sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-24 21:49:29 +03:00
Code Activity

Added smb_ prefix to all Samba wrapper pam functions.

Browse Source 
Fixed off by one bug using StrnCpy instead of strdup().
Jeremy.
This commit is contained in:
Jeremy Allison
-
parent 071c799f47
commit d4b1c0be2e
8 changed files with 266 additions and 159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
source/auth/pampass.c
View File

@ -5,6 +5,7 @@
Copyright (C) Andrew Tridgell 1992-2001
Copyright (C) John H Terpsta 1999-2001
Copyright (C) Andrew Bartlett 2001
Copyright (C) Jeremy Allison 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -58,7 +59,7 @@ static char *PAM_password;
/*
* PAM error handler.
*/
static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
static BOOL smb_pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
{
if( pam_error != PAM_SUCCESS) {
@ -74,7 +75,7 @@ static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int
* echo off means password.
*/
static int PAM_conv(int num_msg,
static int smb_pam_conv(int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr)
@ -122,21 +123,21 @@ static int PAM_conv(int num_msg,
return PAM_SUCCESS;
}
static struct pam_conv PAM_conversation = {
&PAM_conv,
static struct pam_conv smb_pam_conversation = {
&smb_pam_conv,
NULL
};
/*
* PAM Closing out cleanup handler
*/
static BOOL proc_pam_end(pam_handle_t *pamh)
static BOOL smb_pam_end(pam_handle_t *pamh)
{
int pam_error;
if( pamh != NULL ) {
pam_error = pam_end(pamh, 0);
if(pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
if(smb_pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
DEBUG(4, ("PAM: PAM_END OK.\n"));
return True;
}
@ -148,15 +149,15 @@ static BOOL proc_pam_end(pam_handle_t *pamh)
/*
* Start PAM authentication for specified account
*/
static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
static BOOL smb_pam_start(pam_handle_t **pamh, char *user, char *rhost)
{
int pam_error;
DEBUG(4,("PAM: Init user: %s\n", user));
pam_error = pam_start("samba", user, &PAM_conversation, pamh);
if( !pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
proc_pam_end(*pamh);
pam_error = pam_start("samba", user, &smb_pam_conversation, pamh);
if( !smb_pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
smb_pam_end(*pamh);
return False;
}
@ -169,16 +170,16 @@ static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
#ifdef PAM_RHOST
DEBUG(4,("PAM: setting rhost to: %s\n", rhost));
pam_error = pam_set_item(*pamh, PAM_RHOST, rhost);
if(!pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
proc_pam_end(*pamh);
if(!smb_pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
smb_pam_end(*pamh);
return False;
}
#endif
#ifdef PAM_TTY
DEBUG(4,("PAM: setting tty\n"));
pam_error = pam_set_item(*pamh, PAM_TTY, "samba");
if (!pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
proc_pam_end(*pamh);
if (!smb_pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
smb_pam_end(*pamh);
return False;
}
#endif
@ -189,7 +190,7 @@ static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
/*
* PAM Authentication Handler
*/
static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
static BOOL smb_pam_auth(pam_handle_t *pamh, char *user, char *password)
{
int pam_error;
@ -225,8 +226,8 @@ static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
default:
DEBUG(0, ("PAM: UNKNOWN ERROR while authenticating user %s\n", user));
}
if(!pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
proc_pam_end(pamh);
if(!smb_pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
smb_pam_end(pamh);
return False;
}
/* If this point is reached, the user has been authenticated. */
@ -236,7 +237,7 @@ static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
/*
* PAM Account Handler
*/
static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
static BOOL smb_pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
{
int pam_error;
@ -264,8 +265,8 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
