diff options
| author | Stefan Metzmacher <metze@samba.org> | 2006-07-27 11:24:18 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:10:25 -0500 |
| commit | e8623667d32f717b0b746e5041500bd0ee6b3ae8 (patch) | |
| tree | d789a33d4bf6f41b6e525478fe943b387500de2b /source4/auth/auth_sam.c | |
| parent | 28b8ec0156e99d7bddc2aa243f6631a66c94a078 (diff) | |
| download | samba-e8623667d32f717b0b746e5041500bd0ee6b3ae8.tar.gz samba-e8623667d32f717b0b746e5041500bd0ee6b3ae8.tar.bz2 samba-e8623667d32f717b0b746e5041500bd0ee6b3ae8.zip | |
r17270: split the logic of saying this auth backend wants to handle this
request from the password checking. This will help to make
the password checking hook async later
metze
(This used to be commit 5b26cbc3428b4c186235cc08c9ace1c23f59dd7f)
Diffstat (limited to 'source4/auth/auth_sam.c')
| -rw-r--r-- | source4/auth/auth_sam.c | 68 |
1 files changed, 54 insertions, 14 deletions
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c index 96d8a0d40a..7ce2cabbf9 100644 --- a/source4/auth/auth_sam.c +++ b/source4/auth/auth_sam.c @@ -334,6 +334,17 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx return NT_STATUS_OK; } +static NTSTATUS authsam_ignoredomain_want_check(struct auth_method_context *ctx, + TALLOC_CTX *mem_ctx, + const struct auth_usersupplied_info *user_info) +{ + if (!user_info->mapped.account_name || !*user_info->mapped.account_name) { + return NT_STATUS_NOT_IMPLEMENTED; + } + + return NT_STATUS_OK; +} + static NTSTATUS authsam_ignoredomain_check_password(struct auth_method_context *ctx, TALLOC_CTX *mem_ctx, const struct auth_usersupplied_info *user_info, @@ -345,31 +356,32 @@ static NTSTATUS authsam_ignoredomain_check_password(struct auth_method_context * /**************************************************************************** Check SAM security (above) but with a few extra checks. ****************************************************************************/ -static NTSTATUS authsam_check_password(struct auth_method_context *ctx, - TALLOC_CTX *mem_ctx, - const struct auth_usersupplied_info *user_info, - struct auth_serversupplied_info **server_info) +static NTSTATUS authsam_want_check(struct auth_method_context *ctx, + TALLOC_CTX *mem_ctx, + const struct auth_usersupplied_info *user_info) { - const char *domain; BOOL is_local_name, is_my_domain; + if (!user_info->mapped.account_name || !*user_info->mapped.account_name) { + return NT_STATUS_NOT_IMPLEMENTED; + } + is_local_name = is_myname(user_info->mapped.domain_name); is_my_domain = strequal(user_info->mapped.domain_name, lp_workgroup()); /* check whether or not we service this domain/workgroup name */ switch (lp_server_role()) { case ROLE_STANDALONE: - domain = lp_netbios_name(); - break; + return NT_STATUS_OK; + case ROLE_DOMAIN_MEMBER: if (!is_local_name) { - DEBUG(6,("authsam_check_password: %s is not one of my local names (%s)\n", - user_info->mapped.domain_name, (lp_server_role() == ROLE_DOMAIN_MEMBER - ? "ROLE_DOMAIN_MEMBER" : "ROLE_STANDALONE") )); + DEBUG(6,("authsam_check_password: %s is not one of my local names (DOMAIN_MEMBER)\n", + user_info->mapped.domain_name)); return NT_STATUS_NOT_IMPLEMENTED; } - domain = lp_netbios_name(); - break; + return NT_STATUS_OK; + case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: if (!is_local_name && !is_my_domain) { @@ -377,11 +389,37 @@ static NTSTATUS authsam_check_password(struct auth_method_context *ctx, user_info->mapped.domain_name)); return NT_STATUS_NOT_IMPLEMENTED; } + return NT_STATUS_OK; + } + + DEBUG(6,("authsam_check_password: lp_server_role() has an undefined value\n")); + return NT_STATUS_NOT_IMPLEMENTED; +} + +/**************************************************************************** +Check SAM security (above) but with a few extra checks. +****************************************************************************/ +static NTSTATUS authsam_check_password(struct auth_method_context *ctx, + TALLOC_CTX *mem_ctx, + const struct auth_usersupplied_info *user_info, + struct auth_serversupplied_info **server_info) +{ + const char *domain; + + /* check whether or not we service this domain/workgroup name */ + switch (lp_server_role()) { + case ROLE_STANDALONE: + case ROLE_DOMAIN_MEMBER: + domain = lp_netbios_name(); + break; + + case ROLE_DOMAIN_PDC: + case ROLE_DOMAIN_BDC: domain = lp_workgroup(); break; + default: - DEBUG(6,("authsam_check_password: lp_server_role() has an undefined value\n")); - return NT_STATUS_NOT_IMPLEMENTED; + return NT_STATUS_NO_SUCH_USER; } return authsam_check_password_internals(ctx, mem_ctx, domain, user_info, server_info); @@ -390,12 +428,14 @@ static NTSTATUS authsam_check_password(struct auth_method_context *ctx, static const struct auth_operations sam_ignoredomain_ops = { .name = "sam_ignoredomain", .get_challenge = auth_get_challenge_not_implemented, + .want_check = authsam_ignoredomain_want_check, .check_password = authsam_ignoredomain_check_password }; static const struct auth_operations sam_ops = { .name = "sam", .get_challenge = auth_get_challenge_not_implemented, + .want_check = authsam_want_check, .check_password = authsam_check_password }; |