2 Unix SMB/CIFS implementation.
3 Standardised Authentication types
4 Copyright (C) Andrew Bartlett 2001-2010
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "librpc/gen_ndr/krb5pac.h"
22 #define USER_INFO_CASE_INSENSITIVE_USERNAME 0x01 /* username may be in any case */
23 #define USER_INFO_CASE_INSENSITIVE_PASSWORD 0x02 /* password may be in any case */
24 #define USER_INFO_DONT_CHECK_UNIX_ACCOUNT 0x04 /* don't check unix account status */
25 #define USER_INFO_INTERACTIVE_LOGON 0x08 /* don't check unix account status */
27 enum auth_password_state {
28 AUTH_PASSWORD_PLAIN = 1,
29 AUTH_PASSWORD_HASH = 2,
30 AUTH_PASSWORD_RESPONSE = 3
33 struct auth_usersupplied_info
35 const char *workstation_name;
36 const struct tsocket_address *remote_host;
38 uint32_t logon_parameters;
42 /* the values the client gives us */
44 const char *account_name;
45 const char *domain_name;
48 enum auth_password_state password_state;
56 struct samr_Password *lanman;
57 struct samr_Password *nt;
64 struct auth_serversupplied_info;
66 struct auth_serversupplied_info;
68 /* Shared prototypes for functions that may be replaced using s3compat, to ensure things stay in sync */
69 NTSTATUS ads_verify_ticket(TALLOC_CTX *mem_ctx,
72 const DATA_BLOB *ticket,
74 struct PAC_LOGON_INFO **logon_info,
76 DATA_BLOB *session_key,
77 bool use_replay_cache);
79 /****************************************************************
80 Given a username, password and other details, return the
81 PAC_LOGON_INFO (the structure containing the important user
82 information such as groups).
83 ****************************************************************/
85 NTSTATUS kerberos_return_pac(TALLOC_CTX *mem_ctx,
90 time_t *renew_till_time,
91 const char *cache_name,
93 bool add_netbios_addr,
94 time_t renewable_time,
95 const char *impersonate_princ_s,
96 struct PAC_LOGON_INFO **logon_info);
97 NTSTATUS auth_samba4_init(void);
98 NTSTATUS check_sam_security(const DATA_BLOB *challenge,
100 const struct auth_usersupplied_info *user_info,
101 struct auth_serversupplied_info **server_info);