From 6d6f1c0522201792412b4618098536bcc45f4919 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 24 Mar 2003 23:03:46 +0000 Subject: [PATCH] - Add support to auth/ for the new modules system - Quite some small fixes (also fixes the build) (This used to be commit 3defbd5e0633acfa4631531b49601c7706072d86) --- source3/Makefile.in | 8 +++- source3/aclocal.m4 | 4 +- source3/auth/auth.c | 94 +++++++++++++++++++++++-------------- source3/auth/auth_builtin.c | 54 ++++----------------- source3/auth/auth_domain.c | 7 +++ source3/auth/auth_rhosts.c | 7 +++ source3/auth/auth_sam.c | 8 ++++ source3/auth/auth_server.c | 5 ++ source3/auth/auth_unix.c | 4 ++ source3/auth/auth_winbind.c | 5 ++ source3/configure.in | 19 ++++++-- source3/include/auth.h | 4 ++ 12 files changed, 129 insertions(+), 90 deletions(-) diff --git a/source3/Makefile.in b/source3/Makefile.in index 3c2a43dd0fe..daf495c25ec 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -55,6 +55,7 @@ VFSLIBDIR = $(LIBDIR)/vfs PDBLIBDIR = $(LIBDIR)/pdb RPCLIBDIR = $(LIBDIR)/rpc CHARSETLIBDIR = $(LIBDIR)/charset +AUTHLIBDIR = $(LIBDIR)/auth CONFIGDIR = @configdir@ VARDIR = @localstatedir@ MANDIR = @mandir@ @@ -140,7 +141,8 @@ VFS_MODULES = bin/vfs_audit.@SHLIBEXT@ bin/vfs_extd_audit.@SHLIBEXT@ bin/vfs_rec PDB_MODULES = @PDB_MODULES@ RPC_MODULES = @RPC_MODULES@ CHARSET_MODULES = @CHARSET_MODULES@ -MODULES = $(VFS_MODULES) $(PDB_MODULES) $(RPC_MODULES) $(CHARSET_MODULES) +AUTH_MODULES = @AUTH_MODULES@ +MODULES = $(VFS_MODULES) $(PDB_MODULES) $(RPC_MODULES) $(CHARSET_MODULES) $(AUTH_MODULES) ###################################################################### # object file lists @@ -1058,11 +1060,12 @@ installbin: all installdirs @$(SHELL) $(srcdir)/script/installbin.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(BINDIR) $(DESTDIR)$(LIBDIR) $(DESTDIR)$(VARDIR) $(BIN_PROGS) -installmodules: all installdirs +installmodules: all modules installdirs @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(VFSLIBDIR) $(VFS_MODULES) @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(PDB_MODULES) @$(SHELL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(RPC_MODULES) @$(SHEEL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(CHARSETLIBDIR) $(CHARSET_MODULES) + @$(SHEEL) $(srcdir)/script/installmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(AUTHLIBDIR) $(AUTH_MODULES) installscripts: installdirs @$(SHELL) $(srcdir)/script/installscripts.sh $(INSTALLPERMS) $(DESTDIR)$(BINDIR) $(SCRIPTS) @@ -1138,6 +1141,7 @@ uninstallmodules: @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(PDBLIBDIR) $(DESTDIR)$(PDB_MODULES) @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(RPCLIBDIR) $(DESTDIR)$(RPC_MODULES) @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(CHARSETLIBDIR) $(DESTDIR)$(CHARSET_MODULES) + @$(SHELL) $(srcdir)/script/uninstallmodules.sh $(INSTALLPERMS) $(DESTDIR)$(BASEDIR) $(DESTDIR)$(AUTHLIBDIR) $(DESTDIR)$(AUTH_MODULES) uninstallscripts: @$(SHELL) $(srcdir)/script/uninstallscripts.sh $(INSTALLPERMS) $(DESTDIR)$(BINDIR) $(SCRIPTS) diff --git a/source3/aclocal.m4 b/source3/aclocal.m4 index 79fbc8628ed..5d9070fcd99 100644 --- a/source3/aclocal.m4 +++ b/source3/aclocal.m4 @@ -51,11 +51,11 @@ AC_DEFUN(SMB_MODULE, if test x"$DEST" = xSHARED; then AC_DEFINE([$1][_init], [init_module], [Whether to build $1 as shared module]) - $5_MODULES="$$4_MODULES $3" + $4_MODULES="$$4_MODULES $3" AC_MSG_RESULT([shared]) elif test x"$DEST" = xSTATIC; then [init_static_modules_]translit([$4], [A-Z], [a-z])="$[init_static_modules_]translit([$4], [A-Z], [a-z]) $1_init();" - $5_STATIC="$$4_STATIC $2" + $4_STATIC="$$4_STATIC $2" AC_SUBST($4_STATIC) AC_MSG_RESULT([static]) else diff --git a/source3/auth/auth.c b/source3/auth/auth.c index 8b33010e915..4416f93fba0 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -23,27 +23,45 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH -/** List of various built-in authentication