From 1b6767d26218eaf85ec7af9281c6674bab36ce3f Mon Sep 17 00:00:00 2001 From: =?utf8?q?G=C3=BCnther=20Deschner?= Date: Fri, 25 Mar 2011 02:27:24 +0100 Subject: [PATCH] s3-auth: move auth prototypes to auth/proto.h. Guenther --- source3/auth/proto.h | 266 +++++++++++++++++++++++++++++++++++++++ source3/include/auth.h | 2 + source3/include/proto.h | 271 +--------------------------------------- 3 files changed, 270 insertions(+), 269 deletions(-) create mode 100644 source3/auth/proto.h diff --git a/source3/auth/proto.h b/source3/auth/proto.h new file mode 100644 index 00000000000..585c413c14b --- /dev/null +++ b/source3/auth/proto.h @@ -0,0 +1,266 @@ + +/* The following definitions come from auth/auth.c */ + +NTSTATUS smb_register_auth(int version, const char *name, auth_init_function init); +bool load_auth_module(struct auth_context *auth_context, + const char *module, auth_methods **ret) ; +NTSTATUS make_auth_context_subsystem(TALLOC_CTX *mem_ctx, + struct auth_context **auth_context); +NTSTATUS make_auth_context_fixed(TALLOC_CTX *mem_ctx, + struct auth_context **auth_context, + uchar chal[8]) ; + +/* The following definitions come from auth/auth_builtin.c */ + +NTSTATUS auth_builtin_init(void); + +/* The following definitions come from auth/auth_compat.c */ + +NTSTATUS check_plaintext_password(const char *smb_name, + DATA_BLOB plaintext_password, + struct auth_serversupplied_info **server_info); +bool password_ok(struct auth_context *actx, bool global_encrypted, + const char *session_workgroup, + const char *smb_name, DATA_BLOB password_blob); + +/* The following definitions come from auth/auth_domain.c */ + +void attempt_machine_password_change(void); +NTSTATUS auth_domain_init(void); + +NTSTATUS auth_netlogond_init(void); + +/* The following definitions come from auth/auth_ntlmssp.c */ + +NTSTATUS auth_ntlmssp_steal_session_info(TALLOC_CTX *mem_ctx, + struct auth_ntlmssp_state *auth_ntlmssp_state, + struct auth_serversupplied_info **session_info); +NTSTATUS auth_ntlmssp_start(struct auth_ntlmssp_state **auth_ntlmssp_state); + + +/* The following definitions come from auth/auth_sam.c */ + +NTSTATUS check_sam_security(const DATA_BLOB *challenge, + TALLOC_CTX *mem_ctx, + const struct auth_usersupplied_info *user_info, + struct auth_serversupplied_info **server_info); +NTSTATUS check_sam_security_info3(const DATA_BLOB *challenge, + TALLOC_CTX *mem_ctx, + const struct auth_usersupplied_info *user_info, + struct netr_SamInfo3 **pinfo3); +NTSTATUS auth_sam_init(void); + +/* The following definitions come from auth/auth_server.c */ + +NTSTATUS auth_server_init(void); + +/* The following definitions come from auth/auth_unix.c */ + +NTSTATUS auth_unix_init(void); + +/* The following definitions come from auth/auth_util.c */ + +NTSTATUS make_user_info_map(struct auth_usersupplied_info **user_info, + const char *smb_name, + const char *client_domain, + const char *workstation_name, + DATA_BLOB *lm_pwd, + DATA_BLOB *nt_pwd, + const struct samr_Password *lm_interactive_pwd, + const struct samr_Password *nt_interactive_pwd, + const char *plaintext, + enum auth_password_state password_state); +bool make_user_info_netlogon_network(struct auth_usersupplied_info **user_info, + const char *smb_name, + const char *client_domain, + const char *workstation_name, + uint32 logon_parameters, + const uchar *lm_network_pwd, + int lm_pwd_len, + const uchar *nt_network_pwd, + int nt_pwd_len); +bool make_user_info_netlogon_interactive(struct auth_usersupplied_info **user_info, + const char *smb_name, + const char *client_domain, + const char *workstation_name, + uint32 logon_parameters, + const uchar chal[8], + const uchar lm_interactive_pwd[16], + const uchar nt_interactive_pwd[16], + const uchar *dc_sess_key); +bool make_user_info_for_reply(struct auth_usersupplied_info **user_info, + const char *smb_name, + const char *client_domain, + const uint8 chal[8], + DATA_BLOB plaintext_password); +NTSTATUS make_user_info_for_reply_enc(struct auth_usersupplied_info **user_info, + const char *smb_name, + const char *client_domain, + DATA_BLOB lm_resp, DATA_BLOB nt_resp); +bool make_user_info_guest(struct auth_usersupplied_info **user_info) ; +struct samu; +NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info, + struct samu *sampass); +NTSTATUS create_local_token(struct auth_serversupplied_info *server_info); +NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, + bool