r7238: Add pam auth support in swat

(This used to be commit 8a98572a3b5dba58181dc402dbebae5452656012)

1 files changed, 82 insertions, 0 deletions

diff --git a/source4/scripting/ejs/smbcalls.c b/source4/scripting/ejs/smbcalls.c
index fc2c16a456..8a02111bd5 100644
--- a/source4/scripting/ejs/smbcalls.c
+++ b/source4/scripting/ejs/smbcalls.c
@@ -25,6 +25,7 @@
 #include "param/loadparm.h"
 #include "lib/ldb/include/ldb.h"
 #include "librpc/gen_ndr/ndr_nbt.h"
+#include "auth/auth.h"
 
 /*
   return the type of a variable
@@ -298,6 +299,85 @@ static int ejs_resolve_name(MprVarHandle eid, int argc, struct MprVar **argv)
 	return -1;
 }
 
+static int ejs_userAuth(MprVarHandle eid, int argc, char **argv)
+{
+	struct auth_usersupplied_info *user_info = NULL;
+	struct auth_serversupplied_info *server_info = NULL;
+	struct auth_context *auth_context;
+	TALLOC_CTX *tmp_ctx;
+	struct MprVar auth;
+	NTSTATUS nt_status;
+	DATA_BLOB pw_blob;
+	int ret;
+
+	if (argc != 3 || *argv[0] == 0 || *argv[2] == 0) {
+		ejsSetErrorMsg(eid, "userAuth invalid arguments");
+		return -1;
+	}
+
+ 	tmp_ctx = talloc_new(mprMemCtx());	
+	auth = mprCreateObjVar("auth", MPR_DEFAULT_HASH_SIZE);
+
+	if (strcmp("System User", argv[2]) == 0) {
+		const char *auth_unix[] = { "unix", NULL };
+
+		nt_status = auth_context_create(tmp_ctx, auth_unix, &auth_context);
+		if (!NT_STATUS_IS_OK(nt_status)) {
+			mprSetPropertyValue(&auth, "result", mprCreateBoolVar(False));
+			mprSetPropertyValue(&auth, "report", mprCreateStringVar("Auth System Failure", 0));
+			goto done;
+		}
+
+		pw_blob = data_blob(argv[1], strlen(argv[1])),
+		make_user_info(tmp_ctx, argv[0], argv[0],
+					argv[2], argv[2],
+					"foowks", "fooip",
+					NULL, NULL,
+					NULL, NULL,
+					&pw_blob, False,
+					0x05, &user_info);
+		nt_status = auth_check_password(auth_context, tmp_ctx, user_info, &server_info);
+		if (!NT_STATUS_IS_OK(nt_status)) {
+			mprSetPropertyValue(&auth, "result", mprCreateBoolVar(False));
+			mprSetPropertyValue(&auth, "report", mprCreateStringVar("Login Failed", 0));
+			goto done;
+		}
+
+		mprSetPropertyValue(&auth, "result", mprCreateBoolVar(server_info->authenticated));
+		mprSetPropertyValue(&auth, "username", mprCreateStringVar(server_info->account_name, 0));
+		mprSetPropertyValue(&auth, "domain", mprCreateStringVar(server_info->domain_name, 0));
+
+	}  else {
+		mprSetPropertyValue(&auth, "result", mprCreateBoolVar(False));
+		mprSetPropertyValue(&auth, "report", mprCreateStringVar("Unknown Domain", 0));
+	}
+
+done:
+	ejsSetReturnValue(eid, auth);
+	talloc_free(tmp_ctx);
+	return 0;
+}
+
+static int ejs_domain_list(MprVarHandle eid, int argc, char **argv)
+{
+	struct MprVar list;
+	struct MprVar dom;
+
+	if (argc != 0) {
+		ejsSetErrorMsg(eid, "domList invalid arguments");
+		return -1;
+	}
+
+	list = mprCreateObjVar("list", MPR_DEFAULT_HASH_SIZE);
+	dom = mprCreateStringVar("System User", 1);
+	mprCreateProperty(&list, "0", &dom);
+
+	ejsSetReturnValue(eid, list);
+
+	return 0;
+}
+
+
 /*
   setup the C functions that be called from ejs
 */
@@ -308,4 +388,6 @@ void smb_setup_ejs_functions(void)
 	ejsDefineCFunction(-1, "typeof", ejs_typeof, NULL, MPR_VAR_SCRIPT_HANDLE);
 	ejsDefineCFunction(-1, "ldbSearch", ejs_ldbSearch, NULL, MPR_VAR_SCRIPT_HANDLE);
 	ejsDefineCFunction(-1, "resolveName", ejs_resolve_name, NULL, MPR_VAR_SCRIPT_HANDLE);
+	ejsDefineStringCFunction(-1, "getDomainList", ejs_domain_list, NULL, MPR_VAR_SCRIPT_HANDLE);
+	ejsDefineStringCFunction(-1, "userAuth", ejs_userAuth, NULL, MPR_VAR_SCRIPT_HANDLE);
 }