winbindd: rename winbindd_pam_auth_pac_send and let it return validation

Just a preperational step. The next commit will update the caller to
make use of the validation info.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index f186d865f569c14aa60b997c96127ffa5fcf4041..8403d7d57b67aeb8aab2e397ff4b0fda9ae2a6cb 100644 (file)
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -2893,8 +2893,10 @@ out:
        return status;
 }
 
-NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
-                                   struct netr_SamInfo3 **info3)
+NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
+                                     bool *p_is_trusted,
+                                     uint16_t *p_validation_level,
+                                     union netr_Validation **p_validation)
 {
        struct winbindd_request *req = state->request;
        DATA_BLOB pac_blob;
@@ -2909,6 +2911,10 @@ NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
        bool is_trusted = false;
        uint32_t i;
 
+       *p_is_trusted = false;
+       *p_validation_level = 0;
+       *p_validation = NULL;
+
        pac_blob = data_blob_const(req->extra_data.data, req->extra_len);
        result = extract_pac_vrfy_sigs(state->mem_ctx, pac_blob, &pac_data);
        if (NT_STATUS_IS_OK(result)) {
@@ -3004,14 +3010,21 @@ NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
                }
        }
 
-       *info3 = info3_copy;
-
+       *p_is_trusted = is_trusted;
+       *p_validation_level = validation_level;
+       *p_validation = validation;
        return NT_STATUS_OK;
 }
 #else /* HAVE_KRB5 */
-NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
-                                   struct netr_SamInfo3 **info3)
+NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
+                                     bool *p_is_trusted,
+                                     uint16_t *p_validation_level,
+                                     union netr_Validation **p_validation);
 {
+
+       *p_is_trusted = false;
+       *p_validation_level = 0;
+       *p_validation = NULL;
        return NT_STATUS_NO_SUCH_USER;
 }
 #endif /* HAVE_KRB5 */

diff --git a/source3/winbindd/winbindd_pam_auth_crap.c b/source3/winbindd/winbindd_pam_auth_crap.c
index afcce03172e09ec99303b38abc0190184a45cef9..6fb65a274611ffe8ab6ed7080710e945094789c7 100644 (file)
--- a/source3/winbindd/winbindd_pam_auth_crap.c
+++ b/source3/winbindd/winbindd_pam_auth_crap.c
@@ -49,12 +49,15 @@ struct tevent_req *winbindd_pam_auth_crap_send(
        state->flags = request->flags;
 
        if (state->flags & WBFLAG_PAM_AUTH_PAC) {
-               struct netr_SamInfo3 *info3 = NULL;
+               bool is_trusted = false;
                uint16_t validation_level;
                union netr_Validation *validation = NULL;
                NTSTATUS status;
 
-               status = winbindd_pam_auth_pac_send(cli, &info3);
+               status = winbindd_pam_auth_pac_verify(cli,
+                                                     &is_trusted,
+                                                     &validation_level,
+                                                     &validation);
                if (tevent_req_nterror(req, status)) {
                        return tevent_req_post(req, ev);
                }
@@ -67,14 +70,6 @@ struct tevent_req *winbindd_pam_auth_crap_send(
                state->response->result = WINBINDD_PENDING;
                state->response->length = sizeof(struct winbindd_response);
 
-               status = map_info3_to_validation(talloc_tos(),
-                                                info3,
-                                                &validation_level,
-                                                &validation);
-               if (tevent_req_nterror(req, status)) {
-                       return tevent_req_post(req, ev);
-               }
-
                status = append_auth_data(state->response,
                                          state->response,
                                          state->flags,

diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 015fd717b34fce443f5a87c1d3d012c8da9cdd83..d09176d954a5690635a493bade9db4e89f6cf81f 100644 (file)
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -419,8 +419,10 @@ enum winbindd_result winbindd_dual_pam_chauthtok(struct winbindd_domain *contact
 enum winbindd_result winbindd_dual_pam_logoff(struct winbindd_domain *domain,
                                              struct winbindd_cli_state *state) ;
 enum winbindd_result winbindd_dual_pam_chng_pswd_auth_crap(struct winbindd_domain *domainSt, struct winbindd_cli_state *state);
-NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
-                                   struct netr_SamInfo3 **info3);
+NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
+                                     bool *p_is_trusted,
+                                     uint16_t *p_validation_level,
+                                     union netr_Validation **p_validation);
 
 NTSTATUS winbind_dual_SamLogon(struct winbindd_domain *domain,
                               TALLOC_CTX *mem_ctx,