diff options
author | Andrew Bartlett <abartlet@samba.org> | 2017-03-01 16:00:03 +1300 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-03-29 02:37:27 +0200 |
commit | 0e508853fcb6cc0e8ca2b6ff48d8b5468b339468 (patch) | |
tree | 90589fa5cd0dd8e8754300f8161abf219fbd9c87 /auth/ntlmssp | |
parent | 46a800fae3b054a2e9c2f26f35630cadf11cfe3e (diff) | |
download | samba-0e508853fcb6cc0e8ca2b6ff48d8b5468b339468.tar.gz |
auth_log: Also log the final type of authentication (ntlmssp,krb5)
Administrators really care about how their users were authenticated, so make
this clear.
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-Programmed-by: Gary Lockyer <gary@catalyst.net.nz>
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Diffstat (limited to 'auth/ntlmssp')
-rw-r--r-- | auth/ntlmssp/ntlmssp.c | 6 | ||||
-rw-r--r-- | auth/ntlmssp/ntlmssp_server.c | 9 |
2 files changed, 14 insertions, 1 deletions
diff --git a/auth/ntlmssp/ntlmssp.c b/auth/ntlmssp/ntlmssp.c index 3283c964470..6f7c089467f 100644 --- a/auth/ntlmssp/ntlmssp.c +++ b/auth/ntlmssp/ntlmssp.c @@ -207,6 +207,11 @@ static NTSTATUS gensec_ntlmssp_may_reset_crypto(struct gensec_security *gensec_s return NT_STATUS_OK; } +static const char *gensec_ntlmssp_final_auth_type(struct gensec_security *gensec_security) +{ + return GENSEC_FINAL_AUTH_TYPE_NTLMSSP; +} + static const char *gensec_ntlmssp_oids[] = { GENSEC_OID_NTLMSSP, NULL @@ -232,6 +237,7 @@ static const struct gensec_security_ops gensec_ntlmssp_security_ops = { .session_key = gensec_ntlmssp_session_key, .session_info = gensec_ntlmssp_session_info, .have_feature = gensec_ntlmssp_have_feature, + .final_auth_type = gensec_ntlmssp_final_auth_type, .enabled = true, .priority = GENSEC_NTLMSSP }; diff --git a/auth/ntlmssp/ntlmssp_server.c b/auth/ntlmssp/ntlmssp_server.c index 1bfd4ccdc24..c525a93941f 100644 --- a/auth/ntlmssp/ntlmssp_server.c +++ b/auth/ntlmssp/ntlmssp_server.c @@ -721,7 +721,14 @@ static NTSTATUS ntlmssp_server_check_password(struct gensec_security *gensec_sec user_info->local_host = gensec_get_local_address(gensec_security); user_info->service_description = gensec_get_target_service_description(gensec_security); - user_info->auth_description = "NTLMSSP"; + + /* + * This will just be the string "NTLMSSP" from + * gensec_ntlmssp_final_auth_type, but ensures it stays in sync + * with the same use in the authorization logging triggered by + * gensec_session_info() later + */ + user_info->auth_description = gensec_final_auth_type(gensec_security); user_info->password_state = AUTH_PASSWORD_RESPONSE; user_info->password.response.lanman = ntlmssp_state->lm_resp; |