summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth.c10
-rw-r--r--source3/auth/auth_sam.c2
-rw-r--r--source3/auth/auth_samba4.c26
3 files changed, 28 insertions, 10 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 7718142fc11..6d1192ededd 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -210,6 +210,11 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
TALLOC_CTX *tmp_ctx;
NTSTATUS result;
+ if (user_info->flags & USER_INFO_LOCAL_SAM_ONLY
+ && !(auth_method->flags & AUTH_METHOD_LOCAL_SAM)) {
+ continue;
+ }
+
tmp_ctx = talloc_named(mem_ctx,
0,
"%s authentication for user %s\\%s",
@@ -253,7 +258,10 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(nt_status)) {
unix_username = (*pserver_info)->unix_name;
- if (!(*pserver_info)->guest) {
+
+ /* We skip doing this step if the caller asked us not to */
+ if (!(user_info->flags & USER_INFO_INFO3_AND_NO_AUTHZ)
+ && !(*pserver_info)->guest) {
const char *rhost;
if (tsocket_address_is_inet(user_info->remote_host, "ip")) {
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index a34f9a58521..c4100d5a4e1 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -121,7 +121,7 @@ static NTSTATUS auth_init_sam(struct auth_context *auth_context, const char *par
}
result->auth = auth_samstrict_auth;
result->name = "sam";
-
+ result->flags = AUTH_METHOD_LOCAL_SAM;
*auth_method = result;
return NT_STATUS_OK;
}
diff --git a/source3/auth/auth_samba4.c b/source3/auth/auth_samba4.c
index d9d71512a2b..284a91f30b1 100644
--- a/source3/auth/auth_samba4.c
+++ b/source3/auth/auth_samba4.c
@@ -145,14 +145,23 @@ static NTSTATUS check_samba4_security(const struct auth_context *auth_context,
goto done;
}
- nt_status = make_server_info_info3(mem_ctx, user_info->client.account_name,
- user_info->mapped.domain_name, server_info,
- info3);
- if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(10, ("make_server_info_info3 failed: %s\n",
- nt_errstr(nt_status)));
- TALLOC_FREE(frame);
- return nt_status;
+ if (user_info->flags & USER_INFO_INFO3_AND_NO_AUTHZ) {
+ *server_info = make_server_info(mem_ctx);
+ if (*server_info == NULL) {
+ nt_status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+ (*server_info)->info3 = talloc_steal(*server_info, info3);
+
+ } else {
+ nt_status = make_server_info_info3(mem_ctx, user_info->client.account_name,
+ user_info->mapped.domain_name, server_info,
+ info3);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(10, ("make_server_info_info3 failed: %s\n",
+ nt_errstr(nt_status)));
+ goto done;
+ }
}
nt_status = NT_STATUS_OK;
@@ -356,6 +365,7 @@ static NTSTATUS auth_init_samba4(struct auth_context *auth_context,
result->auth = check_samba4_security;
result->prepare_gensec = prepare_gensec;
result->make_auth4_context = make_auth4_context_s4;
+ result->flags = AUTH_METHOD_LOCAL_SAM;
if (param && *param) {
auth_context->forced_samba4_methods = talloc_strdup(result, param);
View Lorry Controller Status