#include "dlinklist.h"
#include "auth/auth.h"
#include "lib/events/events.h"
+#include "build.h"
/***************************************************************************
Set a fixed challenge
if (challenge.length != 8) {
DEBUG(0, ("auth_get_challenge: invalid challenge (length %u) by mothod [%s]\n",
- challenge.length, method->ops->name));
+ (unsigned)challenge.length, method->ops->name));
return NT_STATUS_INTERNAL_ERROR;
}
* of that structure is undefined.
*
* @param user_info Contains the user supplied components, including the passwords.
- * Must be created with make_user_info() or one of its wrappers.
*
* @param auth_context Supplies the challenges and some other data.
* Must be created with make_auth_context(), and the challenges should be
struct auth_serversupplied_info **server_info)
{
/* if all the modules say 'not for me' this is reasonable */
- NTSTATUS nt_status = NT_STATUS_NO_SUCH_USER;
+ NTSTATUS nt_status;
struct auth_method_context *method;
const char *method_name = "NO METHOD";
const uint8_t *challenge;
+ struct auth_usersupplied_info *user_info_tmp;
DEBUG(3, ("auth_check_password: Checking password for unmapped user [%s]\\[%s]@[%s]\n",
user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name));
+ if (!user_info->mapped_state) {
+ nt_status = map_user_info(mem_ctx, user_info, &user_info_tmp);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
+ user_info = user_info_tmp;
+ }
+
DEBUGADD(3,("auth_check_password: mapped user is: [%s]\\[%s]@[%s]\n",
- user_info->domain_name, user_info->account_name, user_info->workstation_name));
+ user_info->mapped.domain_name, user_info->mapped.account_name, user_info->workstation_name));
nt_status = auth_get_challenge(auth_ctx, &challenge);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("auth_check_password: Invalid challenge (length %u) stored for this auth context set_by %s - cannot continue: %s\n",
- auth_ctx->challenge.data.length, auth_ctx->challenge.set_by, nt_errstr(nt_status)));
+ (unsigned)auth_ctx->challenge.data.length, auth_ctx->challenge.set_by, nt_errstr(nt_status)));
return nt_status;
}
DEBUG(10, ("challenge is: \n"));
dump_data(5, auth_ctx->challenge.data.data, auth_ctx->challenge.data.length);
-#ifdef DEBUG_PASSWORD
- DEBUG(100, ("user_info has passwords of length %d and %d\n",
- user_info->lm_resp.length, user_info->nt_resp.length));
- DEBUG(100, ("lm:\n"));
- dump_data(100, user_info->lm_resp.data, user_info->lm_resp.length);
- DEBUG(100, ("nt:\n"));
- dump_data(100, user_info->nt_resp.data, user_info->nt_resp.length);
-#endif
-
+ nt_status = NT_STATUS_NO_SUCH_USER; /* If all the modules say 'not for me', then this is reasonable */
for (method = auth_ctx->methods; method; method = method->next) {
NTSTATUS result;
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(2,("auth_check_password: %s authentication for user [%s\\%s] FAILED with error %s\n",
- method_name, user_info->domain_name, user_info->account_name,
+ method_name, user_info->mapped.domain_name, user_info->mapped.account_name,
nt_errstr(nt_status)));
return nt_status;
}
backends = realloc_p(backends, struct auth_backend, num_backends+1);
if (!backends) {
- smb_panic("out of memory in auth_register");
+ return NT_STATUS_NO_MEMORY;
}
new_ops = smb_xmemdup(ops, sizeof(*ops));
return &critical_sizes;
}
-NTSTATUS server_service_auth_init(void)
+NTSTATUS auth_init(void)
{
+ static BOOL initialized = False;
+
+ init_module_fn static_init[] = STATIC_auth_MODULES;
+ init_module_fn *shared_init;
+
+ if (initialized) return NT_STATUS_OK;
+ initialized = True;
+
+ shared_init = load_samba_modules(NULL, "auth");
+
+ run_init_functions(static_init);
+ run_init_functions(shared_init);
+
+ talloc_free(shared_init);
+
return NT_STATUS_OK;
}
+
+NTSTATUS server_service_auth_init(void)
+{
+ return auth_init();
+}