summaryrefslogtreecommitdiff
path: root/examples/auth
diff options
context:
space:
mode:
Diffstat (limited to 'examples/auth')
-rw-r--r--examples/auth/Makefile31
-rw-r--r--examples/auth/auth_skel.c58
-rw-r--r--examples/auth/crackcheck/Makefile25
-rw-r--r--examples/auth/crackcheck/crackcheck.c140
4 files changed, 254 insertions, 0 deletions
diff --git a/examples/auth/Makefile b/examples/auth/Makefile
new file mode 100644
index 0000000000..d6dbc28f40
--- /dev/null
+++ b/examples/auth/Makefile
@@ -0,0 +1,31 @@
+# Makefile for samba-pdb examples
+# Variables
+
+CC = gcc
+LIBTOOL = libtool
+
+SAMBA_SRC = ../../source
+SAMBA_INCL = ../../source/include
+UBIQX_SRC = ../../source/ubiqx
+SMBWR_SRC = ../../source/smbwrapper
+CFLAGS = -I$(SAMBA_SRC) -I$(SAMBA_INCL) -I$(UBIQX_SRC) -I$(SMBWR_SRC) -Wall -g
+AUTH_OBJS = auth_skel.la
+
+# Default target
+
+default: $(AUTH_OBJS)
+
+# Pattern rules
+
+%.la: %.lo
+ $(LIBTOOL) --mode=link $(CC) -module -o $@ $< $(LDFLAGS)
+
+%.lo: %.c
+ $(LIBTOOL) --mode=compile $(CC) $(CPPFLAGS) $(CFLAGS) -c $<
+
+# Misc targets
+
+clean:
+ rm -rf .libs
+ rm -f core *~ *% *.bak \
+ $(AUTH_OBJS) $(AUTH_OBJS:.la=.o) $(AUTH_OBJS:.la=.lo)
diff --git a/examples/auth/auth_skel.c b/examples/auth/auth_skel.c
new file mode 100644
index 0000000000..e6cbd73968
--- /dev/null
+++ b/examples/auth/auth_skel.c
@@ -0,0 +1,58 @@
+/*
+ Unix SMB/CIFS implementation.
+ Password and authentication handling
+ Copyright (C) Andrew Bartlett 2001
+ Copyright (C) Jelmer Vernooij 2003
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_AUTH
+
+static NTSTATUS check_skel_security(const struct auth_context *auth_context,
+ void *my_private_data,
+ TALLOC_CTX *mem_ctx,
+ const auth_usersupplied_info *user_info,
+ auth_serversupplied_info **server_info)
+{
+ if (!user_info || !auth_context) {
+ return NT_STATUS_LOGON_FAILURE;
+ }
+
+ /* Insert your authentication checking code here,
+ * and return NT_STATUS_OK if authentication succeeds */
+
+ /* For now, just refuse all connections */
+ return NT_STATUS_LOGON_FAILURE;
+}
+
+/* module initialisation */
+NTSTATUS auth_init_skel(struct auth_context *auth_context, const char *param, auth_methods **auth_method)
+{
+ if (!make_auth_methods(auth_context, auth_method)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ (*auth_method)->auth = check_skel_security;
+ (*auth_method)->name = "skel";
+ return NT_STATUS_OK;
+}
+
+NTSTATUS init_module(void)
+{
+ return smb_register_auth(AUTH_INTERFACE_VERSION, "skel", auth_init_skel);
+}
diff --git a/examples/auth/crackcheck/Makefile b/examples/auth/crackcheck/Makefile
new file mode 100644
index 0000000000..84377aafef
--- /dev/null
+++ b/examples/auth/crackcheck/Makefile
@@ -0,0 +1,25 @@
+# C compiler
+#CC=cc
+CC=gcc
+
+# Uncomment the following to add symbols to the code for debugging
+#DEBUG=-g -Wall
+
+# Optimization for the compiler
+#OPTIMIZE=
+OPTIMIZE=-O2
