The branch, master has been updated via 9322fa4 s3: Lift smbd_server_fd() from smb_pam_passcheck via 26ee305 s3: Lift smbd_server_fd() from smb_pam_start from 619c348 s3: Pass "private_data" through string_combinations()
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 9322fa4077a9c15c9b5431ac2369b50bfffbb73d Author: Volker Lendecke <v...@samba.org> Date: Sat Aug 21 14:41:01 2010 +0200 s3: Lift smbd_server_fd() from smb_pam_passcheck commit 26ee30585dbffd7e887c48ddf0900fe0afd90e47 Author: Volker Lendecke <v...@samba.org> Date: Sat Aug 21 14:38:11 2010 +0200 s3: Lift smbd_server_fd() from smb_pam_start smb_pam_passcheck() is the only caller that fills in NULL, all other callers now properly fill rhost ----------------------------------------------------------------------- Summary of changes: source3/auth/pampass.c | 22 +++++----------------- source3/auth/pass_check.c | 9 ++++++++- source3/include/proto.h | 3 ++- 3 files changed, 15 insertions(+), 19 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c index 9d5b9f5..7c09c16 100644 --- a/source3/auth/pampass.c +++ b/source3/auth/pampass.c @@ -479,10 +479,6 @@ static bool smb_pam_end(pam_handle_t *pamh, struct pam_conv *smb_pam_conv_ptr) static bool smb_pam_start(pam_handle_t **pamh, const char *user, const char *rhost, struct pam_conv *pconv) { int pam_error; -#if HAVE_PAM_RHOST - const char *our_rhost; - char addr[INET6_ADDRSTRLEN]; -#endif *pamh = (pam_handle_t *)NULL; @@ -495,17 +491,8 @@ static bool smb_pam_start(pam_handle_t **pamh, const char *user, const char *rho } #if HAVE_PAM_RHOST - if (rhost == NULL) { - our_rhost = client_name(smbd_server_fd()); - if (strequal(our_rhost,"UNKNOWN")) - our_rhost = client_addr(smbd_server_fd(), addr, - sizeof(addr)); - } else { - our_rhost = rhost; - } - - DEBUG(4,("smb_pam_start: PAM: setting rhost to: %s\n", our_rhost)); - pam_error = pam_set_item(*pamh, PAM_RHOST, our_rhost); + DEBUG(4,("smb_pam_start: PAM: setting rhost to: %s\n", rhost)); + pam_error = pam_set_item(*pamh, PAM_RHOST, rhost); if(!smb_pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) { smb_pam_end(*pamh, pconv); *pamh = (pam_handle_t *)NULL; @@ -819,7 +806,8 @@ NTSTATUS smb_pam_accountcheck(const char *user, const char *rhost) * PAM Password Validation Suite */ -NTSTATUS smb_pam_passcheck(const char * user, const char * password) +NTSTATUS smb_pam_passcheck(const char * user, const char * password, + const char * rhost) { pam_handle_t *pamh = NULL; NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE; @@ -834,7 +822,7 @@ NTSTATUS smb_pam_passcheck(const char * user, const char * password) if ((pconv = smb_setup_pam_conv(smb_pam_conv, user, password, NULL)) == NULL) return NT_STATUS_LOGON_FAILURE; - if (!smb_pam_start(&pamh, user, NULL, pconv)) + if (!smb_pam_start(&pamh, user, rhost, pconv)) return NT_STATUS_LOGON_FAILURE; if (!NT_STATUS_IS_OK(nt_status = smb_pam_auth(pamh, user))) { diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c index 5943761..a4bc6b5 100644 --- a/source3/auth/pass_check.c +++ b/source3/auth/pass_check.c @@ -553,7 +553,14 @@ core of password checking routine static NTSTATUS password_check(const char *password, void *private_data) { #ifdef WITH_PAM - return smb_pam_passcheck(get_this_user(), password); + const char *rhost; + char addr[INET6_ADDRSTRLEN]; + + rhost = client_name(smbd_server_fd()); + if (strequal(rhost,"UNKNOWN")) + rhost = client_addr(smbd_server_fd(), addr, sizeof(addr)); + + return smb_pam_passcheck(get_this_user(), rhost, password); #else bool ret; diff --git a/source3/include/proto.h b/source3/include/proto.h index 1cafe9b..7d16559 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -222,7 +222,8 @@ NTSTATUS auth_wbc_init(void); bool smb_pam_claim_session(char *user, char *tty, char *rhost); bool smb_pam_close_session(char *user, char *tty, char *rhost); NTSTATUS smb_pam_accountcheck(const char *user, const char *rhost); -NTSTATUS smb_pam_passcheck(const char * user, const char * password); +NTSTATUS smb_pam_passcheck(const char * user, const char * password, + const char * rhost); bool smb_pam_passchange(const char *user, const char *rhost, const char *oldpassword, const char *newpassword); bool smb_pam_claim_session(char *user, char *tty, char *rhost); -- Samba Shared Repository