← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/likewise-open/oneiric

« back to all changes in this revision

Viewing changes to lsass/server/auth-providers/local-provider/lpmain.c

  • Committer: Bazaar Package Importer
  • Author(s): Scott Salley
  • Date: 2010-11-22 12:06:00 UTC
  • mfrom: (1.1.6 upstream)
  • Revision ID: james.westby@ubuntu.com-20101122120600-8lba1fpceot71wlb
Tags: 6.0.0.53010-1
Likewise Open 6.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
lsass/server/auth-providers/local-provider/lpmain.c
50
50
 
51
51
static
52
52
DWORD
 
53
LocalSetDomainName(
 
54
    IN HANDLE  hProvider,
 
55
    IN uid_t   peerUID,
 
56
    IN gid_t   peerGID,
 
57
    IN DWORD   dwInputBufferSize,
 
58
    IN PVOID   pInputBuffer,
 
59
    OUT DWORD* pdwOutputBufferSize,
 
60
    OUT PVOID* ppOutputBuffer
 
61
    );
 
62
 
 
63
static
 
64
DWORD
 
65
LocalSetDomainSid(
 
66
    IN HANDLE  hProvider,
 
67
    IN uid_t   peerUID,
 
68
    IN gid_t   peerGID,
 
69
    IN DWORD   dwInputBufferSize,
 
70
    IN PVOID   pInputBuffer,
 
71
    OUT DWORD* pdwOutputBufferSize,
 
72
    OUT PVOID* ppOutputBuffer
 
73
    );
 
74
 
 
75
static
 
76
DWORD
53
77
LocalInitializeProvider(
54
78
    OUT PCSTR* ppszProviderName,
55
79
    OUT PLSA_PROVIDER_FUNCTION_TABLE_2* ppFunctionTable
56
80
    )
57
81
{
58
82
    DWORD dwError = 0;
 
83
    NTSTATUS ntStatus = STATUS_SUCCESS;
59
84
    LOCAL_CONFIG config;
60
85
    BOOLEAN bEventLogEnabled = FALSE;
61
86
    PWSTR   pwszUserDN = NULL;
64
89
 
65
90
    memset(&config, 0, sizeof(config));
66
91
 
 
92
    pthread_mutex_init(&gLPGlobals.cfgMutex, NULL);
 
93
 
67
94
    dwError = LocalCfgInitialize(&config);
68
95
    BAIL_ON_LSA_ERROR(dwError);
69
96
 
 
97
    pthread_rwlock_init(&gLPGlobals.rwlock, NULL);
 
98
 
 
99
    ntStatus = LwMapSecurityCreateContext(&gLPGlobals.pSecCtx);
 
100
    BAIL_ON_NT_STATUS(ntStatus);
 
101
 
70
102
    dwError = LocalSyncDomainInfo(
71
103
                    pwszUserDN,
72
104
                    pwszCredentials,
94
126
    *ppFunctionTable = &gLocalProviderAPITable2;
95
127
 
96
128
cleanup:
 
129
    if (dwError == ERROR_SUCCESS &&
 
130
        ntStatus != STATUS_SUCCESS)
 
131
    {
 
132
        dwError = LwNtStatusToWin32Error(ntStatus);
 
133
    }
97
134
 
98
135
    return dwError;
99
136
 
106
143
 
107
144
    LocalCfgFreeContents(&config);
108
145
 
 
146
    LwMapSecurityFreeContext(&gLPGlobals.pSecCtx);
 
147
 
109
148
    *ppszProviderName = NULL;
110
149
    *ppFunctionTable = NULL;
111
150
 
200
239
}
201
240
 
202
241
DWORD
203
 
LocalAuthenticateUser(
 
242
LocalAuthenticateUserPam(
204
243
    HANDLE hProvider,
205
 
    PCSTR  pszLoginId,
206
 
    PCSTR  pszPassword
 
244
    LSA_AUTH_USER_PAM_PARAMS* pParams,
 
245
    PLSA_AUTH_USER_PAM_INFO* ppPamAuthInfo
207
246
    )
208
247
{
209
248
    DWORD dwError = 0;
213
252
    PWSTR pwszPassword = NULL;
214
253
    PLSA_SECURITY_OBJECT pObject = NULL;
215
254
    DWORD dwBadPasswordCount = 0;
 
255
    PLSA_AUTH_USER_PAM_INFO pPamAuthInfo = NULL;
 
256
    BOOLEAN bUserIsGuest = FALSE;
 
257
 
 
258
    if (ppPamAuthInfo)
 
