sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-27 14:04:05 +03:00
Code

Updates to winbind's PAM client and server - make the debug logs

Browse Source 
work a bit better for password changing.

Andrew Bartlett
(This used to be commit 425782ba32554b90d592493a1928a926e492bb2a)
This commit is contained in:
Andrew Bartlett 2002-10-26 00:55:14 +00:00
parent 3103303d2a
commit 185a232ae0
2 changed files with 44 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
source3/nsswitch/pam_winbind.c
View File

@ -134,22 +134,15 @@ static int pam_winbind_request(enum winbindd_cmd req_type,
return PAM_SUCCESS;
}
/* talk to winbindd */
static int winbind_auth_request(const char *user, const char *pass, int ctrl)
static int pam_winbind_request_log(enum winbindd_cmd req_type,
struct winbindd_request *request,
struct winbindd_response *response,
int ctrl,
const char *user)
{
struct winbindd_request request;
struct winbindd_response response;
int retval;
ZERO_STRUCT(request);
strncpy(request.data.auth.user, user,
sizeof(request.data.auth.user)-1);
strncpy(request.data.auth.pass, pass,
sizeof(request.data.auth.pass)-1);
retval = pam_winbind_request(WINBINDD_PAM_AUTH, &request, &response);
retval = pam_winbind_request(req_type, request, response);
switch (retval) {
case PAM_AUTH_ERR:
@ -178,8 +171,16 @@ static int winbind_auth_request(const char *user, const char *pass, int ctrl)
}
return retval;
case PAM_SUCCESS:
/* Otherwise, the authentication looked good */
_pam_log(LOG_NOTICE, "user '%s' granted acces", user);
if (req_type == WINBINDD_PAM_AUTH) {
/* Otherwise, the authentication looked good */
_pam_log(LOG_NOTICE, "user '%s' granted acces", user);
} else if (req_type == WINBINDD_PAM_CHAUTHTOK) {
/* Otherwise, the authentication looked good */
_pam_log(LOG_NOTICE, "user '%s' password changed", user);
} else {
/* Otherwise, the authentication looked good */
_pam_log(LOG_NOTICE, "user '%s' OK", user);
}
return retval;
default:
/* we don't know anything about this return value */
@ -187,12 +188,29 @@ static int winbind_auth_request(const char *user, const char *pass, int ctrl)
retval, user);
return retval;
}
/* should not be reached */
}
/* talk to winbindd */
static int winbind_auth_request(const char *user, const char *pass, int ctrl)
{
struct winbindd_request request;
struct winbindd_response response;
ZERO_STRUCT(request);
strncpy(request.data.auth.user, user,
sizeof(request.data.auth.user)-1);
strncpy(request.data.auth.pass, pass,
sizeof(request.data.auth.pass)-1);
return pam_winbind_request_log(WINBINDD_PAM_AUTH, &request, &response, ctrl, user);
}
/* talk to winbindd */
static int winbind_chauthtok_request(const char *user, const char *oldpass,
const char *newpass)
const char *newpass, int ctrl)
{
struct winbindd_request request;
struct winbindd_response response;
@ -218,7 +236,7 @@ static int winbind_chauthtok_request(const char *user, const char *oldpass,
request.data.chauthtok.newpass[0] = '\0';
}
return pam_winbind_request(WINBINDD_PAM_CHAUTHTOK, &request, &response);
return pam_winbind_request_log(WINBINDD_PAM_CHAUTHTOK, &request, &response, ctrl, user);
}
/*
@ -665,7 +683,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
* rebuild the password database file.
*/
retval = winbind_chauthtok_request(user, pass_old, pass_new);
retval = winbind_chauthtok_request(user, pass_old, pass_new, ctrl);
_pam_overwrite(pass_new);
_pam_overwrite(pass_old);
pass_old = pass_new = NULL;

7
source3/nsswitch/winbindd_pam.c
View File

@ -354,5 +354,12 @@ done:
fstrcpy(state->response.data.auth.error_string, nt_errstr(result));
state->response.data.auth.pam_error = nt_status_to_pam(result);
DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2,
("Password change for user [%s]\\[%s] returned %s (PAM: %d)\n",
domain,
user,
state->response.data.auth.nt_status_string,
state->response.data.auth.pam_error));
return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR;
}