diff options
author | Simo Sorce <simo@redhat.com> | 2014-08-04 12:48:56 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-08-07 12:44:46 -0400 |
commit | 193ec981cd15fb56283015608842fff1b781656b (patch) | |
tree | a6ba453e8631259f6f9a3b970cf4a621d701192a | |
parent | c0ab9d46730db8196ce46fa3e346009d30cee029 (diff) | |
download | gss-ntlmssp-193ec981cd15fb56283015608842fff1b781656b.tar.gz gss-ntlmssp-193ec981cd15fb56283015608842fff1b781656b.tar.xz gss-ntlmssp-193ec981cd15fb56283015608842fff1b781656b.zip |
Add call to get creds from winbind
Based on David Woodhouse work.
-rw-r--r-- | src/external.c | 4 | ||||
-rw-r--r-- | src/gss_ntlmssp_winbind.h | 3 | ||||
-rw-r--r-- | src/winbind.c | 58 |
3 files changed, 65 insertions, 0 deletions
diff --git a/src/external.c b/src/external.c index a8c41f8..533c29b 100644 --- a/src/external.c +++ b/src/external.c @@ -16,7 +16,11 @@ uint32_t external_netbios_get_names(char **computer, char **domain) uint32_t external_get_creds(struct gssntlm_name *name, struct gssntlm_cred *cred) { +#if HAVE_WBCLIENT + return winbind_get_creds(name, cred); +#else return ENOSYS; +#endif } uint32_t external_srv_auth(char *user, char *domain, diff --git a/src/gss_ntlmssp_winbind.h b/src/gss_ntlmssp_winbind.h index 6d57680..05d8aba 100644 --- a/src/gss_ntlmssp_winbind.h +++ b/src/gss_ntlmssp_winbind.h @@ -1,5 +1,8 @@ /* Copyright (C) 2014 GSS-NTLMSSP contributors, see COPYING for License */ +uint32_t winbind_get_creds(struct gssntlm_name *name, + struct gssntlm_cred *cred); + uint32_t winbind_srv_auth(char *user, char *domain, char *workstation, uint8_t *challenge, struct ntlm_buffer *nt_chal_resp, diff --git a/src/winbind.c b/src/winbind.c index 58114fe..f36e3ff 100644 --- a/src/winbind.c +++ b/src/winbind.c @@ -10,6 +10,64 @@ #include <wbclient.h> +uint32_t winbind_get_creds(struct gssntlm_name *name, + struct gssntlm_cred *cred) +{ + struct wbcCredentialCacheParams params; + struct wbcCredentialCacheInfo *result; + struct wbcInterfaceDetails *details = NULL; + wbcErr wbc_status; + int ret = ENOENT; + + if (name && name->data.user.domain) { + params.domain_name = name->data.user.domain; + } else { + wbc_status = wbcInterfaceDetails(&details); + if (!WBC_ERROR_IS_OK(wbc_status)) goto done; + + params.domain_name = details->netbios_domain; + } + + if (name && name->data.user.name) { + params.account_name = name->data.user.name; + } else { + params.account_name = getenv("NTLMUSER"); + if (!params.account_name) { + params.account_name = getenv("USER"); + } + if (!params.account_name) goto done; + } + + params.level = WBC_CREDENTIAL_CACHE_LEVEL_NTLMSSP; + params.num_blobs = 0; + params.blobs = NULL; + wbc_status = wbcCredentialCache(¶ms, &result, NULL); + + if(!WBC_ERROR_IS_OK(wbc_status)) goto done; + + /* Yes, winbind seems to think it has credentials for us */ + wbcFreeMemory(result); + + cred->type = GSSNTLM_CRED_EXTERNAL; + cred->cred.external.user.type = GSSNTLM_NAME_USER; + cred->cred.external.user.data.user.domain = strdup(params.domain_name); + if (!cred->cred.external.user.data.user.domain) { + ret = ENOMEM; + goto done; + } + cred->cred.external.user.data.user.name = strdup(params.account_name); + if (!cred->cred.external.user.data.user.name) { + ret = ENOMEM; + goto done; + } + + ret = 0; + +done: + wbcFreeMemory(details); + return ret; +} + uint32_t winbind_srv_auth(char *user, char *domain, char *workstation, uint8_t *challenge, struct ntlm_buffer *nt_chal_resp, |