modules */ - -static const struct auth_init_function_entry builtin_auth_init_functions[] = { - { "guest", auth_init_guest }, - { "rhosts", auth_init_rhosts }, - { "hostsequiv", auth_init_hostsequiv }, - { "sam", auth_init_sam }, - { "samstrict", auth_init_samstrict }, - { "samstrict_dc", auth_init_samstrict_dc }, - { "unix", auth_init_unix }, - { "smbserver", auth_init_smbserver }, - { "ntdomain", auth_init_ntdomain }, - { "trustdomain", auth_init_trustdomain }, - { "winbind", auth_init_winbind }, -#ifdef DEVELOPER - { "name_to_ntstatus", auth_init_name_to_ntstatus }, - { "fixed_challenge", auth_init_fixed_challenge }, -#endif - { "plugin", auth_init_plugin }, - { NULL, NULL} -}; +static struct auth_init_function_entry *backends = NULL; + +BOOL smb_register_auth(const char *name, auth_init_function init, int version) +{ + struct auth_init_function_entry *entry = backends; + + if(version != AUTH_INTERFACE_VERSION) + return False; + + DEBUG(5,("Attempting to register auth backend %s\n", name)); + + while(entry) { + if (strequal(name, entry->name)) { + DEBUG(0,("There already is an auth backend registered with the name %s!\n", name)); + return False; + } + entry = entry->next; + } + + entry = smb_xmalloc(sizeof(struct auth_init_function_entry)); + entry->name = smb_xstrdup(name); + entry->init = init; + + DLIST_ADD(backends, entry); + DEBUG(5,("Successfully added auth backend '%s'\n", name)); + return True; +} + +static struct auth_init_function_entry *auth_find_backend_entry(const char *name) +{ + struct auth_init_function_entry *entry = backends; + + while(entry) { + if (strequal(entry->name, name)) return entry; + entry = entry->next; + } + + return NULL; +} /**************************************************************************** Try to get a challenge out of the various authentication modules. @@ -325,8 +343,8 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, auth_methods *list = NULL; auth_methods *t = NULL; auth_methods *tmp; - int i; NTSTATUS nt_status; + static BOOL initialised_static_modules = False; if (!text_list) { DEBUG(2,("make_auth_context_text_list: No auth method list!?\n")); @@ -335,11 +353,17 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context))) return nt_status; + + /* Initialise static modules if not done so yet */ + if(!initialised_static_modules) { + static_init_auth; + initialised_static_modules = True; + } for (;*text_list; text_list++) { DEBUG(5,("make_auth_context_text_list: Attempting to find an auth method to match %s\n", *text_list)); - for (i = 0; builtin_auth_init_functions[i].name; i++) { + struct auth_init_function_entry *entry; char *module_name = smb_xstrdup(*text_list); char *module_params = NULL; char *p; @@ -353,20 +377,20 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, trim_string(module_name, " ", " "); - if (strequal(builtin_auth_init_functions[i].name, module_name)) { - DEBUG(5,("make_auth_context_text_list: Found auth method %s (at pos %d)\n", *text_list, i)); - if (NT_STATUS_IS_OK(builtin_auth_init_functions[i].init(*auth_context, module_params, &t))) { - DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n", - *text_list)); - DLIST_ADD_END(list, t, tmp); - } else { - DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n", - *text_list)); - } - break; + entry = auth_find_backend_entry(module_name); + + if(!(entry = auth_find_backend_entry(module_name)) && !smb_probe_module("auth", module_name) && + !(entry = auth_find_backend_entry(module_name))) { + DEBUG(0,("make_auth_context_text_list: can't find auth method %s!