mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
1b1b8e39b2
map.
This little authentication module is #ifdef DEVELOPER, becouse it really is of
no use execept as a development tool
invoke by setting:
auth methods = guest sam name_to_ntstatus
in the smb.conf file (the SAM and guest elements are required for the member
server to authenticate itself).
Andrew Bartlett
(This used to be commit 9807e66f34
)
121 lines
3.5 KiB
C
121 lines
3.5 KiB
C
/*
|
|
Unix SMB/Netbios implementation.
|
|
Version 3.0.
|
|
Generic authenticaion types
|
|
Copyright (C) Andrew Bartlett 2001
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
|
|
/****************************************************************************
|
|
Check for a guest logon (username = "") and if so create the required
|
|
structure.
|
|
****************************************************************************/
|
|
|
|
static NTSTATUS check_guest_security(void *my_private_data,
|
|
const auth_usersupplied_info *user_info,
|
|
const auth_authsupplied_info *auth_info,
|
|
auth_serversupplied_info **server_info)
|
|
{
|
|
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
|
|
|
|
if (!(user_info->internal_username.str
|
|
&& *user_info->internal_username.str)) {
|
|
if (make_server_info_guest(server_info)) {
|
|
nt_status = NT_STATUS_OK;
|
|
} else {
|
|
nt_status = NT_STATUS_NO_SUCH_USER;
|
|
}
|
|
}
|
|
|
|
return nt_status;
|
|
}
|
|
|
|
BOOL auth_init_guest(auth_methods **auth_method)
|
|
{
|
|
if (!make_auth_methods(auth_method)) {
|
|
return False;
|
|
}
|
|
|
|
(*auth_method)->auth = check_guest_security;
|
|
return True;
|
|
}
|
|
|
|
/****************************************************************************
|
|
Check against either sam or unix, depending on encryption.
|
|
****************************************************************************/
|
|
|
|
static NTSTATUS check_local_security(void *my_private_data,
|
|
const auth_usersupplied_info *user_info,
|
|
const auth_authsupplied_info *auth_info,
|
|
auth_serversupplied_info **server_info)
|
|
{
|
|
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
|
|
|
|
if (user_info->encrypted) {
|
|
nt_status = check_sam_security(my_private_data, user_info, auth_info, server_info);
|
|
} else {
|
|
nt_status = check_unix_security(my_private_data, user_info, auth_info, server_info);
|
|
}
|
|
|
|
return nt_status;
|
|
}
|
|
|
|
BOOL auth_init_local(auth_methods **auth_method)
|
|
{
|
|
if (!make_auth_methods(auth_method)) {
|
|
return False;
|
|
}
|
|
|
|
(*auth_method)->auth = check_local_security;
|
|
return True;
|
|
}
|
|
|
|
/****************************************************************************
|
|
Return an error based on username
|
|
****************************************************************************/
|
|
|
|
static NTSTATUS check_name_to_ntstatus_security(void *my_private_data,
|
|
const auth_usersupplied_info *user_info,
|
|
const auth_authsupplied_info *auth_info,
|
|
auth_serversupplied_info **server_info)
|
|
{
|
|
NTSTATUS nt_status;
|
|
fstring user;
|
|
long error_num;
|
|
fstrcpy(user, user_info->smb_name.str);
|
|
strlower(user);
|
|
error_num = strtoul(user, NULL, 16);
|
|
|
|
DEBUG(5,("Error for user %s was %lx\n", user, error_num));
|
|
|
|
nt_status = NT_STATUS(error_num);
|
|
|
|
return nt_status;
|
|
}
|
|
|
|
BOOL auth_init_name_to_ntstatus(auth_methods **auth_method)
|
|
{
|
|
if (!make_auth_methods(auth_method)) {
|
|
return False;
|
|
}
|
|
|
|
(*auth_method)->auth = check_name_to_ntstatus_security;
|
|
return True;
|
|
}
|
|
|