+
+CFLAGS= $(DEBUG) $(OPTIMIZE)
+
+OBJS = crackcheck.o
+LIBS = -lcrack
+
+crackcheck: $(OBJS)
+ $(CC) $(CFLAGS) $(LIBS) -o crackcheck $(OBJS)
+
+clean:
+ rm -f core *.o crackcheck
+
+install: crackcheck
+ install -m 555 crackcheck $(PREFIX)/sbin/crackcheck
+
diff --git a/examples/auth/crackcheck/crackcheck.c b/examples/auth/crackcheck/crackcheck.c
new file mode 100644
index 0000000000..ac29b22592
--- /dev/null
+++ b/examples/auth/crackcheck/crackcheck.c
@@ -0,0 +1,140 @@
+#include <memory.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <crack.h>
+
+void usage(char *command) {
+ char *c, *comm;
+
+ comm = command;
+ while ((c = strrchr(comm, '/')) != NULL) {
+ comm = c + 1;
+ }
+
+ fprintf(stderr, "Usage: %s [-c] [-s] [-d <dictionary>]\n\n", comm);
+ fprintf(stderr, " -c enables NT like complexity checks\n");
+ fprintf(stderr, " -d <dictionary file> for cracklib\n");
+ fprintf(stderr, " -s simple check use NT like checks ONLY\n\n");
+ fprintf(stderr, "The password is read via stdin.\n\n");
+ exit(-1);
+}
+
+int complexity(char* passwd)
+{
+ /* TG 26.10.2005
+ * check password for complexity like MS Windows NT
+ */
+
+ int c_upper = 0;
+ int c_lower = 0;
+ int c_digit = 0;
+ int c_punct = 0;
+ int c_tot = 0;
+ int i, len;
+
+ if (!passwd) goto fail;
+ len = strlen(passwd);
+
+ for (i = 0; i < len; i++) {
+
+ if (c_tot >= 3) break;
+
+ if (isupper(passwd[i])) {
+ if (!c_upper) {
+ c_upper = 1;
+ c_tot += 1;
+ }
+ continue;
+ }
+ if (islower(passwd[i])) {
+ if (!c_lower) {
+ c_lower = 1;
+ c_tot += 1;
+ }
+ continue;
+ }
+ if (isdigit(passwd[i])) {
+ if (!c_digit) {
+ c_digit = 1;
+ c_tot += 1;
+ }
+ continue;
+ }
+ if (ispunct(passwd[i])) {
+ if (!c_punct) {
+ c_punct = 1;
+ c_tot += 1;
+ }
+ continue;
+ }
+ }
+
+ if ((c_tot) < 3) goto fail;
+ return 0;
+
+fail:
+ fprintf(stderr, "ERR Complexity check failed\n\n");
+ return -4;
+}
+
+int main(int argc, char **argv) {
+ extern char *optarg;
+ int c, ret, complex_check = 0, simplex_check = 0;
+
+ char f[256];
+ char *dictionary = NULL;
+ char *password;
+ char *reply;
+
+ while ( (c = getopt(argc, argv, "d:cs")) != EOF){
+ switch(c) {
+ case 'd':
+ dictionary = strdup(optarg);
+ break;
+ case 'c':
+ complex_check = 1;
+ break;
+ case 's':
+ complex_check = 1;
+ simplex_check = 1;
+ break;
+ default:
+ usage(argv[0]);
+ }
+ }
+
+ if (!simplex_check && dictionary == NULL) {
+ fprintf(stderr, "ERR - Missing cracklib dictionary\n\n");
+ usage(argv[0]);
+ }
+
+ fflush(stdin);
+ password = fgets(f, sizeof(f), stdin);
+
+ if (password == NULL) {
+ fprintf(stderr, "ERR - Failed to read password\n\n");
+ exit(-2);
+ }
+
+ if (complex_check) {
+ ret = complexity(password);
+ if (ret) {
+ exit(ret);
+ }
+ }
+
+ if (simplex_check) {
+ exit(0);
+ }
+
+ reply = FascistCheck(password, dictionary);
+ if (reply != NULL) {
+ fprintf(stderr, "ERR - %s\n\n", reply);
+ exit(-3);
+ }
+
+ exit(0);
+}
+