\n", module_name)); + } else if (!NT_STATUS_IS_OK(entry->init(*auth_context, module_params, &t))) { + DEBUG(0,("make_auth_context_text_list: auth method %s did not correctly init\n", + *text_list)); + } else { + DEBUG(5,("make_auth_context_text_list: auth method %s has a valid init\n", + *text_list)); + DLIST_ADD_END(list, t, tmp); } SAFE_FREE(module_name); - } } (*auth_context)->auth_method_list = list; diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c index 3b0b84b5256..509a4afba9b 100644 --- a/source3/auth/auth_builtin.c +++ b/source3/auth/auth_builtin.c @@ -1,6 +1,6 @@ /* Unix SMB/CIFS implementation. - Generic authenticaion types + Generic authentication types Copyright (C) Andrew Bartlett 2001-2002 Copyright (C) Jelmer Vernooij 2002 @@ -161,50 +161,12 @@ NTSTATUS auth_init_fixed_challenge(struct auth_context *auth_context, const char return NT_STATUS_OK; } -/** - * Outsorce an auth module to an external loadable .so - * - * Only works on systems with dlopen() etc. - **/ - -/* Plugin modules initialisation */ - -NTSTATUS auth_init_plugin(struct auth_context *auth_context, const char *param, auth_methods **auth_method) +int auth_builtin_init(void) { - void * dl_handle; - char *plugin_param, *plugin_name, *p; - auth_init_function plugin_init; - - if (param == NULL) { - DEBUG(0, ("auth_init_plugin: The plugin module needs an argument!\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - plugin_name = smb_xstrdup(param); - p = strchr(plugin_name, ':'); - if (p) { - *p = 0; - plugin_param = p+1; - trim_string(plugin_param, " ", " "); - } else plugin_param = NULL; - - trim_string(plugin_name, " ", " "); - - DEBUG(5, ("auth_init_plugin: Trying to load auth plugin %s\n", plugin_name)); - dl_handle = sys_dlopen(plugin_name, RTLD_NOW ); - if (!dl_handle) { - DEBUG(0, ("auth_init_plugin: Failed to load auth plugin %s using sys_dlopen (%s)\n", - plugin_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - plugin_init = sys_dlsym(dl_handle, "auth_init"); - if (!plugin_init){ - DEBUG(0, ("Failed to find function 'auth_init' using sys_dlsym in sam plugin %s (%s)\n", - plugin_name, sys_dlerror())); - return NT_STATUS_UNSUCCESSFUL; - } - - DEBUG(5, ("Starting sam plugin %s with paramater %s\n", plugin_name, plugin_param?plugin_param:"(null)")); - return plugin_init(auth_context, plugin_param, auth_method); + smb_register_auth("guest", auth_init_guest, AUTH_INTERFACE_VERSION); +#ifdef DEVELOPER + smb_register_auth("fixed_challenge", auth_init_fixed_challenge, AUTH_INTERFACE_VERSION); + smb_register_auth("name_to_ntstatus", auth_init_name_to_ntstatus, AUTH_INTERFACE_VERSION); +#endif + return True; } diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index 7cf7ed11999..9ca2f4e1905 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -545,3 +545,10 @@ NTSTATUS auth_init_trustdomain(struct auth_context *auth_context, const char* pa (*auth_method)->auth = check_trustdomain_security; return NT_STATUS_OK; } + +int auth_domain_init(void) +{ + smb_register_auth("trustdomain", auth_init_trustdomain, AUTH_INTERFACE_VERSION); + smb_register_auth("ntdomain", auth_init_ntdomain, AUTH_INTERFACE_VERSION); + return True; +} diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c index 5451f7d9309..db371935799 100644 --- a/source3/auth/auth_rhosts.c +++ b/source3/auth/auth_rhosts.c @@ -242,3 +242,10 @@ NTSTATUS auth_init_rhosts(struct auth_context *auth_context, const char *param, (*auth_method)->name = "rhosts"; return NT_STATUS_OK; } + +int auth_rhosts_init(void) +{ + smb_register_auth("rhosts", auth_init_rhosts, AUTH_INTERFACE_VERSION); + smb_register_auth("hostsequiv", auth_init_hostsequiv, AUTH_INTERFACE_VERSION); + return True; +} diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index 48fabba0a22..aa399f33e2e 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -562,3 +562,11 @@ NTSTATUS auth_init_samstrict_dc(struct auth_context *auth_context, const char *p (*auth_method)->name = "samstrict_dc"; return NT_STATUS_OK; } + +int auth_sam_init(void) +{ + smb_register_auth("samstrict_dc", auth_init_samstrict_dc, AUTH_INTERFACE_VERSION); + smb_register_auth("samstrict", auth_init_samstrict, AUTH_INTERFACE_VERSION); + smb_register_auth("sam", auth_init_sam, AUTH_INTERFACE_VERSION); + return True; +} diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index 