summaryrefslogtreecommitdiff
path: root/librpc
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-02-11 18:47:21 +1100
committerAndrew Bartlett <abartlet@samba.org>2011-03-01 06:29:03 +0100
commit2a5ac56742db2830a3c8e644d3f0e2681f58c4ac (patch)
tree61d2f1e263e60c83ac523436794c9645b528edd7 /librpc
parent646aefd998c1af366dcaee6cbc2bad9359a71f45 (diff)
downloadsamba-2a5ac56742db2830a3c8e644d3f0e2681f58c4ac.tar.gz
librpc/idl Add helper structures for use by samba3 in auth_session_info
The unix info and in particular unix token needs to be preserved into the struct auth_session_info. Andrew Bartlett
Diffstat (limited to 'librpc')
-rw-r--r--librpc/idl/auth.idl15
-rw-r--r--librpc/idl/security.idl8
2 files changed, 23 insertions, 0 deletions
diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl
index 6b2cb56eeaf..7b4556a6d72 100644
--- a/librpc/idl/auth.idl
+++ b/librpc/idl/auth.idl
@@ -51,6 +51,19 @@ interface auth
PAC_SIGNATURE_DATA *pac_kdc_sig;
} auth_user_info_torture;
+ typedef [public] struct {
+ utf8string unix_name;
+
+ /*
+ * For performance reasons we keep an alpha_strcpy-sanitized version
+ * of the username around as long as the global variable current_user
+ * still exists. If we did not do keep this, we'd have to call
+ * alpha_strcpy whenever we do a become_user(), potentially on every
+ * smb request. See set_current_user_info in source3.
+ */
+ utf8string sanitized_username;
+ } auth_user_info_unix;
+
/* This is the interim product of the auth subsystem, before
* privileges and local groups are handled */
typedef [public] struct {
@@ -63,7 +76,9 @@ interface auth
typedef [public] struct {
security_token *security_token;
+ security_unix_token *unix_token;
auth_user_info *info;
+ auth_user_info_unix *unix_info;
DATA_BLOB session_key;
DATA_BLOB exported_gssapi_credentials;
} auth_session_info_transport;
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 266af49caa6..2f633ab0eff 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -577,6 +577,14 @@ interface security
lsa_SystemAccessModeFlags rights_mask;
} security_token;
+ /* This is not yet sent over the network, but is simply defined in IDL */
+ typedef [public] struct {
+ uid_t uid;
+ uid_t gid;
+ uint32 ngroups;
+ [size_is(ngroups)] gid_t groups[*];
+ } security_unix_token;
+
/* bits that determine which parts of a security descriptor
are being queried/set */
typedef [public,bitmap32bit] bitmap {