svn commit: samba r3570 - in branches/SAMBA_4_0/source/utils: .

Sat Nov 6 01:20:28 GMT 2004

Author: abartlet
Date: 2004-11-06 01:20:28 +0000 (Sat, 06 Nov 2004)
New Revision: 3570

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=3570

Log:
Export the user's group list from ntlm_auth, via a new command 'UG'
(user groups).  The form of this is not final, but is this should be a
discussion point with the squid team.

Andrew Bartlett

Modified:
   branches/SAMBA_4_0/source/utils/ntlm_auth.c


Changeset:
Modified: branches/SAMBA_4_0/source/utils/ntlm_auth.c
===================================================================

--- branches/SAMBA_4_0/source/utils/ntlm_auth.c	2004-11-05 23:50:26 UTC (rev 3569)
+++ branches/SAMBA_4_0/source/utils/ntlm_auth.c	2004-11-06 01:20:28 UTC (rev 3570)
@@ -332,6 +332,7 @@
 		    (strncmp(buf, "KK ", 3) != 0) &&
 		    (strncmp(buf, "AF ", 3) != 0) &&
 		    (strncmp(buf, "NA ", 3) != 0) && 
+		    (strncmp(buf, "UG", 2) != 0) && 
 		    (strncmp(buf, "PW ", 3) != 0)) {
 		DEBUG(1, ("SPNEGO request [%s] invalid\n", buf));
 		mux_printf(mux_id, "BH\n");
@@ -405,8 +406,8 @@
 							 talloc_strndup((*gensec_state), 
 									(const char *)in.data, 
 									in.length)))) {
-			DEBUG(1, ("Out of memory\n"));
-			mux_printf(mux_id, "BH\n");
+			DEBUG(1, ("gensec_set_password failed: %s\n", nt_errstr(nt_status)));
+			mux_printf(mux_id, "BH %s\n", nt_errstr(nt_status));
 			data_blob_free(&in);
 			return;
 		}
@@ -416,6 +417,33 @@
 		return;
 	}
 
+	if (strncmp(buf, "UG", 2) == 0) {
+		int i;
+		char *grouplist = NULL;
+		struct auth_session_info *session_info;
+
+		if (!NT_STATUS_IS_OK(gensec_session_info(*gensec_state, &session_info))) { 
+			DEBUG(1, ("gensec_session_info failed: %s\n", nt_errstr(nt_status)));
+			mux_printf(mux_id, "BH %s\n", nt_errstr(nt_status));
+			data_blob_free(&in);
+			return;
+		}
+		
+		/* get the string onto the context */
+		grouplist = talloc_strdup(session_info, "");
+		
+		for (i=0; i< session_info->nt_user_token->num_sids; i++) {
+			grouplist = talloc_asprintf_append(grouplist, "%s,", 
+							   dom_sid_string(session_info, 
+									  session_info->nt_user_token->user_sids[i]));
+		}
+
+		mux_printf(mux_id, "GL %s\n", grouplist);
+		free_session_info(&session_info);
+		data_blob_free(&in);
+		return;
+	}
+
 	/* update */
 
 	nt_status = gensec_update(*gensec_state, NULL, in, &out);

