3
# smb_auth - SMB proxy authentication module
4
# Copyright (C) 1998 Richard Huveneers <richard@hekkihek.hacom.nl>
6
# This program is free software; you can redistribute it and/or modify
7
# it under the terms of the GNU General Public License as published by
8
# the Free Software Foundation; either version 2 of the License, or
9
# (at your option) any later version.
11
# This program is distributed in the hope that it will be useful,
12
# but WITHOUT ANY WARRANTY; without even the implied warranty of
13
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
# GNU General Public License for more details.
16
# You should have received a copy of the GNU General Public License
17
# along with this program; if not, write to the Free Software
18
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29
# Find domain controller
30
echo "Domain name: $DOMAINNAME"
31
if [ -n "$PASSTHROUGH" ]
33
echo "Pass-through authentication: yes: $PASSTHROUGH"
35
echo "Pass-through authentication: no"
36
PASSTHROUGH="$DOMAINNAME"
40
if [ "$NMBCAST" = "1" ]
42
addropt="-U $NMBADDR -R"
49
echo "Query address options: $addropt"
50
dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
51
echo "Domain controller IP address: $dcip"
52
[ -n "$dcip" ] || exit 1
54
# All right, we have the IP address of a domain controller,
55
# but we need its name too
56
dcname=`$SAMBAPREFIX/bin/nmblookup -A $dcip | awk '$2 == "<00>" { print $1 ; exit }'`
57
echo "Domain controller NETBIOS name: $dcname"
58
[ -n "$dcname" ] || exit 1
60
# Pass password to smbclient through environment. Not really safe.
61
USER="$SMBUSER%$SMBPASS"
64
# Read the contents of the file $AUTHFILE on the $AUTHSHARE share
65
authfilebs=`echo "$AUTHFILE" | tr / '\\\\'`
66
authinfo=`$SAMBAPREFIX/bin/smbclient "//$dcname/$AUTHSHARE" -I $dcip -d 0 -E -W "$DOMAINNAME" -c "get $authfilebs -" 2>/dev/null`
67
echo "Contents of //$dcname/$AUTHSHARE/$AUTHFILE: $authinfo"
69
# Allow for both \n and \r\n end-of-line termination
70
[ "$authinfo" = "allow" -o "$authinfo" = "allow