default:
DEBUG(0, ("PAM: UNKNOWN ERROR for User: %s\n", user));
}
if(!pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
proc_pam_end(pamh);
if(!smb_pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
smb_pam_end(pamh);
return False;
}
@ -303,8 +304,8 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
default:
DEBUG(0, ("PAM: Error Condition Unknown in pam_setcred function call!"));
}
if(!pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
proc_pam_end(pamh);
if(!smb_pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
smb_pam_end(pamh);
return False;
}
@ -316,7 +317,7 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
/*
* PAM Internal Session Handler
*/
static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
static BOOL smb_internal_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
{
int pam_error;
@ -326,22 +327,22 @@ static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL fla
#ifdef PAM_TTY
DEBUG(4,("PAM: tty set to: %s\n", tty));
pam_error = pam_set_item(pamh, PAM_TTY, tty);
if (!pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
proc_pam_end(pamh);
if (!smb_pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
smb_pam_end(pamh);
return False;
}
#endif
if (flag) {
pam_error = pam_open_session(pamh, PAM_SILENT);
if (!pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
proc_pam_end(pamh);
if (!smb_pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
smb_pam_end(pamh);
return False;
}
} else {
pam_error = pam_close_session(pamh, PAM_SILENT);
if (!pam_error_handler(pamh, pam_error, "session close failed", 0)) {
proc_pam_end(pamh);
if (!smb_pam_error_handler(pamh, pam_error, "session close failed", 0)) {
smb_pam_end(pamh);
return False;
}
}
@ -351,29 +352,26 @@ static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL fla
/*
* PAM Externally accessible Session handler
*/
BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
{
pam_handle_t *pamh = NULL;
char * user;
user = malloc(strlen(in_user)+1);
user = strdup(in_user);
if ( user == NULL ) {
DEBUG(0, ("PAM: PAM_session Malloc Failed!\n"));
return False;
}
/* This is freed by PAM */
StrnCpy(user, in_user, strlen(in_user)+1);
if (!proc_pam_start(&pamh, user, rhost)) {
proc_pam_end(pamh);
if (!smb_pam_start(&pamh, user, rhost)) {
smb_pam_end(pamh);
return False;
}
if (proc_pam_session(pamh, user, tty, flag)) {
return proc_pam_end(pamh);
if (smb_internal_pam_session(pamh, user, tty, flag)) {
return smb_pam_end(pamh);
} else {
proc_pam_end(pamh);
smb_pam_end(pamh);
return False;
}
}
@ -381,16 +379,16 @@ BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
/*
* PAM Externally accessible Account handler
*/
BOOL pam_accountcheck(char * user)
BOOL smb_pam_accountcheck(char * user)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = NULL;
if( proc_pam_start(&pamh, user, NULL)) {
if ( pam_account(pamh, user, NULL, False)) {
return( proc_pam_end(pamh));
if( smb_pam_start(&pamh, user, NULL)) {
if ( smb_pam_account(pamh, user, NULL, False)) {
return( smb_pam_end(pamh));
}
}
DEBUG(0, ("PAM: Account Validation Failed - Rejecting User!\n"));
@ -400,17 +398,17 @@ BOOL pam_accountcheck(char * user)
/*
* PAM Password Validation Suite
*/
BOOL pam_passcheck(char * user, char * password)
BOOL smb_pam_passcheck(char * user, char * password)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = password;
if( proc_pam_start(&pamh, user, NULL)) {
if ( pam_auth(pamh, user, password)) {
if ( pam_account(pamh, user, password, True)) {
return( proc_pam_end(pamh));
if( smb_pam_start(&pamh, user, NULL)) {
if ( smb_pam_auth(pamh, user, password)) {
if ( smb_pam_account(pamh, user, password, True)) {
return( smb_pam_end(pamh));
}
}
}
@ -421,7 +419,7 @@ BOOL pam_passcheck(char * user, char * password)
#else
/* If PAM not used, no PAM restrictions on accounts. */
BOOL pam_accountcheck(char * user)
BOOL smb_pam_accountcheck(char * user)
{
return True;
}

