winbind: Extend wbcAuthenticateUserEx to provide PAC

[obnox/samba/samba-obnox.git] / source3 / winbindd / winbindd_pam_auth_crap.c

diff --git a/source3/winbindd/winbindd_pam_auth_crap.c b/source3/winbindd/winbindd_pam_auth_crap.c
index 2fb5111510c78bd8c82913fe084662ee7afa9dc6..ffbc322fc0c4703390d7dfd470d8749ee4f6b784 100644 (file)
--- a/source3/winbindd/winbindd_pam_auth_crap.c
+++ b/source3/winbindd/winbindd_pam_auth_crap.c
@@ -22,6 +22,8 @@
 
 struct winbindd_pam_auth_crap_state {
        struct winbindd_response *response;
+       struct netr_SamInfo3 *info3;
+       uint32_t flags;
 };
 
 static void winbindd_pam_auth_crap_done(struct tevent_req *subreq);
@@ -42,6 +44,21 @@ struct tevent_req *winbindd_pam_auth_crap_send(
                return NULL;
        }
 
+       if (request->flags & WBFLAG_PAM_AUTH_PAC) {
+               NTSTATUS status;
+
+               state->flags = request->flags;
+               status = winbindd_pam_auth_pac_send(cli, &state->info3);
+               if (NT_STATUS_IS_OK(status)) {
+                       /* Defer filling out response to recv */
+                       tevent_req_done(req);
+               } else {
+                       tevent_req_nterror(req, status);
+               }
+
+               return tevent_req_post(req, ev);
+       }
+
        /* Ensure null termination */
        request->data.auth_crap.user[
                sizeof(request->data.auth_crap.user)-1] = '\0';
@@ -114,6 +131,12 @@ NTSTATUS winbindd_pam_auth_crap_recv(struct tevent_req *req,
                set_auth_errors(response, status);
                return status;
        }
+
+       if (state->flags & WBFLAG_PAM_AUTH_PAC) {
+               return append_auth_data(response, response, state->flags,
+                                       state->info3, NULL, NULL);
+       }
+
        *response = *state->response;
        response->result = WINBINDD_PENDING;
        state->response = talloc_move(response, &state->response);