LCOV - code coverage report
Current view: top level - source4/auth/ntlm - auth_anonymous.c (source / functions) Hit Total Coverage
Test: coverage report for master 2f515e9b Lines: 41 57 71.9 %
Date: 2024-04-21 15:09:00 Functions: 4 4 100.0 % 

          Line data    Source code
       1             : /* 
       2             :    Unix SMB/CIFS implementation.
       3             : 
       4             :    Anonymous Authentication
       5             : 
       6             :    Copyright (C) Stefan Metzmacher            2004-2005
       7             :    
       8             :    This program is free software; you can redistribute it and/or modify
       9             :    it under the terms of the GNU General Public License as published by
      10             :    the Free Software Foundation; either version 3 of the License, or
      11             :    (at your option) any later version.
      12             :    
      13             :    This program is distributed in the hope that it will be useful,
      14             :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      16             :    GNU General Public License for more details.
      17             :    
      18             :    You should have received a copy of the GNU General Public License
      19             :    along with this program.  If not, see <http://www.gnu.org/licenses/>.
      20             : */
      21             : 
      22             : #include "includes.h"
      23             : #include <tevent.h>
      24             : #include "auth/auth.h"
      25             : #include "auth/ntlm/auth_proto.h"
      26             : #include "param/param.h"
      27             : #include "lib/util/tevent_ntstatus.h"
      28             : 
      29             : #undef DBGC_CLASS
      30             : #define DBGC_CLASS DBGC_AUTH
      31             : 
      32             : _PUBLIC_ NTSTATUS auth4_anonymous_init(TALLOC_CTX *);
      33             : 
      34             : /**
      35             :  * Return a anonymous logon for anonymous users (username = "")
      36             :  *
      37             :  * Typically used as the first module in the auth chain, this allows
      38             :  * anonymou logons to be dealt with in one place.  Non-anonymou logons 'fail'
      39             :  * and pass onto the next module.
      40             :  **/
      41       14406 : static NTSTATUS anonymous_want_check(struct auth_method_context *ctx,
      42             :                                      TALLOC_CTX *mem_ctx,
      43             :                                      const struct auth_usersupplied_info *user_info)
      44             : {
      45       14406 :         if (user_info->client.account_name && *user_info->client.account_name) {
      46       13802 :                 return NT_STATUS_NOT_IMPLEMENTED;
      47             :         }
      48             : 
      49         604 :         switch (user_info->password_state) {
      50          18 :         case AUTH_PASSWORD_PLAIN:
      51          18 :                 if (user_info->password.plaintext != NULL &&
      52          18 :                     strlen(user_info->password.plaintext) > 0)
      53             :                 {
      54           0 :                         return NT_STATUS_NOT_IMPLEMENTED;
      55             :                 }
      56          18 :                 break;
      57           0 :         case AUTH_PASSWORD_HASH:
      58           0 :                 if (user_info->password.hash.lanman != NULL) {
      59           0 :                         return NT_STATUS_NOT_IMPLEMENTED;
      60             :                 }
      61           0 :                 if (user_info->password.hash.nt != NULL) {
      62           0 :                         return NT_STATUS_NOT_IMPLEMENTED;
      63             :                 }
      64           0 :                 break;
      65         586 :         case AUTH_PASSWORD_RESPONSE:
      66         586 :                 if (user_info->password.response.lanman.length == 1) {
      67           0 :                         if (user_info->password.response.lanman.data[0] != '\0') {
      68           0 :                                 return NT_STATUS_NOT_IMPLEMENTED;
      69             :                         }
      70         586 :                 } else if (user_info->password.response.lanman.length > 1) {
      71          12 :                         return NT_STATUS_NOT_IMPLEMENTED;
      72             :                 }
      73         574 :                 if (user_info->password.response.nt.length > 0) {
      74           0 :                         return NT_STATUS_NOT_IMPLEMENTED;
      75             :                 }
      76         564 :                 break;
      77             :         }
      78             : 
      79         592 :         return NT_STATUS_OK;
      80             : }
      81             : 
      82             : /**
      83             :  * Return a anonymous logon for anonymous users (username = "")
      84             :  *
      85             :  * Typically used as the first module in the auth chain, this allows
      86             :  * anonymou logons to be dealt with in one place.  Non-anonymou logons 'fail'
      87             :  * and pass onto the next module.
