source/auth/auth_anonymous.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    Anonymous Authentification
   5
   6    Copyright (C) Stefan Metzmacher            2004-2005
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 #include "includes.h"
  24 #include "auth/auth.h"
  25 #include "librpc/gen_ndr/ndr_samr.h"
  26 #include "librpc/gen_ndr/ndr_security.h"
  27
  28 /**
  29  * Return a anonymous logon for anonymous users (username = "")
  30  *
  31  * Typically used as the first module in the auth chain, this allows
  32  * anonymou logons to be dealt with in one place.  Non-anonymou logons 'fail'
  33  * and pass onto the next module.
  34  **/
  35 static NTSTATUS anonymous_check_password(struct auth_method_context *ctx,
  36                                          TALLOC_CTX *mem_ctx,
  37                                          const struct auth_usersupplied_info *user_info,
  38                                          struct auth_serversupplied_info **_server_info)
  39 {
  40         struct auth_serversupplied_info *server_info;
  41
  42         if (user_info->account_name && *user_info->account_name) {
  43                 return NT_STATUS_NOT_IMPLEMENTED;
  44         }
  45
  46         server_info = talloc(mem_ctx, struct auth_serversupplied_info);
  47         NT_STATUS_HAVE_NO_MEMORY(server_info);
  48
  49         server_info->account_sid = dom_sid_parse_talloc(server_info, SID_NT_ANONYMOUS);
  50         NT_STATUS_HAVE_NO_MEMORY(server_info->account_sid);
  51
  52         /* is this correct? */
  53         server_info->primary_group_sid = dom_sid_parse_talloc(server_info, SID_BUILTIN_GUESTS);
  54         NT_STATUS_HAVE_NO_MEMORY(server_info->primary_group_sid);
  55
  56         server_info->n_domain_groups = 0;
  57         server_info->domain_groups = NULL;
  58
  59         /* annoying, but the Anonymous really does have a session key,
  60            and it is all zeros! */
  61         server_info->user_session_key = data_blob_talloc(server_info, NULL, 16);
  62         NT_STATUS_HAVE_NO_MEMORY(server_info->user_session_key.data);
  63
  64         server_info->lm_session_key = data_blob_talloc(server_info, NULL, 16);
  65         NT_STATUS_HAVE_NO_MEMORY(server_info->lm_session_key.data);
  66
  67         data_blob_clear(&server_info->user_session_key);
  68         data_blob_clear(&server_info->lm_session_key);
  69
  70         server_info->account_name = talloc_strdup(server_info, "ANONYMOUS LOGON");
  71         NT_STATUS_HAVE_NO_MEMORY(server_info->account_name);
  72
  73         server_info->domain_name = talloc_strdup(server_info, "NT AUTHORITY");
  74         NT_STATUS_HAVE_NO_MEMORY(server_info->domain_name);
  75
  76         server_info->full_name = talloc_strdup(server_info, "Anonymous Logon");
  77         NT_STATUS_HAVE_NO_MEMORY(server_info->full_name);
  78
  79         server_info->logon_script = talloc_strdup(server_info, "");
  80         NT_STATUS_HAVE_NO_MEMORY(server_info->logon_script);
  81
  82         server_info->profile_path = talloc_strdup(server_info, "");
  83         NT_STATUS_HAVE_NO_MEMORY(server_info->profile_path);
  84
  85         server_info->home_directory = talloc_strdup(server_info, "");
  86         NT_STATUS_HAVE_NO_MEMORY(server_info->home_directory);
  87
  88         server_info->home_drive = talloc_strdup(server_info, "");
  89         NT_STATUS_HAVE_NO_MEMORY(server_info->home_drive);
  90
  91         server_info->last_logon = 0;
  92         server_info->last_logoff = 0;
  93         server_info->acct_expiry = 0;
  94         server_info->last_password_change = 0;
  95         server_info->allow_password_change = 0;
  96         server_info->force_password_change = 0;
  97
  98         server_info->logon_count = 0;
  99         server_info->bad_password_count = 0;
 100
 101         server_info->acct_flags = ACB_NORMAL;
 102
 103         server_info->authenticated = False;
 104
 105         *_server_info = server_info;
 106
 107         return NT_STATUS_OK;
 108 }
 109
 110 static struct auth_operations anonymous_auth_ops = {
 111         .name           = "anonymous",
 112         .get_challenge  = auth_get_challenge_not_implemented,
 113         .check_password = anonymous_check_password
 114 };
 115
 116 NTSTATUS auth_anonymous_init(void)
 117 {
 118         NTSTATUS ret;
 119
 120         ret = auth_register(&anonymous_auth_ops);
 121         if (!NT_STATUS_IS_OK(ret)) {
 122                 DEBUG(0,("Failed to register 'anonymous' auth backend!\n"));
 123                 return ret;
 124         }
 125
 126         return ret;
 127 }