[PATCH]: wbc: expand wbcAuthUserParams to pass alternate
kai at samba.org
Tue May 19 06:33:40 GMT 2009
On Tuesday 19 May 2009 02:11:16 Steven Danneman wrote:
> We need to expand the wbcAuthUserEx() interface somehow to allow passing
> an alternate DOMAIN\user combination to our auth daemon. This is
> necessary when the auth daemon is checking an NTLMv2 hash, which was
> built using the on-the-wire DOMAIN\user combination, but smbd has mapped
> the domain to the server's local sam name (via make_user_info_map()) or
> smbd has mapped the user (via the "username map" parameter).
> Our approach was to add a new response2 struct and level to the
> wbcAuthUserParams. The should keep backwards compatibility, with
> previous apps built to .1-.3 version of the interface. The only problem
> I foresee is some confusion for other client app developers as to which
> response structure to use in their code when trying to check NTLM
> responses. I can hopefully mitigate that by just adding a comment to
> the struct.
> What do you think?
I agree with the basic design, but I don't like this struct being called
response2. Some name telling what the struct is about would be nicer. Unless
we really want to use response2 instead of response in all callers now
anyway, then I guess response2 makes sense.
On a sidenote, I don't think we want to keep a full libwbclient changelog in
the header file. Keeping the last change that required a version bump should
Aren't you breaking the code in auth_util.c for people not using auth_wbc?
There's also a typo in
* This allow deals with the client passing in a "" domain */
WorldForge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.samba.org/archive/samba-technical/attachments/20090519/6020099f/attachment.bin
More information about the samba-technical