]>
Commit | Line | Data |
---|---|---|
94439e4e | 1 | #!/bin/sh |
2 | # | |
3 | # smb_auth - SMB proxy authentication module | |
4 | # Copyright (C) 1998 Richard Huveneers <richard@hekkihek.hacom.nl> | |
5 | # | |
6 | # This program is free software; you can redistribute it and/or modify | |
7 | # it under the terms of the GNU General Public License as published by | |
8 | # the Free Software Foundation; either version 2 of the License, or | |
9 | # (at your option) any later version. | |
10 | # | |
11 | # This program is distributed in the hope that it will be useful, | |
12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | # GNU General Public License for more details. | |
15 | # | |
16 | # You should have received a copy of the GNU General Public License | |
17 | # along with this program; if not, write to the Free Software | |
18 | # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. | |
19 | ||
20 | read DOMAINNAME | |
21 | read PASSTHROUGH | |
22 | read NMBADDR | |
23 | read NMBCAST | |
24 | read AUTHSHARE | |
25 | read AUTHFILE | |
26 | read SMBUSER | |
27 | read SMBPASS | |
28 | ||
29 | # Find domain controller | |
30 | echo "Domain name: $DOMAINNAME" | |
31 | if [ -n "$PASSTHROUGH" ] | |
32 | then | |
33 | echo "Pass-through authentication: yes: $PASSTHROUGH" | |
34 | else | |
35 | echo "Pass-through authentication: no" | |
36 | PASSTHROUGH="$DOMAINNAME" | |
37 | fi | |
38 | if [ -n "$NMBADDR" ] | |
39 | then | |
40 | if [ "$NMBCAST" = "1" ] | |
41 | then | |
42 | addropt="-U $NMBADDR -R" | |
43 | else | |
44 | addropt="-B $NMBADDR" | |
45 | fi | |
46 | else | |
47 | addropt="" | |
48 | fi | |
49 | echo "Query address options: $addropt" | |
50 | dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` | |
51 | echo "Domain controller IP address: $dcip" | |
52 | [ -n "$dcip" ] || exit 1 | |
53 | ||
54 | # All right, we have the IP address of a domain controller, | |
55 | # but we need its name too | |
56 | dcname=`$SAMBAPREFIX/bin/nmblookup -A $dcip | awk '$2 == "<00>" { print $1 ; exit }'` | |
57 | echo "Domain controller NETBIOS name: $dcname" | |
58 | [ -n "$dcname" ] || exit 1 | |
59 | ||
60 | # Pass password to smbclient through environment. Not really safe. | |
61 | USER="$SMBUSER%$SMBPASS" | |
62 | export USER | |
63 | ||
64 | # Read the contents of the file $AUTHFILE on the $AUTHSHARE share | |
65 | authfilebs=`echo "$AUTHFILE" | tr / '\\\\'` | |
66 | authinfo=`$SAMBAPREFIX/bin/smbclient "//$dcname/$AUTHSHARE" -I $dcip -d 0 -E -W "$DOMAINNAME" -c "get $authfilebs -" 2>/dev/null` | |
67 | echo "Contents of //$dcname/$AUTHSHARE/$AUTHFILE: $authinfo" | |
68 | ||
69 | # Allow for both \n and \r\n end-of-line termination | |
70 | [ "$authinfo" = "allow" -o "$authinfo" = "allow\r" ] || exit 1 | |
71 | exit 0 |