auth_usersupplied_info;
43
typedef struct auth_serversupplied_info {
22
#include "../auth/common_auth.h"
24
struct extra_auth_info {
25
struct dom_sid user_sid;
26
struct dom_sid pgid_sid;
29
struct auth_serversupplied_info {
46
DOM_SID *sids; /* These SIDs are preliminary between
47
check_ntlm_password and the token creation. */
50
struct unix_user_token utok;
33
struct security_unix_token utok;
52
35
/* NT group information taken from the info3 structure */
37
struct security_token *security_token;
39
/* This is the final session key, as used by SMB signing, and
40
* (truncated to 16 bytes) encryption on the SAMR and LSA pipes
42
* It is calculated by NTLMSSP from the session key in the info3,
43
* and is set from the Kerberos session key using
44
* krb5_auth_con_getremotesubkey().
46
* Bottom line, it is not the same as the session keys in info3.
56
49
DATA_BLOB user_session_key;
57
50
DATA_BLOB lm_session_key;
59
char *login_server; /* which server authorized the login? */
61
struct samu *sam_account;
52
struct netr_SamInfo3 *info3;
54
/* this structure is filled *only* in pathological cases where the user
55
* sid or the primary group sid are not sids of the domain. Normally
56
* this happens only for unix accounts that have unix domain sids.
57
* This is checked only when info3.rid and/or info3.primary_gid are set
58
* to the special invalid value of 0xFFFFFFFF */
59
struct extra_auth_info extra;
66
62
* This is a token from /etc/passwd and /etc/group
91
87
/* What order are the various methods in? Try to stop it changing under us */
92
88
struct auth_methods *auth_method_list;
95
void (*get_ntlm_challenge)(struct auth_context *auth_context,
90
NTSTATUS (*get_ntlm_challenge)(struct auth_context *auth_context,
97
92
NTSTATUS (*check_ntlm_password)(const struct auth_context *auth_context,
98
93
const struct auth_usersupplied_info *user_info,
99
94
struct auth_serversupplied_info **server_info);
100
95
NTSTATUS (*nt_status_squash)(NTSTATUS nt_status);
101
void (*free)(struct auth_context **auth_context);
104
98
typedef struct auth_methods
110
104
void *my_private_data,
111
105
TALLOC_CTX *mem_ctx,
112
106
const struct auth_usersupplied_info *user_info,
113
auth_serversupplied_info **server_info);
107
struct auth_serversupplied_info **server_info);
115
109
/* If you are using this interface, then you are probably
116
110
* getting something wrong. This interface is only for
136
130
struct auth_init_function_entry *prev, *next;
139
typedef struct auth_ntlmssp_state {
141
struct auth_context *auth_context;
142
struct auth_serversupplied_info *server_info;
143
struct ntlmssp_state *ntlmssp_state;
144
} AUTH_NTLMSSP_STATE;
133
struct auth_ntlmssp_state;
146
135
/* Changed from 1 -> 2 to add the logon_parameters field. */
147
#define AUTH_INTERFACE_VERSION 2
136
/* Changed from 2 -> 3 when we reworked many auth structures to use IDL or be in common with Samba4 */
137
#define AUTH_INTERFACE_VERSION 3
139
#include "auth/proto.h"
149
141
#endif /* _SMBAUTH_H_ */