-/*
+/*
Unix SMB/CIFS implementation.
Authentication utility functions
Copyright (C) Andrew Tridgell 1992-1998
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
-_PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
+_PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx,
struct loadparm_context *lp_ctx)
{
NTSTATUS nt_status;
return NT_STATUS_NO_MEMORY;
}
- /*
- * TODO: if we find out that we need to add default SIDs to the device
- * SIDs, as well as to the client SIDs, we’ll do that here.
- */
+ for (i = 0; i < num_device_sids; i++) {
+ device_sids[i] = device_info_dc->sids[i];
+ }
+
+ if (session_info_flags & AUTH_SESSION_INFO_DEVICE_DEFAULT_GROUPS) {
+ device_sids = talloc_realloc(tmp_ctx,
+ device_sids,
+ struct auth_SidAttr,
+ num_device_sids + 2);
+ if (device_sids == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ device_sids[num_device_sids++] = (struct auth_SidAttr) {
+ .sid = global_sid_World,
+ .attrs = SE_GROUP_DEFAULT_FLAGS,
+ };
+ device_sids[num_device_sids++] = (struct auth_SidAttr) {
+ .sid = global_sid_Network,
+ .attrs = SE_GROUP_DEFAULT_FLAGS,
+ };
+ }
+
+ if (session_info_flags & AUTH_SESSION_INFO_DEVICE_AUTHENTICATED) {
+ device_sids = talloc_realloc(tmp_ctx,
+ device_sids,
+ struct auth_SidAttr,
+ num_device_sids + 1);
+ if (device_sids == NULL) {
+ TALLOC_FREE(tmp_ctx);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ device_sids[num_device_sids++] = (struct auth_SidAttr) {
+ .sid = global_sid_Authenticated_Users,
+ .attrs = SE_GROUP_DEFAULT_FLAGS,
+ };
+ }
}
nt_status = security_token_create(mem_ctx,
/**
* prints a struct auth_session_info security token to debug output.
*/
-void auth_session_info_debug(int dbg_lev,
+void auth_session_info_debug(int dbg_lev,
const struct auth_session_info *session_info)
{
if (!session_info) {
DEBUG(dbg_lev, ("Session Info: (NULL)\n"));
- return;
+ return;
}
security_token_debug(DBGC_AUTH, dbg_lev,
git.samba.org / samba.git / blobdiff