4
* Version: $Id: rlm_mschap.c,v 1.59.2.2 2005/08/24 14:37:52 nbk Exp $
4
* Version: $Id: rlm_mschap.c,v 1.59.2.3 2005/10/19 16:49:46 mgriego Exp $
6
6
* This program is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License as published by
61
61
#include "smbdes.h"
63
static const char rcsid[] = "$Id: rlm_mschap.c,v 1.59.2.2 2005/08/24 14:37:52 nbk Exp $";
63
static const char rcsid[] = "$Id: rlm_mschap.c,v 1.59.2.3 2005/10/19 16:49:46 mgriego Exp $";
65
65
static const char *letters = "0123456789ABCDEF";
453
453
* Pull the NT-Domain out of the User-Name, if it exists.
455
455
} else if (strcasecmp(fmt, "NT-Domain") == 0) {
458
458
user_name = pairfind(request->packet->vps, PW_USER_NAME);
459
459
if (!user_name) {
464
p = strchr(user_name->strvalue, '\\');
466
DEBUG2(" rlm_mschap: No NT-Domain was found in the User-Name.");
471
* Hack. This is simpler than the alternatives.
465
* First check to see if this is a host/ style User-Name
466
* (a la Kerberos host principal)
474
strNcpy(out, user_name->strvalue, outlen);
468
if (strncmp(user_name->strvalue, "host/", 5) == 0) {
470
* If we're getting a User-Name formatted in this way,
471
* it's likely due to PEAP. The Windows Domain will be
472
* the first domain component following the hostname,
473
* or the machine name itself if only a hostname is supplied
475
p = strchr(user_name->strvalue, '.');
477
DEBUG2(" rlm_mschap: setting NT-Domain to same as machine name");
478
strNcpy(out, user_name->strvalue + 5, outlen);
480
p++; /* skip the period */
483
* use the same hack as below
484
* only if another period was found
487
strNcpy(out, p, outlen);
491
p = strchr(user_name->strvalue, '\\');
493
DEBUG2(" rlm_mschap: No NT-Domain was found in the User-Name.");
498
* Hack. This is simpler than the alternatives.
501
strNcpy(out, user_name->strvalue, outlen);
477
505
return strlen(out);
491
p = strchr(user_name->strvalue, '\\');
493
p++; /* skip the backslash */
520
* First check to see if this is a host/ style User-Name
521
* (a la Kerberos host principal)
523
if (strncmp(user_name->strvalue, "host/", 5) == 0) {
525
* If we're getting a User-Name formatted in this way,
526
* it's likely due to PEAP. When authenticating this against
527
* a Domain, Windows will expect the User-Name to be in the
528
* format of hostname$, the SAM version of the name, so we
529
* have to convert it to that here. We do so by stripping
530
* off the first 5 characters (host/), and copying everything
531
* from that point to the first period into a string and appending
534
p = strchr(user_name->strvalue, '.');
536
* use the same hack as above
537
* only if a period was found
540
snprintf(out, outlen, "%s$", user_name->strvalue + 5);
495
p = user_name->strvalue; /* use the whole User-Name */
543
p = strchr(user_name->strvalue, '\\');
545
p++; /* skip the backslash */
547
p = user_name->strvalue; /* use the whole User-Name */
549
strNcpy(out, p, outlen);
498
strNcpy(out, p, outlen);
499
552
return strlen(out);