s3-auth: Remove single-implementation plugin layer

The ->get_ntlm_challenge and ->check_ntlm_password elements of struct auth_context
were only ever initialised to a single value.  Make it easier to follow by
just calling the function directly.

Andrew Bartlett

diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 0c910656051aac85aad85fdc0bb54bfeeb89a590..4b075a6c54b053c17053f76b04f05461ed5f48b3 100644 (file)
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -78,8 +78,8 @@ static struct auth_init_function_entry *auth_find_backend_entry(const char *name
  Returns a const char of length 8 bytes.
 ****************************************************************************/
 
-static NTSTATUS get_ntlm_challenge(struct auth_context *auth_context,
-                              uint8_t chal[8])
+NTSTATUS auth_get_ntlm_challenge(struct auth_context *auth_context,
+                                uint8_t chal[8])
 {
        DATA_BLOB challenge = data_blob_null;
        const char *challenge_set_by = NULL;
@@ -202,9 +202,9 @@ static bool check_domain_match(const char *user, const char *domain)
  *
  **/
 
-static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
-                                   const struct auth_usersupplied_info *user_info, 
-                                   struct auth_serversupplied_info **server_info)
+NTSTATUS auth_check_ntlm_password(const struct auth_context *auth_context,
+                                 const struct auth_usersupplied_info *user_info, 
+                                 struct auth_serversupplied_info **server_info)
 {
        /* if all the modules say 'not for me' this is reasonable */
        NTSTATUS nt_status = NT_STATUS_NO_SUCH_USER;
@@ -366,9 +366,6 @@ static NTSTATUS make_auth_context(TALLOC_CTX *mem_ctx,
                return NT_STATUS_NO_MEMORY;
        }
 
-       ctx->check_ntlm_password = check_ntlm_password;
-       ctx->get_ntlm_challenge = get_ntlm_challenge;
-
        talloc_set_destructor((TALLOC_CTX *)ctx, auth_context_destructor);
 
        *auth_context = ctx;

diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 582c8dc591abb1c4139994ef257a59fd90a93cae..3437dbfb834a1345f6fb148bb23fd1a066b5f5a2 100644 (file)
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -59,7 +59,7 @@ NTSTATUS auth3_get_challenge(struct auth4_context *auth4_context,
 {
        struct auth_context *auth_context = talloc_get_type_abort(auth4_context->private_data,
                                                                  struct auth_context);
-       auth_context->get_ntlm_challenge(auth_context, chal);
+       auth_get_ntlm_challenge(auth_context, chal);
        return NT_STATUS_OK;
 }
 
@@ -146,8 +146,8 @@ NTSTATUS auth3_check_password(struct auth4_context *auth4_context,
 
        mapped_user_info->flags = user_info->flags;
 
-       nt_status = auth_context->check_ntlm_password(auth_context,
-                                                     mapped_user_info, &server_info);
+       nt_status = auth_check_ntlm_password(auth_context,
+                                            mapped_user_info, &server_info);
 
        if (!NT_STATUS_IS_OK(nt_status)) {
                DEBUG(5,("Checking NTLMSSP password for %s\\%s failed: %s\n",

diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index 04f94ae84bc3d53330bcebad799787e899bbd979..01e2934dc7dd57b20ebd12520d5fa5ffaed6c96f 100644 (file)
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -44,6 +44,46 @@ NTSTATUS make_auth_context_fixed(TALLOC_CTX *mem_ctx,
                                 struct auth_context **auth_context,
                                 uchar chal[8]) ;
 
+/****************************************************************************
+ Try to get a challenge out of the various authentication modules.
+ Returns a const char of length 8 bytes.
+****************************************************************************/
+
+NTSTATUS auth_get_ntlm_challenge(struct auth_context *auth_context,
+                                uint8_t chal[8]);
+
+/**
+ * Check a user's Plaintext, LM or NTLM password.
+ *
+ * Check a user's password, as given in the user_info struct and return various
+ * interesting details in the server_info struct.
+ *
+ * This function does NOT need to be in a become_root()/unbecome_root() pair
+ * as it makes the calls itself when needed.
+ *
+ * The return value takes precedence over the contents of the server_info 
+ * struct.  When the return is other than NT_STATUS_OK the contents 
+ * of that structure is undefined.
+ *
+ * @param user_info Contains the user supplied components, including the passwords.
+ *                  Must be created with make_user_info() or one of its wrappers.
+ *
+ * @param auth_context Supplies the challenges and some other data. 
+ *                  Must be created with make_auth_context(), and the challenges should be 
+ *                  filled in, either at creation or by calling the challenge geneation 
+ *                  function auth_get_challenge().  
+ *
+ * @param server_info If successful, contains information about the authentication, 
+ *                    including a struct samu struct describing the user.
+ *
+ * @return An NTSTATUS with NT_STATUS_OK or an appropriate error.
+ *
+ **/
+
+NTSTATUS auth_check_ntlm_password(const struct auth_context *auth_context,
+                                 const struct auth_usersupplied_info *user_info, 
+                                 struct auth_serversupplied_info **server_info);
+
 /* The following definitions come from auth/auth_builtin.c  */
 
 NTSTATUS auth_builtin_init(void);

diff --git a/source3/include/auth.h b/source3/include/auth.h
index 894b7dff81bea205193056c4c9fbae1767b6088c..7f2c3e5db79b3a06958e415e18a253f1c11b8853 100644 (file)
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -84,12 +84,6 @@ struct auth_context {
        /* What order are the various methods in?   Try to stop it changing under us */ 
        struct auth_methods *auth_method_list;  
 
-       NTSTATUS (*get_ntlm_challenge)(struct auth_context *auth_context,
-                                      uint8_t chal[8]);
-       NTSTATUS (*check_ntlm_password)(const struct auth_context *auth_context,
-                                       const struct auth_usersupplied_info *user_info, 
-                                       struct auth_serversupplied_info **server_info);
-
        prepare_gensec_fn prepare_gensec;
        make_auth4_context_fn make_auth4_context;
 };

diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c
index fdbe9373a8767f9ef5e30ba5f2e517ded36b846a..00d64a8aeb1e0013ccf71b1f941239b0f51926e6 100644 (file)
--- a/source3/rpc_server/netlogon/srv_netlog_nt.c
+++ b/source3/rpc_server/netlogon/srv_netlog_nt.c
@@ -1584,7 +1584,7 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
                        return status;
                }
 
-               auth_context->get_ntlm_challenge(auth_context, chal);
+               auth_get_ntlm_challenge(auth_context, chal);
 
                if (!make_user_info_netlogon_interactive(&user_info,
                                                         nt_username, nt_domain,
@@ -1605,7 +1605,7 @@ static NTSTATUS _netr_LogonSamLogon_base(struct pipes_struct *p,
        } /* end switch */
 
        if ( NT_STATUS_IS_OK(status) ) {
-               status = auth_context->check_ntlm_password(auth_context,
+               status = auth_check_ntlm_password(auth_context,
                        user_info, &server_info);
        }