diff options
author | Andrew Bartlett <abartlet@samba.org> | 2005-07-22 04:10:07 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:29:55 -0500 |
commit | b16362fab65d0700bd6a8cf6569a9e21c7e6b069 (patch) | |
tree | cd68807d497dac925038d03c3786308825b02e10 /source4/auth/auth_unix.c | |
parent | 176c0d1b771d0e81167a12eb81eddb40732b074a (diff) | |
download | samba-b16362fab65d0700bd6a8cf6569a9e21c7e6b069.tar.gz samba-b16362fab65d0700bd6a8cf6569a9e21c7e6b069.tar.xz samba-b16362fab65d0700bd6a8cf6569a9e21c7e6b069.zip |
r8700: Propmted by tridge's need to do plaintext auth in ejs, rework the
user_info strcture in auth/
This moves it to a pattern much like that found in ntvfs, with
functions to migrate between PAIN, HASH and RESPONSE passwords.
Instead of make_user_info*() functions, we simply fill in the control
block in the callers, per recent dicussions on the lists. This
removed a lot of data copies as well as error paths, as we can grab
much of it with talloc.
Andrew Bartlett
(This used to be commit ecbd2235a3e2be937440fa1dc0aecc5a047eda88)
Diffstat (limited to 'source4/auth/auth_unix.c')
-rw-r--r-- | source4/auth/auth_unix.c | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/source4/auth/auth_unix.c b/source4/auth/auth_unix.c index ecdd770362d..0c2db48c563 100644 --- a/source4/auth/auth_unix.c +++ b/source4/auth/auth_unix.c @@ -38,7 +38,7 @@ static NTSTATUS authunix_make_server_info(TALLOC_CTX *mem_ctx, server_info->authenticated = True; - server_info->account_name = talloc_strdup(server_info, talloc_strdup(mem_ctx, user_info->account_name)); + server_info->account_name = talloc_strdup(server_info, talloc_strdup(mem_ctx, user_info->mapped.account_name)); NT_STATUS_HAVE_NO_MEMORY(server_info->account_name); server_info->domain_name = talloc_strdup(server_info, talloc_strdup(mem_ctx, "unix")); @@ -379,8 +379,8 @@ static NTSTATUS check_unix_password(TALLOC_CTX *ctx, const struct auth_usersuppl return NT_STATUS_NO_MEMORY; } - info->account_name = user_info->account_name; - info->plaintext_password = (char *)(user_info->plaintext_password.data); + info->account_name = user_info->mapped.account_name; + info->plaintext_password = user_info->password.plaintext; pamconv = talloc(ctx, struct pam_conv); if (pamconv == NULL) { @@ -395,13 +395,13 @@ static NTSTATUS check_unix_password(TALLOC_CTX *ctx, const struct auth_usersuppl * if true set up a crack name routine. */ - nt_status = smb_pam_start(&pamh, user_info->account_name, user_info->remote_host, pamconv); + nt_status = smb_pam_start(&pamh, user_info->mapped.account_name, user_info->remote_host, pamconv); if (!NT_STATUS_IS_OK(nt_status)) { smb_pam_end(pamh); return nt_status; } - nt_status = smb_pam_auth(pamh, user_info->account_name); + nt_status = smb_pam_auth(pamh, user_info->mapped.account_name); if (!NT_STATUS_IS_OK(nt_status)) { smb_pam_end(pamh); return nt_status; @@ -409,13 +409,13 @@ static NTSTATUS check_unix_password(TALLOC_CTX *ctx, const struct auth_usersuppl if ( ! (user_info->flags & USER_INFO_DONT_CHECK_UNIX_ACCOUNT)) { - nt_status = smb_pam_account(pamh, user_info->account_name); + nt_status = smb_pam_account(pamh, user_info->mapped.account_name); if (!NT_STATUS_IS_OK(nt_status)) { smb_pam_end(pamh); return nt_status; } - nt_status = smb_pam_setcred(pamh, user_info->account_name); + nt_status = smb_pam_setcred(pamh, user_info->mapped.account_name); if (!NT_STATUS_IS_OK(nt_status)) { smb_pam_end(pamh); return nt_status; @@ -598,8 +598,8 @@ static NTSTATUS check_unix_password(TALLOC_CTX *ctx, const struct auth_usersuppl NTSTATUS nt_status; int level = lp_passwordlevel(); - username = talloc_strdup(ctx, user_info->account_name); - password = talloc_strdup(ctx, user_info->plaintext_password.data); + username = talloc_strdup(ctx, user_info->mapped.account_name); + password = talloc_strdup(ctx, user_info->password.plaintext); nt_status = talloc_getpwnam(ctx, username, &pws); if (!NT_STATUS_IS_OK(nt_status)) { @@ -772,7 +772,12 @@ static NTSTATUS authunix_check_password(struct auth_method_context *ctx, TALLOC_CTX *check_ctx; NTSTATUS nt_status; - if (! user_info->account_name && ! *user_info->account_name) { + if (! user_info->mapped.account_name || ! *user_info->mapped.account_name) { + /* 'not for me' */ + return NT_STATUS_NOT_IMPLEMENTED; + } + + if (user_info->password_state != AUTH_PASSWORD_PLAIN) { return NT_STATUS_INVALID_PARAMETER; } |