259
    {
 
260
        *ppPamAuthInfo = NULL;
 
261
    }
216
262
 
217
263
    dwError = LocalCheckForQueryAccess(hProvider);
218
264
    BAIL_ON_LSA_ERROR(dwError);
219
265
 
 
266
    dwError = LwAllocateMemory(
 
267
                    sizeof(*pPamAuthInfo),
 
268
                    (PVOID*)&pPamAuthInfo);
 
269
    BAIL_ON_LSA_ERROR(dwError);
 
270
 
220
271
    dwError = LocalDirFindObjectByGenericName(
221
272
        hProvider,
222
273
        0,
223
274
        LSA_OBJECT_TYPE_USER,
224
 
        pszLoginId,
 
275
        pParams->pszLoginName,
225
276
        &pObject);
226
277
    BAIL_ON_LSA_ERROR(dwError);
227
278
 
232
283
 
233
284
    /* Check for disable, expired, etc..  accounts */
234
285
 
 
286
    dwError = LocalCheckIsGuest(pObject, &bUserIsGuest);
 
287
    BAIL_ON_LSA_ERROR(dwError);
 
288
 
 
289
    if (bUserIsGuest)
 
290
    {
 
291
        dwError = LW_ERROR_LOGON_FAILURE;
 
292
        BAIL_ON_LSA_ERROR(dwError);
 
293
    }
 
294
 
235
295
    dwError = LocalCheckAccountFlags(pObject);
236
296
    BAIL_ON_LSA_ERROR(dwError);
237
297
 
242
302
                  &dwBadPasswordCount);
243
303
    BAIL_ON_LSA_ERROR(dwError);
244
304
 
245
 
    if (pszPassword)
 
305
    if (pParams->pszPassword)
246
306
    {
247
 
        dwError = LsaMbsToWc16s(
248
 
                        pszPassword,
 
307
        dwError = LwMbsToWc16s(
 
308
                        pParams->pszPassword,
249
309
                        &pwszPassword);
250
310
        BAIL_ON_LSA_ERROR(dwError);
251
311
    }
270
330
    }
271
331
    BAIL_ON_LSA_ERROR(dwError);
272
332
 
 
333
    if (ppPamAuthInfo)
 
334
    {
 
335
        *ppPamAuthInfo = pPamAuthInfo;
 
336
    }
 
337
 
273
338
cleanup:
274
339
 
275
340
    LsaUtilFreeSecurityObject(pObject);
281
346
    {
282
347
        dwError = dwUpdateError;
283
348
    }
284
 
 
285
349
    return dwError;
286
350
 
287
351
error:
288
352
 
 
353
    if (pPamAuthInfo)
 
354
    {
 
355
        LsaFreeAuthUserPamInfo(pPamAuthInfo);
 
356
    }
 
357
 
289
358
    goto cleanup;
290
359
}
291
360
 
326
395
    {
327
396
        LSA_LOG_DEBUG(
328
397
                "Failed to find user '%s' while validating login "
329
 
                "[error code:%d]",
 
398
                "[error code:%u]",
330
399
                pszLoginId,
331
400
                dwError);
332
401
        dwError = LW_ERROR_NOT_HANDLED;
405
474
                    pszPassword);
406
475
    BAIL_ON_LSA_ERROR(dwError);
407
476
 
408
 
    dwError = LsaMbsToWc16s(
 
477
    dwError = LwMbsToWc16s(
409
478
                        (pszPassword ? pszPassword : ""),
410
479
                        &pwszNewPassword);
411
480
    BAIL_ON_LSA_ERROR(dwError);
412
481
 
413
 
    dwError = LsaMbsToWc16s(
 
482
    dwError = LwMbsToWc16s(
414
483
                        (pszOldPassword ? pszOldPassword : ""),
415
484
                        &pwszOldPassword);
416
485
    BAIL_ON_LSA_ERROR(dwError);
469
538
                    pszPassword);
470
539
    BAIL_ON_LSA_ERROR(dwError);
471
540
 
472
 
    dwError = LsaMbsToWc16s(
 
541
    dwError = LwMbsToWc16s(
473
542
                        (pszPassword ? pszPassword : ""),
474
543
                        &pwszNewPassword);
475
544
    BAIL_ON_LSA_ERROR(dwError);
853
922
{
854
923
    DWORD dwError = 0;
855
924
    PLSA_AUTH_PROVIDER_STATUS pProviderStatus = NULL;
 
