diff options
author | Simo Sorce <idra@samba.org> | 2005-06-04 08:23:15 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:17:34 -0500 |
commit | b7bc13209f5133a117428f2ce58d995399fb684b (patch) | |
tree | e239cac6bf47a2b1fca782e1cbf8ca36e318be30 /source4/scripting | |
parent | f84d007c438dd43f2cd5a9b6ca583976c8e777fa (diff) | |
download | samba-b7bc13209f5133a117428f2ce58d995399fb684b.tar.gz samba-b7bc13209f5133a117428f2ce58d995399fb684b.tar.bz2 samba-b7bc13209f5133a117428f2ce58d995399fb684b.zip |
r7267: REMOTE_HOST is a better choice
(This used to be commit 41bae267e29614d300ec2505c927ab17ccbbe64f)
Diffstat (limited to 'source4/scripting')
-rw-r--r-- | source4/scripting/ejs/smbcalls.c | 99 |
1 files changed, 65 insertions, 34 deletions
diff --git a/source4/scripting/ejs/smbcalls.c b/source4/scripting/ejs/smbcalls.c index 54dc8d4e62..3ca6003ee4 100644 --- a/source4/scripting/ejs/smbcalls.c +++ b/source4/scripting/ejs/smbcalls.c @@ -71,54 +71,85 @@ static int ejs_typeof(MprVarHandle eid, int argc, struct MprVar **argv) ejsSetReturnValue(eid, mprList(name, list)); } -static int ejs_userAuth(MprVarHandle eid, int argc, char **argv) +static int ejs_systemAuth(TALLOC_CTX *tmp_ctx, struct MprVar *auth, const char *username, const char *password, const char *domain, const char *remote_host) { struct auth_usersupplied_info *user_info = NULL; struct auth_serversupplied_info *server_info = NULL; struct auth_context *auth_context; - TALLOC_CTX *tmp_ctx; - struct MprVar auth; + const char *auth_unix[] = { "unix", NULL }; NTSTATUS nt_status; DATA_BLOB pw_blob; - if (argc != 3 || *argv[0] == 0 || *argv[2] == 0) { - ejsSetErrorMsg(eid, "userAuth invalid arguments"); - return -1; + nt_status = auth_context_create(tmp_ctx, auth_unix, &auth_context); + if (!NT_STATUS_IS_OK(nt_status)) { + mprSetPropertyValue(auth, "result", mprCreateBoolVar(False)); + mprSetPropertyValue(auth, "report", mprCreateStringVar("Auth System Failure", 0)); + goto done; } - tmp_ctx = talloc_new(mprMemCtx()); - auth = mprCreateObjVar("auth", MPR_DEFAULT_HASH_SIZE); + pw_blob = data_blob(password, strlen(password)), + make_user_info(tmp_ctx, username, username, + domain, domain, + remote_host, remote_host, + NULL, NULL, + NULL, NULL, + &pw_blob, False, + USER_INFO_CASE_INSENSITIVE_USERNAME | + USER_INFO_DONT_CHECK_UNIX_ACCOUNT, + &user_info); + nt_status = auth_check_password(auth_context, tmp_ctx, user_info, &server_info); + if (!NT_STATUS_IS_OK(nt_status)) { + mprSetPropertyValue(auth, "result", mprCreateBoolVar(False)); + mprSetPropertyValue(auth, "report", mprCreateStringVar("Login Failed", 0)); + goto done; + } - if (strcmp("System User", argv[2]) == 0) { - const char *auth_unix[] = { "unix", NULL }; + mprSetPropertyValue(auth, "result", mprCreateBoolVar(server_info->authenticated)); + mprSetPropertyValue(auth, "username", mprCreateStringVar(server_info->account_name, 0)); + mprSetPropertyValue(auth, "domain", mprCreateStringVar(server_info->domain_name, 0)); - nt_status = auth_context_create(tmp_ctx, auth_unix, &auth_context); - if (!NT_STATUS_IS_OK(nt_status)) { - mprSetPropertyValue(&auth, "result", mprCreateBoolVar(False)); - mprSetPropertyValue(&auth, "report", mprCreateStringVar("Auth System Failure", 0)); - goto done; - } +done: + return 0; +} - pw_blob = data_blob(argv[1], strlen(argv[1])), - make_user_info(tmp_ctx, argv[0], argv[0], - argv[2], argv[2], - "foowks", "fooip", - NULL, NULL, - NULL, NULL, - &pw_blob, False, - 0x05, &user_info); - nt_status = auth_check_password(auth_context, tmp_ctx, user_info, &server_info); - if (!NT_STATUS_IS_OK(nt_status)) { - mprSetPropertyValue(&auth, "result", mprCreateBoolVar(False)); - mprSetPropertyValue(&auth, "report", mprCreateStringVar("Login Failed", 0)); - goto done; - } +/* + perform user authentication, returning an array of results + + syntax: + var authinfo = new Object(); + authinfo.username = myname; + authinfo.password = mypass; + authinfo.domain = mydom; + authinfo.rhost = request['REMOTE_HOST']; + auth = userAuth(authinfo); +*/ +static int ejs_userAuth(MprVarHandle eid, int argc, struct MprVar **argv) +{ + TALLOC_CTX *tmp_ctx; + const char *username; + const char *password; + const char *domain; + const char *remote_host; + struct MprVar auth; + + if (argc != 1 || argv[0]->type != MPR_TYPE_OBJECT) { + ejsSetErrorMsg(eid, "userAuth invalid arguments, this function requires an object."); + return -1; + } + + username = mprToString(mprGetProperty(argv[0], "username", NULL)); + password = mprToString(mprGetProperty(argv[0], "password", NULL)); + domain = mprToString(mprGetProperty(argv[0], "domain", NULL)); + remote_host = mprToString(mprGetProperty(argv[0], "rhost", NULL)); + + tmp_ctx = talloc_new(mprMemCtx()); + auth = mprCreateObjVar("auth", MPR_DEFAULT_HASH_SIZE); - mprSetPropertyValue(&auth, "result", mprCreateBoolVar(server_info->authenticated)); - mprSetPropertyValue(&auth, "username", mprCreateStringVar(server_info->account_name, 0)); - mprSetPropertyValue(&auth, "domain", mprCreateStringVar(server_info->domain_name, 0)); + if (strcmp("System User", domain) == 0) { + ejs_systemAuth(tmp_ctx, &auth, username, password, domain, remote_host); } else { + mprSetPropertyValue(&auth, "result", mprCreateBoolVar(False)); mprSetPropertyValue(&auth, "report", mprCreateStringVar("Unknown Domain", 0)); } @@ -160,5 +191,5 @@ void smb_setup_ejs_functions(void) ejsDefineCFunction(-1, "typeof", ejs_typeof, NULL, MPR_VAR_SCRIPT_HANDLE); ejsDefineStringCFunction(-1, "getDomainList", ejs_domain_list, NULL, MPR_VAR_SCRIPT_HANDLE); - ejsDefineStringCFunction(-1, "userAuth", ejs_userAuth, NULL, MPR_VAR_SCRIPT_HANDLE); + ejsDefineCFunction(-1, "userAuth", ejs_userAuth, NULL, MPR_VAR_SCRIPT_HANDLE); } |