summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2002-06-15 11:08:46 +0000
committerAndrew Bartlett <abartlet@samba.org>2002-06-15 11:08:46 +0000
commit209fcbfb92dadbe82c7355a7104d4dbd3398096b (patch)
tree7139d9a89fe684611cb13747d696ec6a9ed48071
parente2ed473f571aeb01472ca4c5b91f2e784a30c761 (diff)
downloadsamba-209fcbfb92dadbe82c7355a7104d4dbd3398096b.tar.gz
samba-209fcbfb92dadbe82c7355a7104d4dbd3398096b.tar.bz2
samba-209fcbfb92dadbe82c7355a7104d4dbd3398096b.zip
Add another 'trivial' built in authentication module - this one is a
deveopers hack to always send a fixed challange, for the benifit of tutorials and packet sniffing etc. Enabling this module removes all security, so its a --enable-developer option. Andrew Bartlett (This used to be commit 622e6b64dfb0a2c53d2c9dbd7b8ff438492eaf02)
-rw-r--r--source3/auth/auth_builtin.c50
1 files changed, 50 insertions, 0 deletions
diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c
index c1ce1de242..5ce7075ab9 100644
--- a/source3/auth/auth_builtin.c
+++ b/source3/auth/auth_builtin.c
@@ -115,6 +115,56 @@ NTSTATUS auth_init_name_to_ntstatus(struct auth_context *auth_context, const cha
return NT_STATUS_OK;
}
+/**
+ * Return a 'fixed' challenge instead of a varaible one.
+ *
+ * The idea of this function is to make packet snifs consistant
+ * with a fixed challenge, so as to aid debugging.
+ *
+ * This module is of no value to end-users.
+ *
+ * This module does not actually authenticate the user, but
+ * just pretenteds to need a specified challenge.
+ * This module removes *all* security from the challenge-response system
+ *
+ * @return NT_STATUS_UNSUCCESSFUL
+ **/
+
+static NTSTATUS check_fixed_challenge_security(const struct auth_context *auth_context,
+ void *my_private_data,
+ TALLOC_CTX *mem_ctx,
+ const auth_usersupplied_info *user_info,
+ auth_serversupplied_info **server_info)
+{
+ return NT_STATUS_UNSUCCESSFUL;
+}
+
+/****************************************************************************
+ Get the challenge out of a password server.
+****************************************************************************/
+
+static DATA_BLOB auth_get_fixed_challenge(const struct auth_context *auth_context,
+ void **my_private_data,
+ TALLOC_CTX *mem_ctx)
+{
+ const char *challenge = "I am a teapot";
+ return data_blob(challenge, 8);
+}
+
+
+/** Module initailisation function */
+NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+{
+ if (!make_auth_methods(auth_context, auth_method)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ (*auth_method)->auth = check_fixed_challenge_security;
+ (*auth_method)->get_chal = auth_get_fixed_challenge;
+ (*auth_method)->name = "fixed_challenge";
+ return NT_STATUS_OK;
+}
+
/**
* Outsorce an auth module to an external loadable .so
*