      88             :  **/
      89             : 
      90             : struct anonymous_check_password_state {
      91             :         struct auth_user_info_dc *user_info_dc;
      92             : };
      93             : 
      94         592 : static struct tevent_req *anonymous_check_password_send(
      95             :         TALLOC_CTX *mem_ctx,
      96             :         struct tevent_context *ev,
      97             :         struct auth_method_context *ctx,
      98             :         const struct auth_usersupplied_info *user_info)
      99             : {
     100         592 :         struct tevent_req *req = NULL;
     101         592 :         struct anonymous_check_password_state *state = NULL;
     102          10 :         NTSTATUS status;
     103             : 
     104         592 :         req = tevent_req_create(
     105             :                 mem_ctx,
     106             :                 &state,
     107             :                 struct anonymous_check_password_state);
     108         592 :         if (req == NULL) {
     109           0 :                 return NULL;
     110             :         }
     111             : 
     112         592 :         status = auth_anonymous_user_info_dc(
     113             :                 state,
     114         592 :                 lpcfg_netbios_name(ctx->auth_ctx->lp_ctx),
     115         592 :                 &state->user_info_dc);
     116         592 :         if (tevent_req_nterror(req, status)) {
     117           0 :                 return tevent_req_post(req, ev);
     118             :         }
     119         592 :         tevent_req_done(req);
     120         592 :         return tevent_req_post(req, ev);
     121             : }
     122             : 
     123         592 : static NTSTATUS anonymous_check_password_recv(
     124             :         struct tevent_req *req,
     125             :         TALLOC_CTX *mem_ctx,
     126             :         struct auth_user_info_dc **interim_info,
     127             :         const struct authn_audit_info **client_audit_info,
     128             :         const struct authn_audit_info **server_audit_info,
     129             :         bool *authoritative)
     130             : {
     131         592 :         struct anonymous_check_password_state *state = tevent_req_data(
     132             :                 req, struct anonymous_check_password_state);
     133          10 :         NTSTATUS status;
     134             : 
     135         592 :         *client_audit_info = NULL;
     136         592 :         *server_audit_info = NULL;
     137             : 
     138         592 :         if (tevent_req_is_nterror(req, &status)) {
     139           0 :                 tevent_req_received(req);
     140           0 :                 return status;
     141             :         }
     142         592 :         *interim_info = talloc_move(mem_ctx, &state->user_info_dc);
     143         592 :         tevent_req_received(req);
     144         592 :         return NT_STATUS_OK;
     145             : }
     146             : 
     147             : 
     148             : static const struct auth_operations anonymous_auth_ops = {
     149             :         .name                   = "anonymous",
     150             :         .want_check             = anonymous_want_check,
     151             :         .check_password_send    = anonymous_check_password_send,
     152             :         .check_password_recv    = anonymous_check_password_recv,
     153             : };
     154             : 
     155        9681 : _PUBLIC_ NTSTATUS auth4_anonymous_init(TALLOC_CTX *ctx)
     156             : {
     157         837 :         NTSTATUS ret;
     158             : 
     159        9681 :         ret = auth_register(ctx, &anonymous_auth_ops);
     160        9681 :         if (!NT_STATUS_IS_OK(ret)) {
     161           0 :                 DEBUG(0,("Failed to register 'anonymous' auth backend!\n"));
     162           0 :                 return ret;
     163             :         }
     164             : 
     165        9681 :         return ret;
     166             : }

Generated by: LCOV version 1.14