LCOV - code coverage report
Current view: top level - source3/auth - auth_builtin.c (source / functions) Hit Total Coverage
Test: coverage report for master 2f515e9b Lines: 23 64 35.9 %
Date: 2024-04-21 15:09:00 Functions: 3 5 60.0 % 

          Line data    Source code
       1             : /* 
       2             :    Unix SMB/CIFS implementation.
       3             :    Generic authentication types
       4             :    Copyright (C) Andrew Bartlett         2001-2002
       5             :    Copyright (C) Jelmer Vernooij              2002
       6             : 
       7             :    This program is free software; you can redistribute it and/or modify
       8             :    it under the terms of the GNU General Public License as published by
       9             :    the Free Software Foundation; either version 3 of the License, or
      10             :    (at your option) any later version.
      11             : 
      12             :    This program is distributed in the hope that it will be useful,
      13             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :    GNU General Public License for more details.
      16             : 
      17             :    You should have received a copy of the GNU General Public License
      18             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      19             : */
      20             : 
      21             : #include "includes.h"
      22             : #include "auth.h"
      23             : #include "lib/util/string_wrappers.h"
      24             : 
      25             : #undef DBGC_CLASS
      26             : #define DBGC_CLASS DBGC_AUTH
      27             : 
      28             : /**
      29             :  * Return a guest logon for anonymous users (username = "")
      30             :  *
      31             :  * Typically used as the first module in the auth chain, this allows
      32             :  * guest logons to be dealt with in one place.  Non-guest logons 'fail'
      33             :  * and pass onto the next module.
      34             :  **/
      35             : 
      36       23371 : static NTSTATUS check_anonymous_security(const struct auth_context *auth_context,
      37             :                                 void *my_private_data,
      38             :                                 TALLOC_CTX *mem_ctx,
      39             :                                 const struct auth_usersupplied_info *user_info,
      40             :                                 struct auth_serversupplied_info **server_info)
      41             : {
      42       23371 :         DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
      43             : 
      44       23371 :         if (user_info->mapped.account_name && *user_info->mapped.account_name) {
      45             :                 /* mark this as 'not for me' */
      46       22827 :                 return NT_STATUS_NOT_IMPLEMENTED;
      47             :         }
      48             : 
      49         544 :         switch (user_info->password_state) {
      50           0 :         case AUTH_PASSWORD_PLAIN:
      51           0 :                 if (user_info->password.plaintext != NULL &&
      52           0 :                     strlen(user_info->password.plaintext) > 0)
      53             :                 {
      54             :                         /* mark this as 'not for me' */
      55           0 :                         return NT_STATUS_NOT_IMPLEMENTED;
      56             :                 }
      57           0 :                 break;
      58           0 :         case AUTH_PASSWORD_HASH:
      59           0 :                 if (user_info->password.hash.lanman != NULL) {
      60             :                         /* mark this as 'not for me' */
      61           0 :                         return NT_STATUS_NOT_IMPLEMENTED;
      62             :                 }
      63           0 :                 if (user_info->password.hash.nt != NULL) {
      64             :                         /* mark this as 'not for me' */
      65           0 :                         return NT_STATUS_NOT_IMPLEMENTED;
      66             :                 }
      67           0 :                 break;
      68         544 :         case AUTH_PASSWORD_RESPONSE:
      69         544 :                 if (user_info->password.response.lanman.length == 1) {
      70           0 :                         if (user_info->password.response.lanman.data[0] != '\0') {
      71             :                                 /* mark this as 'not for me' */
      72           0 :                                 return NT_STATUS_NOT_IMPLEMENTED;
      73             :                         }
      74         544 :                 } else if (user_info->password.response.lanman.length > 1) {
      75             :                         /* mark this as 'not for me' */
      76          10 :                         return NT_STATUS_NOT_IMPLEMENTED;
      77             :                 }
      78         534 :                 if (user_info->password.response.nt.length > 0) {
      79             :                         /* mark this as 'not for me' */
      80           0 :                         return NT_STATUS_NOT_IMPLEMENTED;
      81             :                 }
      82         534 :                 break;
      83             :         }
      84             : 
      85         534 :         return make_server_info_anonymous(NULL, server_info);
      86             : }
      87             : 
      88             : /* Guest modules initialisation */
      89             : 
      90       77047 : static NTSTATUS auth_init_anonymous(
      91             :         struct auth_context *auth_context,
      92             :         const char *options,
      93             :         struct auth_methods **auth_method)
      94             : {
      95           0 :         struct auth_methods *result;
      96             : 
      97       77047 :         result = talloc_zero(auth_context, struct auth_methods);
      98       77047 :         if (result == NULL) {
      99           0 :                 return NT_STATUS_NO_MEMORY;
     100             :         }
     101       77047 :         result->auth = check_anonymous_security;
     102       77047 :         result->name = "anonymous";
     103             : 
     104       77047 :         *auth_method = result;
     105       77047 :         return NT_STATUS_OK;
     106             : }
     107             : 
     108             : #ifdef DEVELOPER
     109             : /** 
     110             :  * Return an error based on username
     111             :  *
     112             :  * This function allows the testing of obscure errors, as well as the generation
     113             :  * of NT_STATUS -> DOS error mapping tables.
