6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * Copyright 2002 The FreeRADIUS server project
21 * Copyright 2002 Alan DeKok <aland@ox.org>
24 #include <freeradius-devel/autoconf.h>
29 #include <freeradius-devel/radiusd.h>
30 #include <freeradius-devel/modules.h>
31 #include <freeradius-devel/conffile.h>
35 static const char rcsid[] = "$Id$";
38 * Define a structure for our module configuration.
40 * These variables do not need to be in a structure, but it's
41 * a lot cleaner to do so, and a pointer to the structure can
42 * be used as the instance handle.
44 typedef struct rlm_smb_t {
51 * A mapping of configuration file names to internal variables.
53 * Note that the string is dynamically allocated, so it MUST
54 * be freed. When the configuration file parse re-reads the string,
55 * it free's the old one, and strdup's the new one, placing the pointer
56 * to the strdup'd string into 'config.string'. This gets around
59 static const CONF_PARSER module_config[] = {
60 { "server", PW_TYPE_STRING_PTR, offsetof(rlm_smb_t,server), NULL, NULL},
61 { "backup", PW_TYPE_STRING_PTR, offsetof(rlm_smb_t,backup), NULL, NULL},
62 { "domain", PW_TYPE_STRING_PTR, offsetof(rlm_smb_t,domain), NULL, NULL},
64 { NULL, -1, 0, NULL, NULL } /* end the list */
68 * Do any per-module initialization that is separate to each
69 * configured instance of the module. e.g. set up connections
70 * to external databases, read configuration files, set up
71 * dictionary entries, etc.
73 * If configuration information is given in the config section
74 * that must be referenced in later calls, store a handle to it
75 * in *instance otherwise put a null pointer there.
77 static int smb_instantiate(CONF_SECTION *conf, void **instance)
82 * Set up a storage area for instance data
84 data = rad_malloc(sizeof(*data));
88 memset(data, 0, sizeof(*data));
91 * If the configuration parameters can't be parsed, then
94 if (cf_section_parse(conf, data, module_config) < 0) {
105 * Authenticate the user with the given password.
107 static int smb_authenticate(void *instance, REQUEST *request)
109 rlm_smb_t *data = (rlm_smb_t *) instance;
113 * We can only authenticate user requests which HAVE
114 * a User-Name attribute.
116 if (!request->username) {
117 radlog(L_AUTH, "rlm_smb: Attribute \"User-Name\" is required for authentication.");
118 return RLM_MODULE_INVALID;
122 * We can only authenticate user requests which HAVE
123 * a User-Password attribute.
125 if (!request->password) {
126 radlog(L_AUTH, "rlm_smb: Attribute \"User-Password\" is required for authentication.");
127 return RLM_MODULE_INVALID;
131 * Ensure that we're being passed a plain-text password,
132 * and not anything else.
134 if (request->password->attribute != PW_PASSWORD) {
135 radlog(L_AUTH, "rlm_smb: Attribute \"User-Password\" is required for authentication. Cannot use \"%s\".", request->password->name);
136 return RLM_MODULE_INVALID;
140 * Call the SMB magic to do the work.
142 rcode = Valid_User(request->username->vp_strvalue,
143 request->password->vp_strvalue,
144 data->server, data->backup, data->domain);
147 case 0: /* success */
148 return RLM_MODULE_OK;
151 case 1: /* network failure */
152 case 2: /* protocol failure */
153 return RLM_MODULE_FAIL;
156 case 3: /* invalid user name or password */
157 return RLM_MODULE_REJECT;
161 * Something weird happened. Give up.
163 return RLM_MODULE_INVALID;
166 static int smb_detach(void *instance)
168 rlm_smb_t *data = (rlm_smb_t *) instance;
170 if (data->server) free(data->server);
171 if (data->backup) free(data->backup);
172 if (data->domain) free(data->domain);
179 * The module name should be the only globally exported symbol.
180 * That is, everything else should be 'static'.
182 * If the module needs to temporarily modify it's instantiation
183 * data, the type should be changed to RLM_TYPE_THREAD_UNSAFE.
184 * The server will then take care of ensuring that the module
185 * is single-threaded.
190 RLM_TYPE_THREAD_UNSAFE, /* type */
191 smb_instantiate, /* instantiation */
192 smb_detach, /* detach */
194 smb_authenticate, /* authentication */
195 NULL, /* authorization */
196 NULL, /* preaccounting */
197 NULL, /* accounting */
198 NULL, /* checksimul */
199 NULL, /* pre-proxy */
200 NULL, /* post-proxy */