summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-10-24 23:54:00 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:04:31 -0500
commit4298624589e2b44d88d703fe7cc0e73957c7652e (patch)
tree25c340c7962ae480e6caa60573c1638c227283c9 /source4/auth
parentd164190debf9499ffa6dbf46ee24fa98da36c14f (diff)
downloadsamba-4298624589e2b44d88d703fe7cc0e73957c7652e.tar.gz
samba-4298624589e2b44d88d703fe7cc0e73957c7652e.tar.bz2
samba-4298624589e2b44d88d703fe7cc0e73957c7652e.zip
r3170: Add winbind client support back into Samba4. This is to allow
auth_winbind to work, and to therefore use the new ntlm_auth and GENSEC in an otherwise Samba3 setup. I'm not quite sure what fun-and games my svn cp caused as I merged this from samba_3_0, but anyway... Andrew Bartlett (This used to be commit 5925b94a59da406d7e6b8cc695c99ba112fdfcd6)
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/auth_winbind.c67
-rw-r--r--source4/auth/config.m41
-rw-r--r--source4/auth/config.mk10
3 files changed, 41 insertions, 37 deletions
diff --git a/source4/auth/auth_winbind.c b/source4/auth/auth_winbind.c
index 52cd627ab0..deada025d8 100644
--- a/source4/auth/auth_winbind.c
+++ b/source4/auth/auth_winbind.c
@@ -26,44 +26,18 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
-static NTSTATUS get_info3_from_ndr(TALLOC_CTX *mem_ctx, struct winbindd_response *response, NET_USER_INFO_3 *info3)
-{
- uint8_t *info3_ndr;
- size_t len = response->length - sizeof(response);
- prs_struct ps;
- if (len > 0) {
- info3_ndr = response->extra_data;
- if (!prs_init(&ps, len, mem_ctx, UNMARSHALL)) {
- return NT_STATUS_NO_MEMORY;
- }
- prs_copy_data_in(&ps, info3_ndr, len);
- prs_set_offset(&ps,0);
- if (!net_io_user_info3("", info3, &ps, 1, 3)) {
- DEBUG(2, ("get_info3_from_ndr: could not parse info3 struct!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
- prs_mem_free(&ps);
-
- return NT_STATUS_OK;
- } else {
- DEBUG(2, ("get_info3_from_ndr: No info3 struct found!\n"));
- return NT_STATUS_UNSUCCESSFUL;
- }
-}
-
/* Authenticate a user with a challenge/response */
static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
- void *my_private_data,
- TALLOC_CTX *mem_ctx,
- const auth_usersupplied_info *user_info,
- auth_serversupplied_info **server_info)
+ void *my_private_data,
+ TALLOC_CTX *mem_ctx,
+ const struct auth_usersupplied_info *user_info,
+ struct auth_serversupplied_info **server_info)
{
struct winbindd_request request;
struct winbindd_response response;
NSS_STATUS result;
NTSTATUS nt_status;
- NET_USER_INFO_3 info3;
if (!user_info) {
return NT_STATUS_INVALID_PARAMETER;
@@ -79,14 +53,14 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
ZERO_STRUCT(request);
ZERO_STRUCT(response);
-
+#if 0
request.data.auth_crap.flags = WINBIND_PAM_INFO3_NDR;
-
- push_utf8_fstring(request.data.auth_crap.user,
- user_info->smb_name.str);
- push_utf8_fstring(request.data.auth_crap.domain,
+#endif
+ fstrcpy(request.data.auth_crap.user,
+ user_info->smb_name.str);
+ fstrcpy(request.data.auth_crap.domain,
user_info->domain.str);
- push_utf8_fstring(request.data.auth_crap.workstation,
+ fstrcpy(request.data.auth_crap.workstation,
user_info->wksta_name.str);
memcpy(request.data.auth_crap.chal, auth_context->challenge.data, sizeof(request.data.auth_crap.chal));
@@ -106,6 +80,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
nt_status = NT_STATUS(response.data.auth.nt_status);
if (result == NSS_STATUS_SUCCESS && response.extra_data) {
+#if 0
if (NT_STATUS_IS_OK(nt_status)) {
if (NT_STATUS_IS_OK(nt_status = get_info3_from_ndr(mem_ctx, &response, &info3))) {
nt_status =
@@ -117,6 +92,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
&info3);
}
}
+#endif
} else if (NT_STATUS_IS_OK(nt_status)) {
nt_status = NT_STATUS_UNSUCCESSFUL;
}
@@ -125,7 +101,9 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
}
/* module initialisation */
-NTSTATUS auth_init_winbind(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+static NTSTATUS auth_init_winbind(struct auth_context *auth_context,
+ const char *param,
+ struct auth_methods **auth_method)
{
if (!make_auth_methods(auth_context, auth_method))
return NT_STATUS_NO_MEMORY;
@@ -134,3 +112,18 @@ NTSTATUS auth_init_winbind(struct auth_context *auth_context, const char *param,
(*auth_method)->auth = check_winbind_security;
return NT_STATUS_OK;
}
+
+NTSTATUS auth_winbind_init(void)
+{
+ NTSTATUS ret;
+ struct auth_operations ops;
+
+ ops.name = "winbind";
+ ops.init = auth_init_winbind;
+ ret = register_backend("auth", &ops);
+ if (!NT_STATUS_IS_OK(ret)) {
+ DEBUG(0,("Failed to register '%s' auth backend!\n",
+ ops.name));
+ return ret;
+ }
+}
diff --git a/source4/auth/config.m4 b/source4/auth/config.m4
index 3c4f86ecea..41e652efec 100644
--- a/source4/auth/config.m4
+++ b/source4/auth/config.m4
@@ -2,5 +2,6 @@ dnl # AUTH Server subsystem
SMB_MODULE_MK(auth_sam,AUTH,STATIC,auth/config.mk)
SMB_MODULE_MK(auth_builtin,AUTH,STATIC,auth/config.mk)
+SMB_MODULE_MK(auth_winbind,AUTH,STATIC,auth/config.mk)
SMB_SUBSYSTEM_MK(AUTH,auth/config.mk,[],[],[SAMDB])
diff --git a/source4/auth/config.mk b/source4/auth/config.mk
index 223f082e6a..9272dda193 100644
--- a/source4/auth/config.mk
+++ b/source4/auth/config.mk
@@ -19,6 +19,16 @@ INIT_OBJ_FILES = \
#######################
#######################
+# Start MODULE auth_winbind
+[MODULE::auth_winbind]
+INIT_OBJ_FILES = \
+ auth/auth_winbind.o
+REQUIRED_SUBSYSTEMS = \
+ LIB_WINBIND_CLIENT
+# End MODULE auth_builtin
+#######################
+
+#######################
# Start SUBSYSTEM AUTH
[SUBSYSTEM::AUTH]
INIT_OBJ_FILES = \