is_guest, + uid_t *uid, gid_t *gid, + char **found_username, + struct security_token **token); +bool user_in_group_sid(const char *username, const struct dom_sid *group_sid); +bool user_in_group(const char *username, const char *groupname); +struct passwd; +NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, + char *unix_username, + struct passwd *pwd); +NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, + const char *username, + bool is_guest, + struct auth_serversupplied_info **presult); +struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx, + const struct auth_serversupplied_info *src); +bool init_guest_info(void); +NTSTATUS init_system_info(void); +bool session_info_set_session_key(struct auth_serversupplied_info *info, + DATA_BLOB session_key); +NTSTATUS make_server_info_guest(TALLOC_CTX *mem_ctx, + struct auth_serversupplied_info **server_info); +NTSTATUS make_session_info_system(TALLOC_CTX *mem_ctx, + struct auth_serversupplied_info **session_info); +const struct auth_serversupplied_info *get_session_info_system(void); +bool copy_current_user(struct current_user *dst, struct current_user *src); +struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser, + char **p_save_username, bool create ); +NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, + const char *sent_nt_username, + const char *domain, + struct auth_serversupplied_info **server_info, + struct netr_SamInfo3 *info3); +struct wbcAuthUserInfo; +NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx, + const char *sent_nt_username, + const char *domain, + const struct wbcAuthUserInfo *info, + struct auth_serversupplied_info **server_info); +void free_user_info(struct auth_usersupplied_info **user_info); +bool make_auth_methods(struct auth_context *auth_context, auth_methods **auth_method) ; +bool is_trusted_domain(const char* dom_name); + +/* The following definitions come from auth/user_info.c */ + +NTSTATUS make_user_info(struct auth_usersupplied_info **ret_user_info, + const char *smb_name, + const char *internal_username, + const char *client_domain, + const char *domain, + const char *workstation_name, + const DATA_BLOB *lm_pwd, + const DATA_BLOB *nt_pwd, + const struct samr_Password *lm_interactive_pwd, + const struct samr_Password *nt_interactive_pwd, + const char *plaintext_password, + enum auth_password_state password_state); +void free_user_info(struct auth_usersupplied_info **user_info); + +/* The following definitions come from auth/auth_winbind.c */ + +NTSTATUS auth_winbind_init(void); + +/* The following definitions come from auth/server_info.c */ + +struct netr_SamInfo2; +struct netr_SamInfo3; +struct netr_SamInfo6; + +struct auth_serversupplied_info *make_server_info(TALLOC_CTX *mem_ctx); +NTSTATUS serverinfo_to_SamInfo2(struct auth_serversupplied_info *server_info, + uint8_t *pipe_session_key, + size_t pipe_session_key_len, + struct netr_SamInfo2 *sam2); +NTSTATUS serverinfo_to_SamInfo3(const struct auth_serversupplied_info *server_info, + uint8_t *pipe_session_key, + size_t pipe_session_key_len, + struct netr_SamInfo3 *sam3); +NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info, + uint8_t *pipe_session_key, + size_t pipe_session_key_len, + struct netr_SamInfo6 *sam6); +NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx, + struct samu *samu, + const char *login_server, + struct netr_SamInfo3 **_info3, + struct extra_auth_info *extra); +struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx, + struct netr_SamInfo3 *orig); +struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx, + const struct wbcAuthUserInfo *info); + +/* The following definitions come from auth/auth_wbc.c */ + +NTSTATUS auth_wbc_init(void); + +/* The following definitions come from auth/pampass.c */ + +bool smb_pam_claim_session(char *user, char *tty, char *rhost); +bool smb_pam_close_session(char *user, char *tty, char *rhost); +NTSTATUS smb_pam_accountcheck(const char *user, const char *rhost); +NTSTATUS smb_pam_passcheck(const char * user, const char * rhost, + const char * password); +bool smb_pam_passchange(const char *user, const char *rhost, + const char *oldpassword, const char *newpassword); +bool smb_pam_claim_session(char *user, char *tty, char *rhost); +bool smb_pam_close_session(char *in_user, char *tty, char *rhost); + +/* The following definitions come from auth/pass_check.c */ + +void dfs_unlogin(void); +NTSTATUS