925
    BOOLEAN bInLock = FALSE;
856
926
 
857
927
    dwError = LwAllocateMemory(
858
928
                   sizeof(LSA_AUTH_PROVIDER_STATUS),
867
937
    pProviderStatus->mode = LSA_PROVIDER_MODE_LOCAL_SYSTEM;
868
938
    pProviderStatus->status = LSA_AUTH_PROVIDER_STATUS_ONLINE;
869
939
 
 
940
    LOCAL_RDLOCK_RWLOCK(bInLock, &gLPGlobals.rwlock);
 
941
 
 
942
    dwError = LwAllocateString(
 
943
                    gLPGlobals.pszLocalDomain,
 
944
                    &pProviderStatus->pszDomain);
 
945
    BAIL_ON_LSA_ERROR(dwError);
 
946
 
870
947
    *ppProviderStatus = pProviderStatus;
871
948
 
872
949
cleanup:
873
950
 
 
951
    LOCAL_UNLOCK_RWLOCK(bInLock, &gLPGlobals.rwlock);
 
952
 
874
953
    return dwError;
875
954
 
876
955
error:
897
976
    dwError = LocalCfgReadRegistry(&config);
898
977
    BAIL_ON_LSA_ERROR(dwError);
899
978
 
900
 
    LOCAL_LOCK_MUTEX(bInLock, &gLPGlobals.mutex);
 
979
    LOCAL_LOCK_MUTEX(bInLock, &gLPGlobals.cfgMutex);
901
980
 
902
981
    dwError = LocalCfgTransferContents(
903
982
                    &config,
904
983
                    &gLPGlobals.cfg);
905
984
    BAIL_ON_LSA_ERROR(dwError);
906
985
 
907
 
    LOCAL_UNLOCK_MUTEX(bInLock, &gLPGlobals.mutex);
 
986
    LOCAL_UNLOCK_MUTEX(bInLock, &gLPGlobals.cfgMutex);
908
987
 
909
988
    LocalEventLogConfigReload();
910
989
 
911
990
cleanup:
912
991
 
913
 
    LOCAL_UNLOCK_MUTEX(bInLock, &gLPGlobals.mutex);
 
992
    LOCAL_UNLOCK_MUTEX(bInLock, &gLPGlobals.cfgMutex);
914
993
 
915
994
    return dwError;
916
995
 
948
1027
    )
949
1028
{
950
1029
    DWORD dwError = 0;
 
1030
    PVOID pOutputBuffer = NULL;
 
1031
    DWORD dwOutputBufferSize = 0;
951
1032
 
952
1033
    switch (dwIoControlCode)
953
1034
    {
 
1035
    case LSA_LOCAL_IO_SETDOMAINNAME:
 
1036
        dwError = LocalSetDomainName(hProvider,
 
1037
                                     peerUID,
 
1038
                                     peerGID,
 
1039
                                     dwInputBufferSize,
 
1040
                                     pInputBuffer,
 
1041
                                     NULL,
 
1042
                                     NULL);
 
1043
        break;
 
1044
 
 
1045
    case LSA_LOCAL_IO_SETDOMAINSID:
 
1046
        dwError = LocalSetDomainSid(hProvider,
 
1047
                                    peerUID,
 
1048
                                    peerGID,
 
1049
                                    dwInputBufferSize,
 
1050
                                    pInputBuffer,
 
1051
                                    NULL,
 
1052
                                    NULL);
 
1053
        break;
 
1054
 
954
1055
    default:
955
1056
        dwError = LW_ERROR_NOT_HANDLED;
956
1057
        break;
957
1058
    }
958
1059
    BAIL_ON_LSA_ERROR(dwError);
959
1060
 
 
1061
    *pdwOutputBufferSize = dwOutputBufferSize;
 
1062
    *ppOutputBuffer      = pOutputBuffer;
 
1063
 
960
1064
cleanup:
961
1065
    return dwError;
962
1066
 
967
1071
    goto cleanup;
968
1072
}
969
1073
 
 
1074
static
 
1075
DWORD
 
1076
LocalSetDomainName(
 
1077
    IN HANDLE  hProvider,
 
1078
    IN uid_t   peerUID,
 
1079
    IN gid_t   peerGID,
 
1080
    IN DWORD   dwInputBufferSize,
 
1081
    IN PVOID   pInputBuffer,
 
1082
    OUT DWORD* pdwOutputBufferSize,
 
1083
    OUT PVOID* ppOutputBuffer
 
1084
    )
 
