/*
- Unix SMB/Netbios implementation.
- Version 1.9.
+ Unix SMB/CIFS implementation.
Main SMB reply routines
Copyright (C) Andrew Tridgell 1992-1998
#include "includes.h"
-extern int DEBUGLEVEL;
-
-
/****************************************************************************
Read the a hosts.equiv or .rhosts file and check if it
allows this user from this machine.
****************************************************************************/
-static BOOL check_user_equiv(char *user, char *remote, char *equiv_file)
+static BOOL check_user_equiv(const char *user, const char *remote, const char *equiv_file)
{
int plus_allowed = 1;
char *file_host;
/****************************************************************************
check for a possible hosts equiv or rhosts entry for the user
****************************************************************************/
-BOOL check_hosts_equiv(char *user)
+
+static BOOL check_hosts_equiv(struct passwd *pass)
{
char *fname = NULL;
- pstring rhostsfile;
- struct passwd *pass = Get_Pwnam(user,True);
if (!pass)
return(False);
/* note: don't allow hosts.equiv on root */
if (fname && *fname && (pass->pw_uid != 0)) {
- if (check_user_equiv(user,client_name(),fname))
+ if (check_user_equiv(pass->pw_name,client_name(),fname))
return(True);
}
- if (lp_use_rhosts())
- {
- char *home = get_user_home_dir(user);
- if (home) {
- slprintf(rhostsfile, sizeof(rhostsfile)-1, "%s/.rhosts", home);
- if (check_user_equiv(user,client_name(),rhostsfile))
- return(True);
- }
- }
-
return(False);
}
+
/****************************************************************************
Check for a valid .rhosts/hosts.equiv entry for this user
****************************************************************************/
-uint32 check_rhosts_security(const auth_usersupplied_info *user_info,
- auth_serversupplied_info *server_info)
+static NTSTATUS check_hostsequiv_security(const struct auth_context *auth_context,
+ void *my_private_data,
+ TALLOC_CTX *mem_ctx,
+ const auth_usersupplied_info *user_info,
+ auth_serversupplied_info **server_info)
{
- uint32 nt_status = NT_STATUS_LOGON_FAILURE;
-
- become_root();
- if (check_hosts_equiv(user_info->smb_username.str)) {
- nt_status = NT_STATUS_NOPROBLEMO;
+ NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
+ struct passwd *pass = Get_Pwnam(user_info->internal_username.str);
+
+ if (pass) {
+ if (check_hosts_equiv(pass)) {
+ nt_status = NT_STATUS_OK;
+ make_server_info_pw(server_info, pass);
+ }
+ } else {
+ nt_status = NT_STATUS_NO_SUCH_USER;
}
- unbecome_root();
return nt_status;
}
+/* module initialisation */
+BOOL auth_init_hostsequiv(struct auth_context *auth_context, auth_methods **auth_method)
+{
+ if (!make_auth_methods(auth_context, auth_method)) {
+ return False;
+ }
+
+ (*auth_method)->auth = check_hostsequiv_security;
+ return True;
+}
+/****************************************************************************
+ Check for a valid .rhosts/hosts.equiv entry for this user
+****************************************************************************/
+
+static NTSTATUS check_rhosts_security(const struct auth_context *auth_context,
+ void *my_private_data,
+ TALLOC_CTX *mem_ctx,
+ const auth_usersupplied_info *user_info,
+ auth_serversupplied_info **server_info)
+{
+ NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
+ struct passwd *pass = Get_Pwnam(user_info->internal_username.str);
+ pstring rhostsfile;
+
+ if (pass) {
+ char *home = pass->pw_dir;
+ if (home) {
+ slprintf(rhostsfile, sizeof(rhostsfile)-1, "%s/.rhosts", home);
+ become_root();
+ if (check_user_equiv(pass->pw_name,client_name(),rhostsfile)) {
+ nt_status = NT_STATUS_OK;
+ make_server_info_pw(server_info, pass);
+ }
+ unbecome_root();
+ }
+ } else {
+ nt_status = NT_STATUS_NO_SUCH_USER;
+ }
+
+ return nt_status;
+}
+
+/* module initialisation */
+BOOL auth_init_rhosts(struct auth_context *auth_context, auth_methods **auth_method)
+{
+ if (!make_auth_methods(auth_context, auth_method)) {
+ return False;
+ }
+
+ (*auth_method)->auth = check_rhosts_security;
+ return True;
+}