From 45dab9f06594777e96be5f4556e6bb386f68f309 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 26 Feb 1998 22:58:21 +0000 Subject: [PATCH] Makefile, password.c, includes.h: Added KRB4 patches from Johan Hedin nmbd_packets.c: Patch for aliased interfaces from Daniel Haun . Jeremy. (This used to be commit 60f6302b1972e49159bf6e1a838e691268e4399c) --- source3/include/includes.h | 8 ++++++-- source3/nmbd/nmbd_packets.c | 17 ++++++++++++++++- source3/smbd/password.c | 30 ++++++++++++++++++++++++++++++ 3 files changed, 52 insertions(+), 3 deletions(-) diff --git a/source3/include/includes.h b/source3/include/includes.h index f9c29fd41dc..94bf23cef5d 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -299,9 +299,9 @@ typedef unsigned short mode_t; #include #include #include -#ifndef USE_LIBDES +#if !defined(USE_LIBDES) && !defined(KRB4_AUTH) #include -#endif /* USE_LIBDES */ +#endif /* !USE_LIBDES && !KRB4_AUTH */ extern int gettimeofday (struct timeval *, void *); extern int gethostname (char *name, int namelen); extern int innetgr (const char *, const char *, const char *, const char *); @@ -1140,6 +1140,10 @@ union semun { #include #endif +#ifdef KRB4_AUTH +#include +#endif + #ifdef NO_UTIMBUF struct utimbuf { time_t actime; diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c index cd99343e709..f14c62c4eb5 100644 --- a/source3/nmbd/nmbd_packets.c +++ b/source3/nmbd/nmbd_packets.c @@ -58,6 +58,21 @@ static int find_subnet_fd_for_address( struct in_addr local_ip ) return ClientNMB; } +/*************************************************************************** +Utility function to find the specific fd to send a mailslot packet out on. +**************************************************************************/ + +static int find_subnet_mailslot_fd_for_address( struct in_addr local_ip ) +{ + struct subnet_record *subrec; + + for( subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) + if(ip_equal(local_ip, subrec->myip)) + return subrec->dgram_sock; + + return ClientDGRAM; +} + /*************************************************************************** Get/Set problematic nb_flags as network byte order 16 bit int. **************************************************************************/ @@ -1828,7 +1843,7 @@ BOOL send_mailslot(BOOL unique, char *mailslot,char *buf,int len, p.ip = dest_ip; p.port = DGRAM_PORT; - p.fd = ClientDGRAM; + p.fd = find_subnet_mailslot_fd_for_address( src_ip ); p.timestamp = time(NULL); p.packet_type = DGRAM_PACKET; diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 607d01d2cfb..19115154045 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -670,6 +670,32 @@ static BOOL krb5_auth(char *this_user,char *password) } #endif /* KRB5_AUTH */ +#ifdef KRB4_AUTH +/******************************************************************* +check on Kerberos authentication +********************************************************************/ +static BOOL krb4_auth(char *this_user,char *password) +{ + char realm[REALM_SZ]; + char tkfile[MAXPATHLEN]; + + if (krb_get_lrealm(realm, 1) != KSUCCESS) + (void) strncpy(realm, KRB_REALM, sizeof (realm)); + + (void) sprintf(tkfile, "/tmp/samba_tkt_%d", getpid()); + + krb_set_tkt_string(tkfile); + if (krb_verify_user(this_user, "", realm, + password, 0, + "rmcd") == KSUCCESS) { + unlink(tkfile); + return 1; + } + unlink(tkfile); + return 0; +} +#endif /* KRB4_AUTH */ + #ifdef LINUX_BIGCRYPT /**************************************************************************** an enhanced crypt for Linux to handle password longer than 8 characters @@ -775,6 +801,10 @@ Hence we make a direct return to avoid a second chance!!! if (krb5_auth(this_user,password)) return(True); #endif +#ifdef KRB4_AUTH + if (krb4_auth(this_user,password)) return(True); +#endif + #ifdef PWDAUTH if (pwdauth(this_user,password) == 0) return(True);