pass_check(const struct passwd *pass, + const char *user, + const char *rhost, + const char *password, + bool run_cracker); + +/* The following definitions come from auth/token_util.c */ + +bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token ); +bool nt_token_check_domain_rid( struct security_token *token, uint32 rid ); +struct security_token *get_root_nt_token( void ); +NTSTATUS add_aliases(const struct dom_sid *domain_sid, + struct security_token *token); +struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx, + const struct dom_sid *user_sid, + bool is_guest, + int num_groupsids, + const struct dom_sid *groupsids); +NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx, + bool is_guest, + struct netr_SamInfo3 *info3, + struct extra_auth_info *extra, + struct security_token **ntok); +void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid, + int n_groups, gid_t *groups); + +/* The following definitions come from auth/user_util.c */ + +bool map_username(TALLOC_CTX *ctx, const char *user_in, char **p_user_out); + +/* The following definitions come from auth/user_krb5.c */ +struct PAC_LOGON_INFO; +NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, + const char *cli_name, + const char *princ_name, + struct PAC_LOGON_INFO *logon_info, + bool *is_mapped, + bool *mapped_to_guest, + char **ntuser, + char **ntdomain, + char **username, + struct passwd **_pw); +NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, + char *ntuser, + char *ntdomain, + char *username, + struct passwd *pw, + struct PAC_LOGON_INFO *logon_info, + bool mapped_to_guest, + struct auth_serversupplied_info **server_info); diff --git a/source3/include/auth.h b/source3/include/auth.h index 3b3f6dc6d1b..c017da98db0 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -136,4 +136,6 @@ struct auth_ntlmssp_state; /* Changed from 2 -> 3 when we reworked many auth structures to use IDL or be in common with Samba4 */ #define AUTH_INTERFACE_VERSION 3 +#include "auth/proto.h" + #endif /* _SMBAUTH_H_ */ diff --git a/source3/include/proto.h b/source3/include/proto.h index 12d5a93920f..6c179c982b1 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -23,248 +23,6 @@ #ifndef _PROTO_H_ #define _PROTO_H_ - -/* The following definitions come from auth/auth.c */ - -NTSTATUS smb_register_auth(int version, const char *name, auth_init_function init); -bool load_auth_module(struct auth_context *auth_context, - const char *module, auth_methods **ret) ; -NTSTATUS make_auth_context_subsystem(TALLOC_CTX *mem_ctx, - struct auth_context **auth_context); -NTSTATUS make_auth_context_fixed(TALLOC_CTX *mem_ctx, - struct auth_context **auth_context, - uchar chal[8]) ; - -/* The following definitions come from auth/auth_builtin.c */ - -NTSTATUS auth_builtin_init(void); - -/* The following definitions come from auth/auth_compat.c */ - -NTSTATUS check_plaintext_password(const char *smb_name, - DATA_BLOB plaintext_password, - struct auth_serversupplied_info **server_info); -bool password_ok(struct auth_context *actx, bool global_encrypted, - const char *session_workgroup, - const char *smb_name, DATA_BLOB password_blob); - -/* The following definitions come from auth/auth_domain.c */ - -void attempt_machine_password_change(void); -NTSTATUS auth_domain_init(void); - -NTSTATUS auth_netlogond_init(void); - -/* The following definitions come from auth/auth_ntlmssp.c */ - -NTSTATUS auth_ntlmssp_steal_session_info(TALLOC_CTX *mem_ctx, - struct auth_ntlmssp_state *auth_ntlmssp_state, - struct auth_serversupplied_info **session_info); -NTSTATUS auth_ntlmssp_start(struct auth_ntlmssp_state **auth_ntlmssp_state); - - -/* The following definitions come from auth/auth_sam.c */ - -NTSTATUS check_sam_security(const DATA_BLOB *challenge, - TALLOC_CTX *mem_ctx, - const struct auth_usersupplied_info *user_info, - struct auth_serversupplied_info **server_info); -NTSTATUS check_sam_security_info3(const DATA_BLOB *challenge, - TALLOC_CTX *mem_ctx, - const struct auth_usersupplied_info *user_info, - struct netr_SamInfo3 **pinfo3); -NTSTATUS auth_sam_init(void); - -/* The following definitions come from auth/auth_server.c */ - -NTSTATUS auth_server_init(void); - -/* The following definitions come from auth/auth_unix.c */ - -NTSTATUS auth_unix_init(void); - -/* The following definitions come from auth/auth_util.c */ - -NTSTATUS make_user_info_map(struct auth_usersupplied_info **user_info, - const