summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-02-22 11:34:04 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-02-22 11:34:04 +0000
commitab43a25b2893506d5de305626dfbbf98966f1f78 (patch)
tree653e18d5b5c979f86d04cc66ac09e2164b8ab189
parent4fdb86eb3b9b7eb01a90e3f3a846fb9f223d7208 (diff)
downloadsamba-ab43a25b2893506d5de305626dfbbf98966f1f78.tar.gz
samba-ab43a25b2893506d5de305626dfbbf98966f1f78.tar.bz2
samba-ab43a25b2893506d5de305626dfbbf98966f1f78.zip
First check if the user is in the passdb, then check Get_Pwnam().
We check passdb becouse the user might have things like a logon script set, but we have to check the passdb becouse the user might not be in smbpasswd at all. This is in preperation for the removal of unixsam as an assuption. Andrew Bartlett (This used to be commit 61e3e2695860c58f9b0e8d1856972318666682c8)
-rw-r--r--source3/auth/auth_rhosts.c62
-rw-r--r--source3/auth/auth_util.c30
2 files changed, 61 insertions, 31 deletions
diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c
index 4ed0e6bbc4..d8e1b01942 100644
--- a/source3/auth/auth_rhosts.c
+++ b/source3/auth/auth_rhosts.c
@@ -129,23 +129,19 @@ static BOOL check_user_equiv(const char *user, const char *remote, const char *e
return False;
}
-
/****************************************************************************
check for a possible hosts equiv or rhosts entry for the user
****************************************************************************/
-static BOOL check_hosts_equiv(struct passwd *pass)
+static BOOL check_hosts_equiv(SAM_ACCOUNT *account)
{
char *fname = NULL;
- if (!pass)
- return(False);
-
fname = lp_hosts_equiv();
/* note: don't allow hosts.equiv on root */
- if (fname && *fname && (pass->pw_uid != 0)) {
- if (check_user_equiv(pass->pw_name,client_name(),fname))
+ if (IS_SAM_UNIX_USER(account) && fname && *fname && (pdb_get_uid(account) != 0)) {
+ if (check_user_equiv(pdb_get_username(account),client_name(),fname))
return(True);
}
@@ -164,15 +160,15 @@ static NTSTATUS check_hostsequiv_security(const struct auth_context *auth_contex
auth_serversupplied_info **server_info)
{
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
- struct passwd *pass = Get_Pwnam(user_info->internal_username.str);
-
- if (pass) {
- if (check_hosts_equiv(pass)) {
- nt_status = NT_STATUS_OK;
- make_server_info_pw(server_info, pass);
- }
- } else {
- nt_status = NT_STATUS_NO_SUCH_USER;
+ SAM_ACCOUNT *account = NULL;
+ if (!NT_STATUS_IS_OK(nt_status =
+ auth_get_sam_account(user_info->internal_username.str,
+ &account))) {
+ return nt_status;
+ }
+
+ if (check_hosts_equiv(account)) {
+ nt_status = make_server_info_sam(server_info, account);
}
return nt_status;
@@ -186,6 +182,7 @@ NTSTATUS auth_init_hostsequiv(struct auth_context *auth_context, const char* par
}
(*auth_method)->auth = check_hostsequiv_security;
+ (*auth_method)->name = "hostsequiv";
return NT_STATUS_OK;
}
@@ -201,24 +198,26 @@ static NTSTATUS check_rhosts_security(const struct auth_context *auth_context,
auth_serversupplied_info **server_info)
{
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
- struct passwd *pass = Get_Pwnam(user_info->internal_username.str);
- pstring rhostsfile;
+ SAM_ACCOUNT *account = NULL;
- if (pass) {
- char *home = pass->pw_dir;
- if (home) {
- slprintf(rhostsfile, sizeof(rhostsfile)-1, "%s/.rhosts", home);
- become_root();
- if (check_user_equiv(pass->pw_name,client_name(),rhostsfile)) {
- nt_status = NT_STATUS_OK;
- make_server_info_pw(server_info, pass);
- }
- unbecome_root();
- }
- } else {
- nt_status = NT_STATUS_NO_SUCH_USER;
+ if (!NT_STATUS_IS_OK(nt_status =
+ auth_get_sam_account(user_info->internal_username.str,
+ &account))) {
+ return nt_status;
}
+ pstring rhostsfile;
+
+ char *home = pdb_get_unix_homedir(account);
+ if (home) {
+ slprintf(rhostsfile, sizeof(rhostsfile)-1, "%s/.rhosts", home);
+ become_root();
+ if (check_user_equiv(pdb_get_username(account),client_name(),rhostsfile)) {
+ nt_status = make_server_info_sam(server_info, account);
+ }
+ unbecome_root();
+ }
+
return nt_status;
}
@@ -230,5 +229,6 @@ NTSTATUS auth_init_rhosts(struct auth_context *auth_context, const char *param,
}
(*auth_method)->auth = check_rhosts_security;
+ (*auth_method)->name = "rhosts";
return NT_STATUS_OK;
}
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 352d058f20..7d85153bd0 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -78,6 +78,36 @@ void smb_user_control(const auth_usersupplied_info *user_info, auth_serversuppli
}
/****************************************************************************
+ Create a SAM_ACCOUNT - either by looking in the pdb, or by faking it up from
+ unix info.
+****************************************************************************/
+
+NTSTATUS auth_get_sam_account(const char *user, SAM_ACCOUNT **account)
+{
+ BOOL pdb_ret;
+ NTSTATUS nt_status;
+ if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(account))) {
+ return nt_status;
+ }
+
+ become_root();
+ pdb_ret = pdb_getsampwnam(*account, user);
+ unbecome_root();
+
+ if (!pdb_ret) {
+
+ struct passwd *pass = Get_Pwnam(user);
+ if (!pass)
+ return NT_STATUS_NO_SUCH_USER;
+
+ if (!NT_STATUS_IS_OK(nt_status = pdb_fill_sam_pw(*account, pass))) {
+ return nt_status;
+ }
+ }
+ return NT_STATUS_OK;
+}
+
+/****************************************************************************
Create an auth_usersupplied_data structure
****************************************************************************/