summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_rhosts.c62
-rw-r--r--source3/auth/auth_util.c30
2 files changed, 61 insertions, 31 deletions
diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c
index 4ed0e6bbc4..d8e1b01942 100644
--- a/source3/auth/auth_rhosts.c
+++ b/source3/auth/auth_rhosts.c
@@ -129,23 +129,19 @@ static BOOL check_user_equiv(const char *user, const char *remote, const char *e
return False;
}
-
/****************************************************************************
check for a possible hosts equiv or rhosts entry for the user
****************************************************************************/
-static BOOL check_hosts_equiv(struct passwd *pass)
+static BOOL check_hosts_equiv(SAM_ACCOUNT *account)
{
char *fname = NULL;
- if (!pass)
- return(False);
-
fname = lp_hosts_equiv();
/* note: don't allow hosts.equiv on root */
- if (fname && *fname && (pass->pw_uid != 0)) {
- if (check_user_equiv(pass->pw_name,client_name(),fname))
+ if (IS_SAM_UNIX_USER(account) && fname && *fname && (pdb_get_uid(account) != 0)) {
+ if (check_user_equiv(pdb_get_username(account),client_name(),fname))
return(True);
}
@@ -164,15 +160,15 @@ static NTSTATUS check_hostsequiv_security(const struct auth_context *auth_contex
auth_serversupplied_info **server_info)
{
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
- struct passwd *pass = Get_Pwnam(user_info->internal_username.str);
-
- if (pass) {
- if (check_hosts_equiv(pass)) {
- nt_status = NT_STATUS_OK;
- make_server_info_pw(server_info, pass);
- }
- } else {
- nt_status = NT_STATUS_NO_SUCH_USER;
+ SAM_ACCOUNT *account = NULL;
+ if (!NT_STATUS_IS_OK(nt_status =
+ auth_get_sam_account(user_info->internal_username.str,
+ &account))) {
+ return nt_status;
+ }
+
+ if (check_hosts_equiv(account)) {
+ nt_status = make_server_info_sam(server_info, account);
}
return nt_status;
@@ -186,6 +182,7 @@ NTSTATUS auth_init_hostsequiv(struct auth_context *auth_context, const char* par
}
(*auth_method)->auth = check_hostsequiv_security;
+ (*auth_method)->name = "hostsequiv";
return NT_STATUS_OK;
}
@@ -201,24 +198,26 @@ static NTSTATUS check_rhosts_security(const struct auth_context *auth_context,
auth_serversupplied_info **server_info)
{
NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
- struct passwd *pass = Get_Pwnam(user_info->internal_username.str);
- pstring rhostsfile;
+ SAM_ACCOUNT *account = NULL;
- if (pass) {
- char *home = pass->pw_dir;
- if (home) {
- slprintf(rhostsfile, sizeof(rhostsfile)-1, "%s/.rhosts", home);
- become_root();
- if (check_user_equiv(pass->pw_name,client_name(),rhostsfile)) {
- nt_status = NT_STATUS_OK;
- make_server_info_pw(server_info, pass);
- }
- unbecome_root();
- }
- } else {
- nt_status = NT_STATUS_NO_SUCH_USER;
+ if (!NT_STATUS_IS_OK(nt_status =
+ auth_get_sam_account(user_info->internal_username.str,
+ &account))) {
+ return nt_status;
}
+ pstring rhostsfile;
+
+ char *home = pdb_get_unix_homedir(account);
+ if (home) {
+ slprintf(rhostsfile, sizeof(rhostsfile)-1, "%s/.rhosts", home);
+ become_root();
+ if (check_user_equiv(pdb_get_username(account),client_name(),rhostsfile)) {
+ nt_status = make_server_info_sam(server_info, account);
+ }
+ unbecome_root();
+ }
+
return nt_status;
}
@@ -230,5 +229,6 @@ NTSTATUS auth_init_rhosts(struct auth_context *auth_context, const char *param,
}
(*auth_method)->auth = check_rhosts_security;
+ (*auth_method)->name = "rhosts";
return NT_STATUS_OK;
}
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 352d058f20..7d85153bd0 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -78,6 +78,36 @@ void smb_user_control(const auth_usersupplied_info *user_info, auth_serversuppli
}
/****************************************************************************
+ Create a SAM_ACCOUNT - either by looking in the pdb, or by faking it up from
+ unix info.
+****************************************************************************/
+
+NTSTATUS auth_get_sam_account(const char *user, SAM_ACCOUNT **account)
+{
+ BOOL pdb_ret;
+ NTSTATUS nt_status;
+ if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(account))) {
+ return nt_status;
+ }
+
+ become_root();
+ pdb_ret = pdb_getsampwnam(*account, user);
+ unbecome_root();
+
+ if (!pdb_ret) {
+
+ struct passwd *pass = Get_Pwnam(user);
+ if (!pass)
+ return NT_STATUS_NO_SUCH_USER;
+
+ if (!NT_STATUS_IS_OK(nt_status = pdb_fill_sam_pw(*account, pass))) {
+ return nt_status;
+ }
+ }
+ return NT_STATUS_OK;
+}
+
+/****************************************************************************
Create an auth_usersupplied_data structure
****************************************************************************/