2010-04-11 17:25:06 +04:00
/*
Unix SMB / CIFS implementation .
Authentication utility functions
Copyright ( C ) Volker Lendecke 2010
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 3 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
# include "includes.h"
2011-03-25 04:28:05 +03:00
# include "auth.h"
2010-09-01 01:09:39 +04:00
# include "librpc/gen_ndr/samr.h"
2011-06-08 20:55:37 +04:00
# include "../lib/tsocket/tsocket.h"
2010-04-11 17:25:06 +04:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_AUTH
2010-05-17 12:10:13 +04:00
static int clear_samr_Password ( struct samr_Password * password )
{
memset ( password - > hash , ' \0 ' , sizeof ( password - > hash ) ) ;
return 0 ;
}
static int clear_string ( char * password )
{
memset ( password , ' \0 ' , strlen ( password ) ) ;
return 0 ;
}
2010-04-11 17:25:06 +04:00
/****************************************************************************
Create an auth_usersupplied_data structure
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-05-17 12:10:13 +04:00
NTSTATUS make_user_info ( struct auth_usersupplied_info * * ret_user_info ,
2010-04-11 17:25:06 +04:00
const char * smb_name ,
const char * internal_username ,
const char * client_domain ,
const char * domain ,
2010-06-01 05:23:50 +04:00
const char * workstation_name ,
2011-06-08 20:55:37 +04:00
const struct tsocket_address * remote_address ,
2010-04-12 23:31:33 +04:00
const DATA_BLOB * lm_pwd ,
const DATA_BLOB * nt_pwd ,
2010-06-01 15:52:01 +04:00
const struct samr_Password * lm_interactive_pwd ,
const struct samr_Password * nt_interactive_pwd ,
const char * plaintext_password ,
enum auth_password_state password_state )
2010-04-11 17:25:06 +04:00
{
2010-05-17 12:10:13 +04:00
struct auth_usersupplied_info * user_info ;
* ret_user_info = NULL ;
2010-04-11 17:25:06 +04:00
DEBUG ( 5 , ( " attempting to make a user_info for %s (%s) \n " , internal_username , smb_name ) ) ;
2010-05-17 12:10:13 +04:00
/* FIXME: Have the caller provide a talloc context of the
* correct lifetime ( possibly talloc_tos ( ) , but it depends on
* the caller ) */
user_info = talloc_zero ( NULL , struct auth_usersupplied_info ) ;
if ( user_info = = NULL ) {
DEBUG ( 0 , ( " talloc failed for user_info \n " ) ) ;
2010-04-11 17:25:06 +04:00
return NT_STATUS_NO_MEMORY ;
}
DEBUG ( 5 , ( " making strings for %s's user_info struct \n " , internal_username ) ) ;
2010-05-17 12:10:13 +04:00
user_info - > client . account_name = talloc_strdup ( user_info , smb_name ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > client . account_name , user_info ) ;
2010-04-11 17:25:06 +04:00
2010-05-17 12:10:13 +04:00
user_info - > mapped . account_name = talloc_strdup ( user_info , internal_username ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > mapped . account_name , user_info ) ;
2010-04-11 17:25:06 +04:00
2010-05-17 12:10:13 +04:00
user_info - > mapped . domain_name = talloc_strdup ( user_info , domain ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > mapped . domain_name , user_info ) ;
2010-04-11 17:25:06 +04:00
2010-05-17 12:10:13 +04:00
user_info - > client . domain_name = talloc_strdup ( user_info , client_domain ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > client . domain_name , user_info ) ;
2010-04-11 17:25:06 +04:00
2010-05-17 12:10:13 +04:00
user_info - > workstation_name = talloc_strdup ( user_info , workstation_name ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > workstation_name , user_info ) ;
2011-06-08 20:55:37 +04:00
user_info - > remote_host = tsocket_address_copy ( remote_address , user_info ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > remote_host , user_info ) ;
2010-04-11 17:25:06 +04:00
DEBUG ( 5 , ( " making blobs for %s's user_info struct \n " , internal_username ) ) ;
2010-05-17 12:10:13 +04:00
if ( lm_pwd & & lm_pwd - > data ) {
user_info - > password . response . lanman = data_blob_talloc ( user_info , lm_pwd - > data , lm_pwd - > length ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > password . response . lanman . data , user_info ) ;
}
if ( nt_pwd & & nt_pwd - > data ) {
user_info - > password . response . nt = data_blob_talloc ( user_info , nt_pwd - > data , nt_pwd - > length ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > password . response . nt . data , user_info ) ;
}
2010-06-01 15:52:01 +04:00
if ( lm_interactive_pwd ) {
2010-05-17 12:10:13 +04:00
user_info - > password . hash . lanman = talloc ( user_info , struct samr_Password ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > password . hash . lanman , user_info ) ;
memcpy ( user_info - > password . hash . lanman - > hash , lm_interactive_pwd - > hash ,
sizeof ( user_info - > password . hash . lanman - > hash ) ) ;
talloc_set_destructor ( user_info - > password . hash . lanman , clear_samr_Password ) ;
2010-06-01 15:52:01 +04:00
}
if ( nt_interactive_pwd ) {
2010-05-17 12:10:13 +04:00
user_info - > password . hash . nt = talloc ( user_info , struct samr_Password ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > password . hash . nt , user_info ) ;
memcpy ( user_info - > password . hash . nt - > hash , nt_interactive_pwd - > hash ,
sizeof ( user_info - > password . hash . nt - > hash ) ) ;
talloc_set_destructor ( user_info - > password . hash . nt , clear_samr_Password ) ;
2010-06-01 15:52:01 +04:00
}
2010-04-11 17:25:06 +04:00
2010-05-17 12:10:13 +04:00
if ( plaintext_password ) {
user_info - > password . plaintext = talloc_strdup ( user_info , plaintext_password ) ;
NT_STATUS_HAVE_NO_MEMORY_AND_FREE ( user_info - > password . plaintext , user_info ) ;
talloc_set_destructor ( user_info - > password . plaintext , clear_string ) ;
}
2010-04-11 17:25:06 +04:00
2010-05-17 12:10:13 +04:00
user_info - > password_state = password_state ;
2010-04-11 17:25:06 +04:00
2010-05-17 12:10:13 +04:00
user_info - > logon_parameters = 0 ;
2010-04-11 17:25:06 +04:00
2010-06-01 15:52:01 +04:00
DEBUG ( 10 , ( " made a user_info for %s (%s) \n " , internal_username , smb_name ) ) ;
2010-05-17 12:10:13 +04:00
* ret_user_info = user_info ;
2010-04-11 17:25:06 +04:00
return NT_STATUS_OK ;
}
/***************************************************************************
Free a user_info struct
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
void free_user_info ( struct auth_usersupplied_info * * user_info )
{
2010-05-17 12:10:13 +04:00
TALLOC_FREE ( * user_info ) ;
2010-04-11 17:25:06 +04:00
}