diff options
author | Andrew Bartlett <abartlet@samba.org> | 2010-06-01 21:52:01 +1000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2010-08-14 11:58:13 +1000 |
commit | 23994e1b53b8528007f6325ce5f286712ec021be (patch) | |
tree | c0e69e1401576756560bf71b73c3725312b7d866 /source3/auth/auth_wbc.c | |
parent | 272e49e85c47d88ef0a84bce88e6f8d984f2eae4 (diff) | |
download | samba-23994e1b53b8528007f6325ce5f286712ec021be.tar.gz samba-23994e1b53b8528007f6325ce5f286712ec021be.tar.xz samba-23994e1b53b8528007f6325ce5f286712ec021be.zip |
s3:auth Make Samba3 use the new common struct auth_usersupplied_info
This common structure will make it much easier to produce an auth
module for s3compat that calls Samba4's auth subsystem.
In order the make the link work properly (and not map twice), we mark
both that we did try and map the user, as well as if we changed the
user during the mapping.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/auth/auth_wbc.c')
-rw-r--r-- | source3/auth/auth_wbc.c | 40 |
1 files changed, 33 insertions, 7 deletions
diff --git a/source3/auth/auth_wbc.c b/source3/auth/auth_wbc.c index 05097ee39f0..e4fffc7cf88 100644 --- a/source3/auth/auth_wbc.c +++ b/source3/auth/auth_wbc.c @@ -71,13 +71,18 @@ static NTSTATUS check_wbc_security(const struct auth_context *auth_context, params.parameter_control= user_info->logon_parameters; /* Handle plaintext */ - if (!user_info->encrypted) { + switch (user_info->password_state) { + case AUTH_PASSWORD_PLAIN: + { DEBUG(3,("Checking plaintext password for %s.\n", user_info->mapped.account_name)); params.level = WBC_AUTH_USER_LEVEL_PLAIN; - params.password.plaintext = (char *)user_info->plaintext_password.data; - } else { + params.password.plaintext = user_info->password.plaintext; + } + case AUTH_PASSWORD_RESPONSE: + case AUTH_PASSWORD_HASH: + { DEBUG(3,("Checking encrypted password for %s.\n", user_info->mapped.account_name)); params.level = WBC_AUTH_USER_LEVEL_RESPONSE; @@ -86,12 +91,33 @@ static NTSTATUS check_wbc_security(const struct auth_context *auth_context, auth_context->challenge.data, sizeof(params.password.response.challenge)); - params.password.response.nt_length = user_info->nt_resp.length; - params.password.response.nt_data = user_info->nt_resp.data; - params.password.response.lm_length = user_info->lm_resp.length; - params.password.response.lm_data = user_info->lm_resp.data; + params.password.response.nt_length = user_info->password.response.nt.length; + params.password.response.nt_data = user_info->password.response.nt.data; + params.password.response.lm_length = user_info->password.response.lanman.length; + params.password.response.lm_data = user_info->password.response.lanman.data; + } +#if 0 + case AUTH_PASSWORD_HASH: + { + DEBUG(3,("Checking logon (hash) password for %s.\n", + user_info->mapped.account_name)); + params.level = WBC_AUTH_USER_LEVEL_HASH; + + if (user_info->password.hash.nt) { + memcpy(params.password.hash.nt_hash, user_info->password.hash.nt, sizeof(* user_info->password.hash.nt)); + } else { + memset(params.password.hash.nt_hash, '\0', sizeof(params.password.hash.nt_hash)); + } + + if (user_info->password.hash.lanman) { + memcpy(params.password.hash.lm_hash, user_info->password.hash.lanman, sizeof(* user_info->password.hash.lanman)); + } else { + memset(params.password.hash.lm_hash, '\0', sizeof(params.password.hash.lm_hash)); + } } +#endif + } /* we are contacting the privileged pipe */ become_root(); |