summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>1998-02-26 22:58:21 +0000
committerJeremy Allison <jra@samba.org>1998-02-26 22:58:21 +0000
commit45dab9f06594777e96be5f4556e6bb386f68f309 (patch)
treed10f26229efd3f391ebcdf52fe1da7d563fad02f /source3/smbd
parentb3d9fe61f3085bb47fe8c0c31f51871824db3407 (diff)
downloadsamba-45dab9f06594777e96be5f4556e6bb386f68f309.tar.gz
samba-45dab9f06594777e96be5f4556e6bb386f68f309.tar.bz2
samba-45dab9f06594777e96be5f4556e6bb386f68f309.zip
Makefile, password.c, includes.h: Added KRB4 patches from Johan Hedin <johanh@fusion.kth.se>
nmbd_packets.c: Patch for aliased interfaces from Daniel Haun <dhaun@ecf2.puc.edu>. Jeremy. (This used to be commit 60f6302b1972e49159bf6e1a838e691268e4399c)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/password.c30
1 files changed, 30 insertions, 0 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 607d01d2cf..1911515404 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -670,6 +670,32 @@ static BOOL krb5_auth(char *this_user,char *password)
}
#endif /* KRB5_AUTH */
+#ifdef KRB4_AUTH
+/*******************************************************************
+check on Kerberos authentication
+********************************************************************/
+static BOOL krb4_auth(char *this_user,char *password)
+{
+ char realm[REALM_SZ];
+ char tkfile[MAXPATHLEN];
+
+ if (krb_get_lrealm(realm, 1) != KSUCCESS)
+ (void) strncpy(realm, KRB_REALM, sizeof (realm));
+
+ (void) sprintf(tkfile, "/tmp/samba_tkt_%d", getpid());
+
+ krb_set_tkt_string(tkfile);
+ if (krb_verify_user(this_user, "", realm,
+ password, 0,
+ "rmcd") == KSUCCESS) {
+ unlink(tkfile);
+ return 1;
+ }
+ unlink(tkfile);
+ return 0;
+}
+#endif /* KRB4_AUTH */
+
#ifdef LINUX_BIGCRYPT
/****************************************************************************
an enhanced crypt for Linux to handle password longer than 8 characters
@@ -775,6 +801,10 @@ Hence we make a direct return to avoid a second chance!!!
if (krb5_auth(this_user,password)) return(True);
#endif
+#ifdef KRB4_AUTH
+ if (krb4_auth(this_user,password)) return(True);
+#endif
+
#ifdef PWDAUTH
if (pwdauth(this_user,password) == 0)
return(True);