     114             :  *
     115             :  * This module is of no value to end-users.
     116             :  *
     117             :  * The password is ignored.
     118             :  *
     119             :  * @return An NTSTATUS value based on the username
     120             :  **/
     121             : 
     122           0 : static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_context,
     123             :                                                 void *my_private_data, 
     124             :                                                 TALLOC_CTX *mem_ctx,
     125             :                                                 const struct auth_usersupplied_info *user_info,
     126             :                                                 struct auth_serversupplied_info **server_info)
     127             : {
     128           0 :         NTSTATUS nt_status;
     129           0 :         fstring user;
     130           0 :         long error_num;
     131             : 
     132           0 :         DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
     133             : 
     134           0 :         fstrcpy(user, user_info->client.account_name);
     135             : 
     136           0 :         if (strnequal("NT_STATUS", user, strlen("NT_STATUS"))) {
     137           0 :                 if (!strupper_m(user)) {
     138           0 :                         return NT_STATUS_INVALID_PARAMETER;
     139             :                 }
     140           0 :                 return nt_status_string_to_code(user);
     141             :         }
     142             : 
     143           0 :         if (!strlower_m(user)) {
     144           0 :                 return NT_STATUS_INVALID_PARAMETER;
     145             :         }
     146           0 :         error_num = strtoul(user, NULL, 16);
     147             : 
     148           0 :         DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num));
     149             : 
     150           0 :         nt_status = NT_STATUS(error_num);
     151             : 
     152           0 :         return nt_status;
     153             : }
     154             : 
     155             : /** Module initialisation function */
     156             : 
     157           0 : static NTSTATUS auth_init_name_to_ntstatus(
     158             :         struct auth_context *auth_context,
     159             :         const char *param,
     160             :         struct auth_methods **auth_method)
     161             : {
     162           0 :         struct auth_methods *result;
     163             : 
     164           0 :         result = talloc_zero(auth_context, struct auth_methods);
     165           0 :         if (result == NULL) {
     166           0 :                 return NT_STATUS_NO_MEMORY;
     167             :         }
     168           0 :         result->auth = check_name_to_ntstatus_security;
     169           0 :         result->name = "name_to_ntstatus";
     170             : 
     171           0 :         *auth_method = result;
     172           0 :         return NT_STATUS_OK;
     173             : }
     174             : 
     175             : #endif /* DEVELOPER */
     176             : 
     177       31355 : NTSTATUS auth_builtin_init(TALLOC_CTX *mem_ctx)
     178             : {
     179       31355 :         smb_register_auth(AUTH_INTERFACE_VERSION, "anonymous", auth_init_anonymous);
     180             : #ifdef DEVELOPER
     181       31355 :         smb_register_auth(AUTH_INTERFACE_VERSION, "name_to_ntstatus", auth_init_name_to_ntstatus);
     182             : #endif
     183       31355 :         return NT_STATUS_OK;
     184             : }

Generated by: LCOV version 1.14