Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : Anonymous Authentification
5 :
6 : Copyright (C) Stefan Metzmacher 2004-2005
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include "includes.h"
23 : #include <tevent.h>
24 : #include "auth/auth.h"
25 : #include "auth/ntlm/auth_proto.h"
26 : #include "param/param.h"
27 : #include "lib/util/tevent_ntstatus.h"
28 :
29 : #undef DBGC_CLASS
30 : #define DBGC_CLASS DBGC_AUTH
31 :
32 : _PUBLIC_ NTSTATUS auth4_anonymous_init(TALLOC_CTX *);
33 :
34 : /**
35 : * Return a anonymous logon for anonymous users (username = "")
36 : *
37 : * Typically used as the first module in the auth chain, this allows
38 : * anonymou logons to be dealt with in one place. Non-anonymou logons 'fail'
39 : * and pass onto the next module.
40 : **/
41 9608 : static NTSTATUS anonymous_want_check(struct auth_method_context *ctx,
42 : TALLOC_CTX *mem_ctx,
43 : const struct auth_usersupplied_info *user_info)
44 : {
45 9608 : if (user_info->client.account_name && *user_info->client.account_name) {
46 9283 : return NT_STATUS_NOT_IMPLEMENTED;
47 : }
48 :
49 325 : switch (user_info->password_state) {
50 4 : case AUTH_PASSWORD_PLAIN:
51 8 : if (user_info->password.plaintext != NULL &&
52 4 : strlen(user_info->password.plaintext) > 0)
53 : {
54 0 : return NT_STATUS_NOT_IMPLEMENTED;
55 : }
56 4 : break;
57 0 : case AUTH_PASSWORD_HASH:
58 0 : if (user_info->password.hash.lanman != NULL) {
59 0 : return NT_STATUS_NOT_IMPLEMENTED;
60 : }
61 0 : if (user_info->password.hash.nt != NULL) {
62 0 : return NT_STATUS_NOT_IMPLEMENTED;
63 : }
64 0 : break;
65 321 : case AUTH_PASSWORD_RESPONSE:
66 321 : if (user_info->password.response.lanman.length == 1) {
67 0 : if (user_info->password.response.lanman.data[0] != '\0') {
68 0 : return NT_STATUS_NOT_IMPLEMENTED;
69 : }
70 321 : } else if (user_info->password.response.lanman.length > 1) {
71 8 : return NT_STATUS_NOT_IMPLEMENTED;
72 : }
73 313 : if (user_info->password.response.nt.length > 0) {
74 0 : return NT_STATUS_NOT_IMPLEMENTED;
75 : }
76 313 : break;
77 : }
78 :
79 317 : return NT_STATUS_OK;
80 : }
81 :
82 : /**
83 : * Return a anonymous logon for anonymous users (username = "")
84 : *
85 : * Typically used as the first module in the auth chain, this allows
86 : * anonymou logons to be dealt with in one place. Non-anonymou logons 'fail'
87 : * and pass onto the next module.
88 : **/
89 :
90 : struct anonymous_check_password_state {
91 : struct auth_user_info_dc *user_info_dc;
92 : };
93 :
94 317 : static struct tevent_req *anonymous_check_password_send(
95 : TALLOC_CTX *mem_ctx,
96 : struct tevent_context *ev,
97 : struct auth_method_context *ctx,
98 : const struct auth_usersupplied_info *user_info)
99 : {
100 317 : struct tevent_req *req = NULL;
101 317 : struct anonymous_check_password_state *state = NULL;
102 : NTSTATUS status;
103 :
104 317 : req = tevent_req_create(
105 : mem_ctx,
106 : &state,
107 : struct anonymous_check_password_state);
108 317 : if (req == NULL) {
109 0 : return NULL;
110 : }
111 :
112 597 : status = auth_anonymous_user_info_dc(
113 : state,
114 317 : lpcfg_netbios_name(ctx->auth_ctx->lp_ctx),
115 317 : &state->user_info_dc);
116 317 : if (tevent_req_nterror(req, status)) {
117 0 : return tevent_req_post(req, ev);
118 : }
119 317 : tevent_req_done(req);
120 317 : return tevent_req_post(req, ev);
121 : }
122 :
123 317 : static NTSTATUS anonymous_check_password_recv(
124 : struct tevent_req *req,
125 : TALLOC_CTX *mem_ctx,
126 : struct auth_user_info_dc **interim_info,
127 : bool *authoritative)
128 : {
129 317 : struct anonymous_check_password_state *state = tevent_req_data(
130 : req, struct anonymous_check_password_state);
131 : NTSTATUS status;
132 :
133 317 : if (tevent_req_is_nterror(req, &status)) {
134 0 : tevent_req_received(req);
135 0 : return status;
136 : }
137 317 : *interim_info = talloc_move(mem_ctx, &state->user_info_dc);
138 317 : tevent_req_received(req);
139 317 : return NT_STATUS_OK;
140 : }
141 :
142 :
143 : static const struct auth_operations anonymous_auth_ops = {
144 : .name = "anonymous",
145 : .want_check = anonymous_want_check,
146 : .check_password_send = anonymous_check_password_send,
147 : .check_password_recv = anonymous_check_password_recv,
148 : };
149 :
150 3776 : _PUBLIC_ NTSTATUS auth4_anonymous_init(TALLOC_CTX *ctx)
151 : {
152 : NTSTATUS ret;
153 :
154 3776 : ret = auth_register(ctx, &anonymous_auth_ops);
155 3776 : if (!NT_STATUS_IS_OK(ret)) {
156 0 : DEBUG(0,("Failed to register 'anonymous' auth backend!\n"));
157 0 : return ret;
158 : }
159 :
160 3776 : return ret;
161 : }
|
