mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s3: Lift smbd_server_fd() from pass_check()
This commit is contained in:
parent
a3995ef31c
commit
92fd03c5f0
@ -37,16 +37,23 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context,
|
|||||||
{
|
{
|
||||||
NTSTATUS nt_status;
|
NTSTATUS nt_status;
|
||||||
struct passwd *pass = NULL;
|
struct passwd *pass = NULL;
|
||||||
|
const char *rhost;
|
||||||
|
char addr[INET6_ADDRSTRLEN];
|
||||||
|
|
||||||
DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
|
DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
|
||||||
|
|
||||||
become_root();
|
become_root();
|
||||||
pass = Get_Pwnam_alloc(talloc_tos(), user_info->mapped.account_name);
|
pass = Get_Pwnam_alloc(talloc_tos(), user_info->mapped.account_name);
|
||||||
|
|
||||||
|
rhost = client_name(smbd_server_fd());
|
||||||
|
if (strequal(rhost,"UNKNOWN"))
|
||||||
|
rhost = client_addr(smbd_server_fd(), addr, sizeof(addr));
|
||||||
|
|
||||||
/** @todo This call assumes a ASCII password, no charset transformation is
|
/** @todo This call assumes a ASCII password, no charset transformation is
|
||||||
done. We may need to revisit this **/
|
done. We may need to revisit this **/
|
||||||
nt_status = pass_check(pass,
|
nt_status = pass_check(pass,
|
||||||
pass ? pass->pw_name : user_info->mapped.account_name,
|
pass ? pass->pw_name : user_info->mapped.account_name,
|
||||||
|
rhost,
|
||||||
user_info->password.plaintext,
|
user_info->password.plaintext,
|
||||||
true);
|
true);
|
||||||
|
|
||||||
|
@ -660,6 +660,7 @@ return NT_STATUS_OK on correct match, appropriate error otherwise
|
|||||||
|
|
||||||
NTSTATUS pass_check(const struct passwd *pass,
|
NTSTATUS pass_check(const struct passwd *pass,
|
||||||
const char *user,
|
const char *user,
|
||||||
|
const char *rhost,
|
||||||
const char *password,
|
const char *password,
|
||||||
bool run_cracker)
|
bool run_cracker)
|
||||||
{
|
{
|
||||||
@ -668,13 +669,6 @@ NTSTATUS pass_check(const struct passwd *pass,
|
|||||||
|
|
||||||
NTSTATUS nt_status;
|
NTSTATUS nt_status;
|
||||||
|
|
||||||
const char *rhost;
|
|
||||||
char addr[INET6_ADDRSTRLEN];
|
|
||||||
|
|
||||||
rhost = client_name(smbd_server_fd());
|
|
||||||
if (strequal(rhost,"UNKNOWN"))
|
|
||||||
rhost = client_addr(smbd_server_fd(), addr, sizeof(addr));
|
|
||||||
|
|
||||||
#ifdef DEBUG_PASSWORD
|
#ifdef DEBUG_PASSWORD
|
||||||
DEBUG(100, ("checking user=[%s] pass=[%s]\n", user, password));
|
DEBUG(100, ("checking user=[%s] pass=[%s]\n", user, password));
|
||||||
#endif
|
#endif
|
||||||
|
@ -232,7 +232,10 @@ bool smb_pam_close_session(char *in_user, char *tty, char *rhost);
|
|||||||
/* The following definitions come from auth/pass_check.c */
|
/* The following definitions come from auth/pass_check.c */
|
||||||
|
|
||||||
void dfs_unlogin(void);
|
void dfs_unlogin(void);
|
||||||
NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *password,
|
NTSTATUS pass_check(const struct passwd *pass,
|
||||||
|
const char *user,
|
||||||
|
const char *rhost,
|
||||||
|
const char *password,
|
||||||
bool run_cracker);
|
bool run_cracker);
|
||||||
|
|
||||||
/* The following definitions come from auth/token_util.c */
|
/* The following definitions come from auth/token_util.c */
|
||||||
|
@ -339,6 +339,8 @@ static bool cgi_handle_authorization(char *line)
|
|||||||
char *p;
|
char *p;
|
||||||
fstring user, user_pass;
|
fstring user, user_pass;
|
||||||
struct passwd *pass = NULL;
|
struct passwd *pass = NULL;
|
||||||
|
const char *rhost;
|
||||||
|
char addr[INET6_ADDRSTRLEN];
|
||||||
|
|
||||||
if (!strnequal(line,"Basic ", 6)) {
|
if (!strnequal(line,"Basic ", 6)) {
|
||||||
goto err;
|
goto err;
|
||||||
@ -369,11 +371,15 @@ static bool cgi_handle_authorization(char *line)
|
|||||||
|
|
||||||
pass = getpwnam_alloc(talloc_autofree_context(), user);
|
pass = getpwnam_alloc(talloc_autofree_context(), user);
|
||||||
|
|
||||||
|
rhost = client_name(1);
|
||||||
|
if (strequal(rhost,"UNKNOWN"))
|
||||||
|
rhost = client_addr(1, addr, sizeof(addr));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Validate the password they have given.
|
* Validate the password they have given.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if NT_STATUS_IS_OK(pass_check(pass, user, user_pass, false)) {
|
if NT_STATUS_IS_OK(pass_check(pass, user, rhost, user_pass, false)) {
|
||||||
if (pass) {
|
if (pass) {
|
||||||
/*
|
/*
|
||||||
* Password was ok.
|
* Password was ok.
|
||||||
|
Loading…
Reference in New Issue
Block a user