password API needed

Luke Kenneth Casson Leighton lkcl at switchboard.net
Thu Jun 4 14:45:20 GMT 1998 

danny,

the three functions at the bottom of this table are suggested extensions
(funnily enough, first made by jean francois six weeks ago: i considered
that this was not a Good Thing at the time...) to the password api.

as password.c calls smb_password_check() in password_ok(), i considered
that it would be best to pass in the username and the passwords to these
functions, then to return a struct smb_passwd (or struct passwd) iff the
username exists and the password is correct.

the unix_password_check() function is for clear-text cases; it is
completely irrelevant when "encrypted passwords = yes".  likewise,
smb_password_check() and smb_password_chal() and also NT domain logins are
completely irrelevant when "encrypted passwords = no".

what you reckon?  can you write these three functions into huji.c?

luke


/*
 * Each implementation of the password database code needs
 * to support the following operations.
 */

struct passdb_ops {
  /*
   * Password database ops.
   */
  void *(*startsmbpwent)(BOOL);
  void (*endsmbpwent)(void *);
  unsigned long (*getsmbpwpos)(void *);
  BOOL (*setsmbpwpos)(void *, unsigned long);

  /*
   * smb password database query functions.
   */
  struct smb_passwd *(*getsmbpwnam)(char *);
  struct smb_passwd *(*getsmbpwuid)(uid_t);
  struct smb_passwd *(*getsmbpwent)(void *);

  /*
   * smb password database modification functions.
   */
  BOOL (*add_smbpwd_entry)(struct smb_passwd *);
  BOOL (*mod_smbpwd_entry)(struct smb_passwd *, BOOL);

  /*
   * Functions that manupulate a struct sam_passwd.
   */
  struct sam_passwd *(*getsam21pwent)(void *);

  /*
   * sam password database query functions.
   */
  struct sam_passwd *(*getsam21pwnam)(char *);
  struct sam_passwd *(*getsam21pwuid)(uid_t);
  struct sam_passwd *(*getsam21pwrid)(uint32);

  /*
   * sam password database modification functions.
   */
  BOOL (*add_sam21pwd_entry)(struct sam_passwd *);
  BOOL (*mod_sam21pwd_entry)(struct sam_passwd *, BOOL);

  /*
   * sam query display info functions.
   */
  struct sam_disp_info *(*getsamdispnam)(char *);
  struct sam_disp_info *(*getsamdisprid)(uint32);
  struct sam_disp_info *(*getsamdispent)(void *);

  /*
   * password checking functions
   */
  struct smb_passwd *(*smb_password_chal  )(char *username, char lm_pass[24], char nt_pass[24], char chal[8]);
  struct smb_passwd *(*smb_password_check )(char *username, char lm_hash[16], char nt_hash[16],
  struct passwd     *(*unix_password_check)(char *username, char *pass, int pass_len);

};
~

More information about the samba-technical mailing list