1085
{
 
1086
    DWORD dwError = ERROR_SUCCESS;
 
1087
 
 
1088
    if (peerUID)
 
1089
    {
 
1090
        dwError = LW_ERROR_ACCESS_DENIED;
 
1091
        BAIL_ON_LSA_ERROR(dwError);
 
1092
    }
 
1093
 
 
1094
    dwError = LocalDirSetDomainName((PSTR)pInputBuffer);
 
1095
    BAIL_ON_LSA_ERROR(dwError);
 
1096
 
 
1097
cleanup:
 
1098
    return dwError;
 
1099
 
 
1100
error:
 
1101
    goto cleanup;
 
1102
}
 
1103
 
 
1104
static
 
1105
DWORD
 
1106
LocalSetDomainSid(
 
1107
    IN HANDLE  hProvider,
 
1108
    IN uid_t   peerUID,
 
1109
    IN gid_t   peerGID,
 
1110
    IN DWORD   dwInputBufferSize,
 
1111
    IN PVOID   pInputBuffer,
 
1112
    OUT DWORD* pdwOutputBufferSize,
 
1113
    OUT PVOID* ppOutputBuffer
 
1114
    )
 
1115
{
 
1116
    DWORD dwError = ERROR_SUCCESS;
 
1117
 
 
1118
    if (peerUID)
 
1119
    {
 
1120
        dwError = LW_ERROR_ACCESS_DENIED;
 
1121
        BAIL_ON_LSA_ERROR(dwError);
 
1122
    }
 
1123
 
 
1124
    dwError = LocalDirSetDomainSid((PSTR)pInputBuffer);
 
1125
    BAIL_ON_LSA_ERROR(dwError);
 
1126
 
 
1127
cleanup:
 
1128
    return dwError;
 
1129
 
 
1130
error:
 
1131
    goto cleanup;
 
1132
}
 
1133
 
970
1134
DWORD
971
1135
LocalFindObjects(
972
1136
    IN HANDLE hProvider,
1089
1253
}
1090
1254
 
1091
1255
DWORD
 
1256
LocalGetSmartCardUserObject(
 
1257
    IN HANDLE hProvider,
 
1258
    OUT PLSA_SECURITY_OBJECT* ppObject,
 
1259
    OUT PSTR* ppszSmartCardReader
 
1260
    )
 
1261
{
 
1262
    *ppObject = NULL;
 
1263
    *ppszSmartCardReader = NULL;
 
1264
 
 
1265
    return LW_ERROR_NOT_HANDLED;
 
1266
}
 
1267
 
 
1268
DWORD
1092
1269
LocalShutdownProvider(
1093
1270
    VOID
1094
1271
    )
1095
1272
{
 
1273
    DWORD dwError = ERROR_SUCCESS;
 
1274
    BOOLEAN bLocked = FALSE;
 
1275
    BOOLEAN bCfgLocked = FALSE;
 
1276
 
 
1277
    LOCAL_WRLOCK_RWLOCK(bLocked, &gLPGlobals.rwlock);
 
1278
 
 
1279
    LwMapSecurityFreeContext(&gLPGlobals.pSecCtx);
 
1280
 
1096
1281
    LW_SAFE_FREE_STRING(gLPGlobals.pszLocalDomain);
1097
1282
    LW_SAFE_FREE_STRING(gLPGlobals.pszNetBIOSName);
1098
 
 
1099
 
    return 0;
 
1283
    RTL_FREE(&gLPGlobals.pLocalDomainSID);
 
1284
 
 
1285
    LOCAL_LOCK_MUTEX(bCfgLocked, &gLPGlobals.cfgMutex);
 
1286
 
 
1287
    LocalCfgFreeContents(&gLPGlobals.cfg);
 
1288
 
 
1289
    LOCAL_UNLOCK_MUTEX(bCfgLocked, &gLPGlobals.cfgMutex);
 
1290
    LOCAL_UNLOCK_RWLOCK(bLocked, &gLPGlobals.rwlock);
 
1291
 
 
1292
    pthread_rwlock_destroy(&gLPGlobals.rwlock);
 
1293
 
 
1294
    return dwError;
1100
1295
}
1101
1296
 
1102
1297
DWORD
1108
1303
    return LocalInitializeProvider(ppszProviderName, ppFunctionTable);
1109
1304
}
1110
1305
 
 
1306
 
1111
1307
/*
1112
1308
local variables:
1113
1309
mode: c