From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 9 Feb 2018 07:38:18 +0000 (+0100)
Subject: winbindd: rename winbindd_pam_auth_pac_send and let it return validation
X-Git-Tag: tevent-0.9.36~142
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8422c001bec169a73657b1d638ec8ec4c35c243a;p=thirdparty%2Fsamba.git

winbindd: rename winbindd_pam_auth_pac_send and let it return validation

Just a preperational step. The next commit will update the caller to
make use of the validation info.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13262

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
---

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index f186d865f56..8403d7d57b6 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -2893,8 +2893,10 @@ out:
 	return status;
 }
 
-NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
-				    struct netr_SamInfo3 **info3)
+NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
+				      bool *p_is_trusted,
+				      uint16_t *p_validation_level,
+				      union netr_Validation **p_validation)
 {
 	struct winbindd_request *req = state->request;
 	DATA_BLOB pac_blob;
@@ -2909,6 +2911,10 @@ NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
 	bool is_trusted = false;
 	uint32_t i;
 
+	*p_is_trusted = false;
+	*p_validation_level = 0;
+	*p_validation = NULL;
+
 	pac_blob = data_blob_const(req->extra_data.data, req->extra_len);
 	result = extract_pac_vrfy_sigs(state->mem_ctx, pac_blob, &pac_data);
 	if (NT_STATUS_IS_OK(result)) {
@@ -3004,14 +3010,21 @@ NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
 		}
 	}
 
-	*info3 = info3_copy;
-
+	*p_is_trusted = is_trusted;
+	*p_validation_level = validation_level;
+	*p_validation = validation;
 	return NT_STATUS_OK;
 }
 #else /* HAVE_KRB5 */
-NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
-				    struct netr_SamInfo3 **info3)
+NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
+				      bool *p_is_trusted,
+				      uint16_t *p_validation_level,
+				      union netr_Validation **p_validation);
 {
+
+	*p_is_trusted = false;
+	*p_validation_level = 0;
+	*p_validation = NULL;
 	return NT_STATUS_NO_SUCH_USER;
 }
 #endif /* HAVE_KRB5 */
diff --git a/source3/winbindd/winbindd_pam_auth_crap.c b/source3/winbindd/winbindd_pam_auth_crap.c
index afcce03172e..6fb65a27461 100644
--- a/source3/winbindd/winbindd_pam_auth_crap.c
+++ b/source3/winbindd/winbindd_pam_auth_crap.c
@@ -49,12 +49,15 @@ struct tevent_req *winbindd_pam_auth_crap_send(
 	state->flags = request->flags;
 
 	if (state->flags & WBFLAG_PAM_AUTH_PAC) {
-		struct netr_SamInfo3 *info3 = NULL;
+		bool is_trusted = false;
 		uint16_t validation_level;
 		union netr_Validation *validation = NULL;
 		NTSTATUS status;
 
-		status = winbindd_pam_auth_pac_send(cli, &info3);
+		status = winbindd_pam_auth_pac_verify(cli,
+						      &is_trusted,
+						      &validation_level,
+						      &validation);
 		if (tevent_req_nterror(req, status)) {
 			return tevent_req_post(req, ev);
 		}
@@ -67,14 +70,6 @@ struct tevent_req *winbindd_pam_auth_crap_send(
 		state->response->result = WINBINDD_PENDING;
 		state->response->length = sizeof(struct winbindd_response);
 
-		status = map_info3_to_validation(talloc_tos(),
-						 info3,
-						 &validation_level,
-						 &validation);
-		if (tevent_req_nterror(req, status)) {
-			return tevent_req_post(req, ev);
-		}
-
 		status = append_auth_data(state->response,
 					  state->response,
 					  state->flags,
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 015fd717b34..d09176d954a 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -419,8 +419,10 @@ enum winbindd_result winbindd_dual_pam_chauthtok(struct winbindd_domain *contact
 enum winbindd_result winbindd_dual_pam_logoff(struct winbindd_domain *domain,
 					      struct winbindd_cli_state *state) ;
 enum winbindd_result winbindd_dual_pam_chng_pswd_auth_crap(struct winbindd_domain *domainSt, struct winbindd_cli_state *state);
-NTSTATUS winbindd_pam_auth_pac_send(struct winbindd_cli_state *state,
-				    struct netr_SamInfo3 **info3);
+NTSTATUS winbindd_pam_auth_pac_verify(struct winbindd_cli_state *state,
+				      bool *p_is_trusted,
+				      uint16_t *p_validation_level,
+				      union netr_Validation **p_validation);
 
 NTSTATUS winbind_dual_SamLogon(struct winbindd_domain *domain,
 			       TALLOC_CTX *mem_ctx,