auth: Split out make_user_info_SamBaseInfo and add authenticated argument

This will allow the source3 auth code to call this without needing to
double-parse the SIDs

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

4 files changed, 10 insertions, 3 deletions

diff --git a/source4/auth/gensec/gensec_krb5.c b/source4/auth/gensec/gensec_krb5.c
index c3e3b98f743..d47bc7709c9 100644
--- a/source4/auth/gensec/gensec_krb5.c
+++ b/source4/auth/gensec/gensec_krb5.c
@@ -714,6 +714,7 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
 		nt_status = make_user_info_dc_netlogon_validation(mem_ctx,
 								 NULL,
 								 3, &validation,
+								  true, /* This user was authenticated */
 								 &user_info_dc);
 		if (!NT_STATUS_IS_OK(nt_status)) {
 			free(principal_string);
diff --git a/source4/auth/ntlm/auth_winbind.c b/source4/auth/ntlm/auth_winbind.c
index da152e718a8..63827ef7550 100644
--- a/source4/auth/ntlm/auth_winbind.c
+++ b/source4/auth/ntlm/auth_winbind.c
@@ -220,6 +220,7 @@ static NTSTATUS winbind_check_password(struct auth_method_context *ctx,
 						      user_info->client.account_name,
 						      s->req.in.validation_level,
 						      &s->req.out.validation,
+						       true, /* This user was authenticated */
 						      user_info_dc);
 	NT_STATUS_NOT_OK_RETURN(status);
 
@@ -304,8 +305,10 @@ static NTSTATUS winbind_check_password_wbclient(struct auth_method_context *ctx,
 
 	validation.sam3 = &info3;
 	nt_status = make_user_info_dc_netlogon_validation(mem_ctx,
-					user_info->client.account_name,
-					3, &validation, user_info_dc);
+							  user_info->client.account_name,
+							  3, &validation,
+							  true, /* This user was authenticated */
+							  user_info_dc);
 	return nt_status;
 
 }
diff --git a/source4/torture/auth/pac.c b/source4/torture/auth/pac.c
index f09e039964e..4840a79b7fd 100644
--- a/source4/torture/auth/pac.c
+++ b/source4/torture/auth/pac.c
@@ -223,7 +223,8 @@ static bool torture_pac_self_check(struct torture_context *tctx)
 	nt_status = make_user_info_dc_netlogon_validation(mem_ctx,
 							 "",
 							 3, &validation,
-							 &user_info_dc_out);
+							  true, /* This user was authenticated */
+						 &user_info_dc_out);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		torture_fail(tctx, 
 			     talloc_asprintf(tctx, 
@@ -487,6 +488,7 @@ static bool torture_pac_saved_check(struct torture_context *tctx)
 	nt_status = make_user_info_dc_netlogon_validation(mem_ctx,
 							 "",
 							 3, &validation,
+							  true, /* This user was authenticated */
 							 &user_info_dc_out);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		krb5_free_keyblock_contents(smb_krb5_context->krb5_context, 
diff --git a/source4/torture/rpc/remote_pac.c b/source4/torture/rpc/remote_pac.c
index 70912781a82..37fb8af1478 100644
--- a/source4/torture/rpc/remote_pac.c
+++ b/source4/torture/rpc/remote_pac.c
@@ -598,6 +598,7 @@ static bool test_S2U4Self(struct torture_context *tctx,
 						      ninfo.identity_info.account_name.string,
 						      r.in.validation_level,
 						      r.out.validation,
+							  true, /* This user was authenticated */
 						      &netlogon_user_info_dc);
 
 	torture_assert_ntstatus_ok(tctx, status, "make_user_info_dc_netlogon_validation failed");