From 4298624589e2b44d88d703fe7cc0e73957c7652e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 24 Oct 2004 23:54:00 +0000 Subject: r3170: Add winbind client support back into Samba4. This is to allow auth_winbind to work, and to therefore use the new ntlm_auth and GENSEC in an otherwise Samba3 setup. I'm not quite sure what fun-and games my svn cp caused as I merged this from samba_3_0, but anyway... Andrew Bartlett (This used to be commit 5925b94a59da406d7e6b8cc695c99ba112fdfcd6) --- source4/auth/auth_winbind.c | 67 ++++++++++++++++++++------------------------- source4/auth/config.m4 | 1 + source4/auth/config.mk | 10 +++++++ 3 files changed, 41 insertions(+), 37 deletions(-) (limited to 'source4/auth') diff --git a/source4/auth/auth_winbind.c b/source4/auth/auth_winbind.c index 52cd627ab0..deada025d8 100644 --- a/source4/auth/auth_winbind.c +++ b/source4/auth/auth_winbind.c @@ -26,44 +26,18 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH -static NTSTATUS get_info3_from_ndr(TALLOC_CTX *mem_ctx, struct winbindd_response *response, NET_USER_INFO_3 *info3) -{ - uint8_t *info3_ndr; - size_t len = response->length - sizeof(response); - prs_struct ps; - if (len > 0) { - info3_ndr = response->extra_data; - if (!prs_init(&ps, len, mem_ctx, UNMARSHALL)) { - return NT_STATUS_NO_MEMORY; - } - prs_copy_data_in(&ps, info3_ndr, len); - prs_set_offset(&ps,0); - if (!net_io_user_info3("", info3, &ps, 1, 3)) { - DEBUG(2, ("get_info3_from_ndr: could not parse info3 struct!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - prs_mem_free(&ps); - - return NT_STATUS_OK; - } else { - DEBUG(2, ("get_info3_from_ndr: No info3 struct found!\n")); - return NT_STATUS_UNSUCCESSFUL; - } -} - /* Authenticate a user with a challenge/response */ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, - void *my_private_data, - TALLOC_CTX *mem_ctx, - const auth_usersupplied_info *user_info, - auth_serversupplied_info **server_info) + void *my_private_data, + TALLOC_CTX *mem_ctx, + const struct auth_usersupplied_info *user_info, + struct auth_serversupplied_info **server_info) { struct winbindd_request request; struct winbindd_response response; NSS_STATUS result; NTSTATUS nt_status; - NET_USER_INFO_3 info3; if (!user_info) { return NT_STATUS_INVALID_PARAMETER; @@ -79,14 +53,14 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, ZERO_STRUCT(request); ZERO_STRUCT(response); - +#if 0 request.data.auth_crap.flags = WINBIND_PAM_INFO3_NDR; - - push_utf8_fstring(request.data.auth_crap.user, - user_info->smb_name.str); - push_utf8_fstring(request.data.auth_crap.domain, +#endif + fstrcpy(request.data.auth_crap.user, + user_info->smb_name.str); + fstrcpy(request.data.auth_crap.domain, user_info->domain.str); - push_utf8_fstring(request.data.auth_crap.workstation, + fstrcpy(request.data.auth_crap.workstation, user_info->wksta_name.str); memcpy(request.data.auth_crap.chal, auth_context->challenge.data, sizeof(request.data.auth_crap.chal)); @@ -106,6 +80,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, nt_status = NT_STATUS(response.data.auth.nt_status); if (result == NSS_STATUS_SUCCESS && response.extra_data) { +#if 0 if (NT_STATUS_IS_OK(nt_status)) { if (NT_STATUS_IS_OK(nt_status = get_info3_from_ndr(mem_ctx, &response, &info3))) { nt_status = @@ -117,6 +92,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, &info3); } } +#endif } else if (NT_STATUS_IS_OK(nt_status)) { nt_status = NT_STATUS_UNSUCCESSFUL; } @@ -125,7 +101,9 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, } /* module initialisation */ -NTSTATUS auth_init_winbind(struct auth_context *auth_context, const char *param, auth_methods **auth_method) +static NTSTATUS auth_init_winbind(struct auth_context *auth_context, + const char *param, + struct auth_methods **auth_method) { if (!make_auth_methods(auth_context, auth_method)) return NT_STATUS_NO_MEMORY; @@ -134,3 +112,18 @@ NTSTATUS auth_init_winbind(struct auth_context *auth_context, const char *param, (*auth_method)->auth = check_winbind_security; return NT_STATUS_OK; } + +NTSTATUS auth_winbind_init(void) +{ + NTSTATUS ret; + struct auth_operations ops; + + ops.name = "winbind"; + ops.init = auth_init_winbind; + ret = register_backend("auth", &ops); + if (!NT_STATUS_IS_OK(ret)) { + DEBUG(0,("Failed to register '%s' auth backend!\n", + ops.name)); + return ret; + } +} diff --git a/source4/auth/config.m4 b/source4/auth/config.m4 index 3c4f86ecea..41e652efec 100644 --- a/source4/auth/config.m4 +++ b/source4/auth/config.m4 @@ -2,5 +2,6 @@ dnl # AUTH Server subsystem SMB_MODULE_MK(auth_sam,AUTH,STATIC,auth/config.mk) SMB_MODULE_MK(auth_builtin,AUTH,STATIC,auth/config.mk) +SMB_MODULE_MK(auth_winbind,AUTH,STATIC,auth/config.mk) SMB_SUBSYSTEM_MK(AUTH,auth/config.mk,[],[],[SAMDB]) diff --git a/source4/auth/config.mk b/source4/auth/config.mk index 223f082e6a..9272dda193 100644 --- a/source4/auth/config.mk +++ b/source4/auth/config.mk @@ -18,6 +18,16 @@ INIT_OBJ_FILES = \ # End MODULE auth_builtin ####################### +####################### +# Start MODULE auth_winbind +[MODULE::auth_winbind] +INIT_OBJ_FILES = \ + auth/auth_winbind.o +REQUIRED_SUBSYSTEMS = \ + LIB_WINBIND_CLIENT +# End MODULE auth_builtin +####################### + ####################### # Start SUBSYSTEM AUTH [SUBSYSTEM::AUTH] -- cgit