s4:s3compat Provide check_sam_security to check local passwords from winbindd

source3/winbindd in does not use the full auth subsystem, but instead short-cuts
to this function.

Andrew Bartlett

diff --git a/source4/s3compat/auth_samba4.c b/source4/s3compat/auth_samba4.c
index 208fa08e0f8d030cca3fd094397e1d38bc3ae862..f49a0d21feb6691003e9860944a84520ff818693 100644 (file)
--- a/source4/s3compat/auth_samba4.c
+++ b/source4/s3compat/auth_samba4.c
@@ -82,3 +82,27 @@ NTSTATUS auth_samba4_init(void)
                          auth_init_samba4);
        return NT_STATUS_OK;
 }
+
+NTSTATUS check_sam_security(const DATA_BLOB *challenge,
+                           TALLOC_CTX *mem_ctx,
+                           const struct auth_usersupplied_info *user_info,
+                           struct auth_serversupplied_info **server_info)
+{
+       NTSTATUS status;
+        TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
+       struct netr_SamInfo3 *info3 = NULL;
+       NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
+       
+       status = s3compat_authenticate(tmp_ctx, challenge->data, user_info, &info3);
+       NT_STATUS_NOT_OK_RETURN_AND_FREE(status, tmp_ctx);
+
+       status = make_server_info_info3(mem_ctx, user_info->client.account_name,
+                                       user_info->mapped.domain_name, server_info,
+                                       info3);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(10, ("make_server_info_info3 failed: %s\n",
+                          nt_errstr(status)));
+       }
+       talloc_free(tmp_ctx);
+       return status;
+}