source3/winbindd/winbindd_pam_auth_crap.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    async implementation of WINBINDD_PAM_AUTH_CRAP
   4    Copyright (C) Volker Lendecke 2010
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19
  20 #include "includes.h"
  21 #include "winbindd.h"
  22
  23 struct winbindd_pam_auth_crap_state {
  24         struct winbindd_response *response;
  25         struct netr_SamInfo3 *info3;
  26         uint32_t flags;
  27 };
  28
  29 static void winbindd_pam_auth_crap_done(struct tevent_req *subreq);
  30
  31 struct tevent_req *winbindd_pam_auth_crap_send(
  32         TALLOC_CTX *mem_ctx,
  33         struct tevent_context *ev,
  34         struct winbindd_cli_state *cli,
  35         struct winbindd_request *request)
  36 {
  37         struct tevent_req *req, *subreq;
  38         struct winbindd_pam_auth_crap_state *state;
  39         struct winbindd_domain *domain;
  40
  41         req = tevent_req_create(mem_ctx, &state,
  42                                 struct winbindd_pam_auth_crap_state);
  43         if (req == NULL) {
  44                 return NULL;
  45         }
  46
  47         if (request->flags & WBFLAG_PAM_AUTH_PAC) {
  48                 NTSTATUS status;
  49
  50                 state->flags = request->flags;
  51                 status = winbindd_pam_auth_pac_send(cli, &state->info3);
  52                 if (NT_STATUS_IS_OK(status)) {
  53                         /* Defer filling out response to recv */
  54                         tevent_req_done(req);
  55                 } else {
  56                         tevent_req_nterror(req, status);
  57                 }
  58
  59                 return tevent_req_post(req, ev);
  60         }
  61
  62         /* Ensure null termination */
  63         request->data.auth_crap.user[
  64                 sizeof(request->data.auth_crap.user)-1] = '\0';
  65         request->data.auth_crap.domain[
  66                 sizeof(request->data.auth_crap.domain)-1] = '\0';
  67         request->data.auth_crap.workstation[
  68                 sizeof(request->data.auth_crap.workstation)-1] = '\0';
  69
  70         DEBUG(3, ("[%5lu]: pam auth crap domain: [%s] user: %s\n",
  71                   (unsigned long)cli->pid,
  72                   request->data.auth_crap.domain,
  73                   request->data.auth_crap.user));
  74
  75         if (!check_request_flags(request->flags)) {
  76                 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX);
  77                 return tevent_req_post(req, ev);
  78         }
  79
  80         if ((request->data.auth_crap.domain[0] == '\0')
  81             && lp_winbind_use_default_domain()) {
  82                 fstrcpy(request->data.auth_crap.domain,
  83                         lp_workgroup());
  84         }
  85
  86         domain = find_auth_domain(
  87                 request->flags, request->data.auth_crap.domain);
  88         if (domain == NULL) {
  89                 tevent_req_nterror(req, NT_STATUS_NO_SUCH_USER);
  90                 return tevent_req_post(req, ev);
  91         }
  92
  93         if (request->data.auth_crap.workstation[0] == '\0') {
  94                 fstrcpy(request->data.auth_crap.workstation, lp_netbios_name());
  95         }
  96
  97         subreq = wb_domain_request_send(state, winbind_event_context(), domain,
  98                                         request);
  99         if (tevent_req_nomem(subreq, req)) {
 100                 return tevent_req_post(req, ev);
 101         }
 102         tevent_req_set_callback(subreq, winbindd_pam_auth_crap_done, req);
 103         return req;
 104 }
 105
 106 static void winbindd_pam_auth_crap_done(struct tevent_req *subreq)
 107 {
 108         struct tevent_req *req = tevent_req_callback_data(
 109                 subreq, struct tevent_req);
 110         struct winbindd_pam_auth_crap_state *state = tevent_req_data(
 111                 req, struct winbindd_pam_auth_crap_state);
 112         int res, err;
 113
 114         res = wb_domain_request_recv(subreq, state, &state->response, &err);
 115         TALLOC_FREE(subreq);
 116         if (res == -1) {
 117                 tevent_req_nterror(req, map_nt_error_from_unix(err));
 118                 return;
 119         }
 120         tevent_req_done(req);
 121 }
 122
 123 NTSTATUS winbindd_pam_auth_crap_recv(struct tevent_req *req,
 124                                      struct winbindd_response *response)
 125 {
 126         struct winbindd_pam_auth_crap_state *state = tevent_req_data(
 127                 req, struct winbindd_pam_auth_crap_state);
 128         NTSTATUS status;
 129
 130         if (tevent_req_is_nterror(req, &status)) {
 131                 set_auth_errors(response, status);
 132                 return status;
 133         }
 134
 135         if (state->flags & WBFLAG_PAM_AUTH_PAC) {
 136                 return append_auth_data(response, response, state->flags,
 137                                         state->info3, NULL, NULL);
 138         }
 139
 140         *response = *state->response;
 141         response->result = WINBINDD_PENDING;
 142         state->response = talloc_move(response, &state->response);
 143         return NT_STATUS(response->data.auth.nt_status);
 144 }