char *smb_name, - const char *client_domain, - const char *workstation_name, - DATA_BLOB *lm_pwd, - DATA_BLOB *nt_pwd, - const struct samr_Password *lm_interactive_pwd, - const struct samr_Password *nt_interactive_pwd, - const char *plaintext, - enum auth_password_state password_state); -bool make_user_info_netlogon_network(struct auth_usersupplied_info **user_info, - const char *smb_name, - const char *client_domain, - const char *workstation_name, - uint32 logon_parameters, - const uchar *lm_network_pwd, - int lm_pwd_len, - const uchar *nt_network_pwd, - int nt_pwd_len); -bool make_user_info_netlogon_interactive(struct auth_usersupplied_info **user_info, - const char *smb_name, - const char *client_domain, - const char *workstation_name, - uint32 logon_parameters, - const uchar chal[8], - const uchar lm_interactive_pwd[16], - const uchar nt_interactive_pwd[16], - const uchar *dc_sess_key); -bool make_user_info_for_reply(struct auth_usersupplied_info **user_info, - const char *smb_name, - const char *client_domain, - const uint8 chal[8], - DATA_BLOB plaintext_password); -NTSTATUS make_user_info_for_reply_enc(struct auth_usersupplied_info **user_info, - const char *smb_name, - const char *client_domain, - DATA_BLOB lm_resp, DATA_BLOB nt_resp); -bool make_user_info_guest(struct auth_usersupplied_info **user_info) ; -struct samu; -NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info, - struct samu *sampass); -NTSTATUS create_local_token(struct auth_serversupplied_info *server_info); -NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, - bool is_guest, - uid_t *uid, gid_t *gid, - char **found_username, - struct security_token **token); -bool user_in_group_sid(const char *username, const struct dom_sid *group_sid); -bool user_in_group(const char *username, const char *groupname); -struct passwd; -NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, - char *unix_username, - struct passwd *pwd); -NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, - const char *username, - bool is_guest, - struct auth_serversupplied_info **presult); -struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx, - const struct auth_serversupplied_info *src); -bool init_guest_info(void); -NTSTATUS init_system_info(void); -bool session_info_set_session_key(struct auth_serversupplied_info *info, - DATA_BLOB session_key); -NTSTATUS make_server_info_guest(TALLOC_CTX *mem_ctx, - struct auth_serversupplied_info **server_info); -NTSTATUS make_session_info_system(TALLOC_CTX *mem_ctx, - struct auth_serversupplied_info **session_info); -const struct auth_serversupplied_info *get_session_info_system(void); -bool copy_current_user(struct current_user *dst, struct current_user *src); -struct passwd *smb_getpwnam( TALLOC_CTX *mem_ctx, const char *domuser, - char **p_save_username, bool create ); -NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, - const char *sent_nt_username, - const char *domain, - struct auth_serversupplied_info **server_info, - struct netr_SamInfo3 *info3); -struct wbcAuthUserInfo; -NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx, - const char *sent_nt_username, - const char *domain, - const struct wbcAuthUserInfo *info, - struct auth_serversupplied_info **server_info); -void free_user_info(struct auth_usersupplied_info **user_info); -bool make_auth_methods(struct auth_context *auth_context, auth_methods **auth_method) ; -bool is_trusted_domain(const char* dom_name); - -/* The following definitions come from auth/user_info.c */ - -NTSTATUS make_user_info(struct auth_usersupplied_info **ret_user_info, - const char *smb_name, - const char *internal_username, - const char *client_domain, - const char *domain, - const char *workstation_name, - const DATA_BLOB *lm_pwd, - const DATA_BLOB *nt_pwd, - const struct samr_Password *lm_interactive_pwd, - const struct samr_Password *nt_interactive_pwd, - const char *plaintext_password, - enum auth_password_state password_state); -void free_user_info(struct auth_usersupplied_info **user_info); - -/* The following definitions come from auth/auth_winbind.c */ - -NTSTATUS auth_winbind_init(void); - -/* The following definitions come from auth/server_info.c */ - -struct netr_SamInfo2; -struct netr_SamInfo3; -struct netr_SamInfo6; - -struct auth_serversupplied_info *make_server_info(TALLOC_CTX *mem_ctx); -NTSTATUS serverinfo_to_SamInfo2(struct auth_serversupplied_info *server_info, - uint8_t *pipe_session_key, - size_t pipe_session_key_len, - struct netr_SamInfo2 *sam2); -NTSTATUS serverinfo_to_SamInfo3(const struct auth_serversupplied_info *server_info, - uint8_t *pipe_session_key, - size_t pipe_session_key_len, - struct netr_SamInfo3 *sam3); -NTSTATUS serverinfo_to_SamInfo6(struct auth_serversupplied_info *server_info, - uint8_t *pipe_session_key, - size_t pipe_session_key_len, - struct netr_SamInfo6 *sam6); -NTSTATUS samu_to_SamInfo3(TALLOC_CTX *mem_ctx, - struct samu *samu, - const char *login_server, - struct netr_SamInfo3 **_info3, - struct extra_auth_info *extra); -struct netr_SamInfo3 *copy_netr_SamInfo3(TALLOC_CTX *mem_ctx, - struct netr_SamInfo3 *orig); -struct netr_SamInfo3 *wbcAuthUserInfo_to_netr_SamInfo3(TALLOC_CTX *mem_ctx, - const struct wbcAuthUserInfo *info); - -/* The following definitions come from auth/auth_wbc.c */ - -NTSTATUS auth_wbc_init(void); - -/* The following definitions come from auth/pampass.c */ - -bool smb_pam_claim_session(char *user, char *tty, char *rhost); -bool smb_pam_close_session(char *user, char *tty, char *rhost); -NTSTATUS smb_pam_accountcheck(const char *user, const char *rhost); -NTSTATUS smb_pam_passcheck(const char * user, const char * rhost, - const char * password); -bool smb_pam_passchange(const char *user, const char *rhost, - const char *oldpassword, const char *newpassword); -bool smb_pam_claim_session(char *user, char *tty, char *rhost); -bool smb_pam_close_session(char *in_user, char *tty, char *rhost); - -/* The following definitions come from auth/pass_check.c */ - -void dfs_unlogin(void); -NTSTATUS pass_check(const struct passwd *pass, - const char *user, - const char *rhost, - const char *password, - bool run_cracker); - -/* The following definitions come from auth/token_util.c */ - -bool nt_token_check_sid ( const struct dom_sid *sid, const struct security_token *token ); -bool nt_token_check_domain_rid( struct security_token *token, uint32 rid ); -struct security_token *get_root_nt_token( void ); -NTSTATUS add_aliases(const struct dom_sid *domain_sid, - struct security_token *token); -struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx, - const struct dom_sid *user_sid, - bool is_guest, - int num_groupsids, - const struct dom_sid *groupsids); -NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx, - bool is_guest, - struct netr_SamInfo3 *info3, - struct extra_auth_info *extra, - struct security_token **ntok); -void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid, - int n_groups, gid_t *groups); - /* The following definitions come from lib/access.c */ bool client_match(const char *tok, const void *item); @@ -1096,6 +854,7 @@ char *sid_string_tos(const struct dom_sid *sid); bool sid_linearize(char *outbuf, size_t len, const struct dom_sid *sid); bool non_mappable_sid(struct dom_sid *sid); char *sid_binstring_hex(const struct dom_sid *sid); +struct netr_SamInfo3; NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx, const struct netr_SamInfo3 *info3, struct dom_sid **user_sids, @@ -2960,7 +2719,7 @@ const char *get_pipe_name_from_syntax(TALLOC_CTX *mem_ctx, const struct ndr_syntax_id *syntax); /* The following definitions come from rpc_server/rpc_ncacn_np.c */ - +struct auth_serversupplied_info; struct pipes_struct *make_internal_rpc_pipe_p(TALLOC_CTX *mem_ctx, const struct ndr_syntax_id *syntax, struct client_address *client_id, @@ -3175,32 +2934,6 @@ bool shutdown_service_op_table(void); /* The following definitions come from services/svc_wins.c */ - -/* The following definitions come from auth/user_util.c */ - -bool map_username(TALLOC_CTX *ctx, const char *user_in, char **p_user_out); - -/* The following definitions come from auth/user_krb5.c */ -struct PAC_LOGON_INFO; -NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx, - const char *cli_name, - const char *princ_name, - struct PAC_LOGON_INFO *logon_info, - bool *is_mapped, - bool *mapped_to_guest, - char **ntuser, - char **ntdomain, - char **username, - struct passwd **_pw); -NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, - char *ntuser, - char *ntdomain, - char *username, - struct passwd *pw, - struct PAC_LOGON_INFO *logon_info, - bool mapped_to_guest, - struct auth_serversupplied_info **server_info); - /* The following definitions come from lib/server_contexts.c */ struct tevent_context *server_event_context(void); void server_event_context_free(void); -- 2.34.1