2 Unix SMB/Netbios implementation.
4 Authentication utility functions
5 Copyright (C) Andrew Tridgell 1992-1998
6 Copyright (C) Andrew Bartlett 2001
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern int DEBUGLEVEL;
26 /* Data to do lanman1/2 password challenge. */
27 static unsigned char saved_challenge[8];
28 static BOOL challenge_sent=False;
30 /*******************************************************************
31 Get the next challenge value - no repeats.
32 ********************************************************************/
33 void generate_next_challenge(char *challenge)
37 generate_random_buffer(buf,8,False);
38 memcpy(saved_challenge, buf, 8);
39 memcpy(challenge,buf,8);
40 challenge_sent = True;
43 /*******************************************************************
44 set the last challenge sent, usually from a password server
45 ********************************************************************/
46 BOOL set_challenge(unsigned char *challenge)
48 memcpy(saved_challenge,challenge,8);
49 challenge_sent = True;
53 /*******************************************************************
54 get the last challenge sent
55 ********************************************************************/
56 BOOL last_challenge(unsigned char *challenge)
58 if (!challenge_sent) return(False);
59 memcpy(challenge,saved_challenge,8);
64 /****************************************************************************
65 Create a UNIX user on demand.
66 ****************************************************************************/
68 static int smb_create_user(char *unix_user, char *homedir)
73 pstrcpy(add_script, lp_adduser_script());
74 if (! *add_script) return -1;
75 all_string_sub(add_script, "%u", unix_user, sizeof(pstring));
77 all_string_sub(add_script, "%H", homedir, sizeof(pstring));
78 ret = smbrun(add_script,NULL);
79 DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret));
83 /****************************************************************************
84 Delete a UNIX user on demand.
85 ****************************************************************************/
87 static int smb_delete_user(char *unix_user)
92 pstrcpy(del_script, lp_deluser_script());
93 if (! *del_script) return -1;
94 all_string_sub(del_script, "%u", unix_user, sizeof(pstring));
95 ret = smbrun(del_script,NULL);
96 DEBUG(3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret));
100 /****************************************************************************
101 Add and Delete UNIX users on demand, based on NTSTATUS codes.
102 ****************************************************************************/
104 void smb_user_control(char *unix_user, NTSTATUS nt_status)
106 struct passwd *pwd=NULL;
108 if (NT_STATUS_IS_OK(nt_status)) {
110 * User validated ok against Domain controller.
111 * If the admin wants us to try and create a UNIX
112 * user on the fly, do so.
114 if(lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True)))
115 smb_create_user(unix_user, NULL);
117 if(lp_adduser_script() && pwd) {
121 * Also call smb_create_user if the users home directory
122 * doesn't exist. Used with winbindd to allow the script to
123 * create the home directory for a user mapped with winbindd.
126 if (pwd->pw_dir && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT))
127 smb_create_user(unix_user, pwd->pw_dir);
130 } else if (NT_STATUS_V(nt_status) == NT_STATUS_V(NT_STATUS_NO_SUCH_USER)) {
132 * User failed to validate ok against Domain controller.
133 * If the failure was "user doesn't exist" and admin
134 * wants us to try and delete that UNIX user on the fly,
137 if(lp_deluser_script() && smb_getpwnam(unix_user,True))
138 smb_delete_user(unix_user);