5144852d3b4..a311f01dc3f 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -400,3 +400,8 @@ NTSTATUS auth_init_smbserver(struct auth_context *auth_context, const char* para (*auth_method)->free_private_data = free_server_private_data; return NT_STATUS_OK; } + +int auth_server_init(void) +{ + return smb_register_auth("smbserver", auth_init_smbserver, AUTH_INTERFACE_VERSION); +} diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c index 4f44767a81a..efab2046c36 100644 --- a/source3/auth/auth_unix.c +++ b/source3/auth/auth_unix.c @@ -130,3 +130,7 @@ NTSTATUS auth_init_unix(struct auth_context *auth_context, const char* param, au return NT_STATUS_OK; } +int auth_unix_init(void) +{ + return smb_register_auth("unix", auth_init_unix, AUTH_INTERFACE_VERSION); +} diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index 5e1567d3c19..e2a292dd015 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -134,3 +134,8 @@ NTSTATUS auth_init_winbind(struct auth_context *auth_context, const char *param, (*auth_method)->auth = check_winbind_security; return NT_STATUS_OK; } + +int auth_winbind_init(void) +{ + return smb_register_auth("winbind", auth_init_winbind, AUTH_INTERFACE_VERSION); +} diff --git a/source3/configure.in b/source3/configure.in index 0c8301d1dae..4a1ed3ab4b6 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -239,7 +239,7 @@ AC_VALIDATE_CACHE_SYSTEM_TYPE DYNEXP= dnl Add modules that have to be built by default here -default_modules="pdb_smbpasswd pdb_tdbsam pdb_unix rpc_lsa rpc_samr rpc_reg rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss" +default_modules="pdb_smbpasswd pdb_tdbsam pdb_unix rpc_lsa rpc_samr rpc_reg rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin" # # Config CPPFLAG settings for strange OS's that must be set @@ -3377,10 +3377,10 @@ SMB_MODULE(pdb_guest, passdb/pdb_guest.o, bin/guest.so, PDB) SMB_SUBSYSTEM(PDB) SMB_MODULE(rpc_lsa, \$(RPC_LSA_OBJ), bin/librpc_lsarpc.so, RPC) -SMB_MODULE(rpc_reg, \$(RPC_REG_OBJ), bin/librpc_reg.so, RPC) -SMB_MODULE(rpc_wks, \$(RPC_WKS_OBJ), bin/librpc_wks.so, RPC) -SMB_MODULE(rpc_net, \$(RPC_NETLOG_OBJ), bin/librpc_netlog.so, RPC) -SMB_MODULE(rpc_dfs, \$(RPC_DFS_OBJ), bin/librpc_dfs.so, RPC) +SMB_MODULE(rpc_reg, \$(RPC_REG_OBJ), bin/librpc_winreg.so, RPC) +SMB_MODULE(rpc_wks, \$(RPC_WKS_OBJ), bin/librpc_wkssvc.so, RPC) +SMB_MODULE(rpc_net, \$(RPC_NETLOG_OBJ), bin/librpc_NETLOGON.so, RPC) +SMB_MODULE(rpc_dfs, \$(RPC_DFS_OBJ), bin/librpc_netdfs.so, RPC) SMB_MODULE(rpc_srv, \$(RPC_SVC_OBJ), bin/librpc_srvsvc.so, RPC) SMB_MODULE(rpc_spoolss, \$(RPC_SPOOLSS_OBJ), bin/librpc_spoolss.so, RPC) SMB_MODULE(rpc_samr, \$(RPC_SAMR_OBJ), bin/librpc_samr.so, RPC) @@ -3389,6 +3389,15 @@ SMB_SUBSYSTEM(RPC) SMB_MODULE(charset_weird, modules/developer.o, bin/developer.so, CHARSET) SMB_SUBSYSTEM(CHARSET) +SMB_MODULE(auth_rhosts, auth/auth_rhosts.o, bin/rhosts.so, AUTH) +SMB_MODULE(auth_sam, auth/auth_sam.o, bin/sam.so, AUTH) +SMB_MODULE(auth_unix, auth/auth_unix.o, bin/unix.so, AUTH) +SMB_MODULE(auth_winbind, auth/auth_winbind.o, bin/winbind.so, AUTH) +SMB_MODULE(auth_server, auth/auth_server.o, bin/server.so, AUTH) +SMB_MODULE(auth_domain, auth/auth_domain.o, bin/domain.so, AUTH) +SMB_MODULE(auth_builtin, auth/auth_builtin.o, bin/builtin.so, AUTH) +SMB_SUBSYSTEM(AUTH) + ################################################# # do extra things if we are running insure diff --git a/source3/include/auth.h b/source3/include/auth.h index e37f181082e..626b9f3ba04 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -148,6 +148,8 @@ struct auth_init_function_entry { /* Function to create a member of the authmethods list */ auth_init_function init; + + struct auth_init_function_entry *prev, *next; }; typedef struct auth_ntlmssp_state @@ -158,4 +160,6 @@ typedef struct auth_ntlmssp_state struct ntlmssp_state *ntlmssp_state; } AUTH_NTLMSSP_STATE; +#define AUTH_INTERFACE_VERSION 1 + #endif /* _SMBAUTH_H_ */ -- 2.34.1