2
source/auth/pass_check.c
View File

@ -599,7 +599,7 @@ static BOOL password_check(char *password)
{
#ifdef WITH_PAM
return (pam_passcheck(this_user, password));
return (smb_pam_passcheck(this_user, password));
#endif /* WITH_PAM */
#ifdef WITH_AFS

215
source/configure vendored
View File

@ -11174,8 +11174,9 @@ fi
#################################################
# check for a PAM password database
with_pam_for_crypt=no
echo $ac_n "checking whether to use PAM password database""... $ac_c" 1>&6
echo "configure:11179: checking whether to use PAM password database" >&5
echo "configure:11180: checking whether to use PAM password database" >&5
# Check whether --with-pam or --without-pam was given.
if test "${with_pam+set}" = set; then
withval="$with_pam"
@ -11187,6 +11188,7 @@ if test "${with_pam+set}" = set; then
EOF
LIBS="$LIBS -lpam"
with_pam_for_crypt=yes
;;
*)
echo "$ac_t""no" 1>&6
@ -11198,10 +11200,119 @@ else
fi
###############################################
# test for where we get crypt() from, but only
# if not using PAM
if test $with_pam_for_crypt = no; then
for ac_func in crypt
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
echo "configure:11212: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 11217 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
#include <assert.h>
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char $ac_func();
int main() {
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
choke me
#else
$ac_func();
#endif
; return 0; }
EOF
if { (eval echo configure:11240: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
echo "configure: failed program was:" >&5
cat conftest.$ac_ext >&5
rm -rf conftest*
eval "ac_cv_func_$ac_func=no"
fi
rm -f conftest*
fi
if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
echo "$ac_t""yes" 1>&6
ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
cat >> confdefs.h <<EOF
#define $ac_tr_func 1
EOF
else
echo "$ac_t""no" 1>&6
fi
done
if test x"$ac_cv_func_crypt" = x"no"; then
echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6
echo "configure:11266: checking for crypt in -lcrypt" >&5
ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
LIBS="-lcrypt $LIBS"
cat > conftest.$ac_ext <<EOF
#line 11274 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char crypt();
int main() {
crypt()
; return 0; }
EOF
if { (eval echo configure:11285: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
echo "configure: failed program was:" >&5
cat conftest.$ac_ext >&5
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=no"
fi
rm -f conftest*
LIBS="$ac_save_LIBS"
fi
if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
echo "$ac_t""yes" 1>&6
LIBS="$LIBS -lcrypt";
cat >> confdefs.h <<\EOF
#define HAVE_CRYPT 1
EOF
else
echo "$ac_t""no" 1>&6
fi
fi
fi
#################################################
# check for a TDB password database
echo $ac_n "checking whether to use TDB password database""... $ac_c" 1>&6
echo "configure:11205: checking whether to use TDB password database" >&5
echo "configure:11316: checking whether to use TDB password database" >&5
# Check whether --with-tdbsam or --without-tdbsam was given.
if test "${with_tdbsam+set}" = set; then
withval="$with_tdbsam"
@ -11227,7 +11338,7 @@ fi
#################################################
# check for a LDAP password database
echo $ac_n "checking whether to use LDAP password database""... $ac_c" 1>&6
echo "configure:11231: checking whether to use LDAP password database" >&5
echo "configure:11342: checking whether to use LDAP password database" >&5
# Check whether --with-ldap or --without-ldap was given.
if test "${with_ldap+set}" = set; then
withval="$with_ldap"
@ -11253,7 +11364,7 @@ fi
#################################################
# check for a NISPLUS password database
echo $ac_n "checking whether to use NISPLUS password database""... $ac_c" 1>&6
echo "configure:11257: checking whether to use NISPLUS password database" >&5
echo "configure:11368: checking whether to use NISPLUS password database" >&5
# Check whether --with-nisplus or --without-nisplus was given.
if test "${with_nisplus+set}" = set; then
withval="$with_nisplus"
@ -11278,7 +11389,7 @@ fi
#################################################
# check for a NISPLUS_HOME support
echo $ac_n "checking whether to use NISPLUS_HOME""... $ac_c" 1>&6
echo "configure:11282: checking whether to use NISPLUS_HOME" >&5
echo "configure:11393: checking whether to use NISPLUS_HOME" >&5
# Check whether --with-nisplus-home or --without-nisplus-home was given.
if test "${with_nisplus_home+set}" = set; then
withval="$with_nisplus_home"
@ -11303,7 +11414,7 @@ fi
#################################################
# check for the secure socket layer
echo $ac_n "checking whether to use SSL""... $ac_c" 1>&6
echo "configure:11307: checking whether to use SSL" >&5
echo "configure:11418: checking whether to use SSL" >&5
# Check whether --with-ssl or --without-ssl was given.
if test "${with_ssl+set}" = set; then
withval="$with_ssl"
@ -11362,7 +11473,7 @@ fi
#################################################
# check for syslog logging
echo $ac_n "checking whether to use syslog logging""... $ac_c" 1>&6
echo "configure:11366: checking whether to use syslog logging" >&5
echo "configure:11477: checking whether to use syslog logging" >&5
# Check whether --with-syslog or --without-syslog was given.
if test "${with_syslog+set}" = set; then
withval="$with_syslog"
@ -11387,7 +11498,7 @@ fi
#################################################
# check for a shared memory profiling support
echo $ac_n "checking whether to use profiling""... $ac_c" 1>&6
echo "configure:11391: checking whether to use profiling" >&5
echo "configure:11502: checking whether to use profiling" >&5
# Check whether --with-profile or --without-profile was given.
if test "${with_profile+set}" = set; then
withval="$with_profile"
@ -11413,7 +11524,7 @@ fi
#################################################
# check for experimental netatalk resource fork support
echo $ac_n "checking whether to support netatalk""... $ac_c" 1>&6
echo "configure:11417: checking whether to support netatalk" >&5
echo "configure:11528: checking whether to support netatalk" >&5
# Check whether --with-netatalk or --without-netatalk was given.
if test "${with_netatalk+set}" = set; then
withval="$with_netatalk"
@ -11440,7 +11551,7 @@ fi
QUOTAOBJS=smbd/noquotas.o
echo $ac_n "checking whether to support disk-quotas""... $ac_c" 1>&6
echo "configure:11444: checking whether to support disk-quotas" >&5
echo "configure:11555: checking whether to support disk-quotas" >&5
# Check whether --with-quotas or --without-quotas was given.
if test "${with_quotas+set}" = set; then
withval="$with_quotas"
@ -11464,7 +11575,7 @@ fi
# check for experimental utmp accounting
echo $ac_n "checking whether to support utmp accounting""... $ac_c" 1>&6
echo "configure:11468: checking whether to support utmp accounting" >&5
echo "configure:11579: checking whether to support utmp accounting" >&5
# Check whether --with-utmp or --without-utmp was given.
if test "${with_utmp+set}" = set; then
withval="$with_utmp"
@ -11490,7 +11601,7 @@ fi
# check for MS Dfs support
echo $ac_n "checking whether to support Microsoft Dfs""... $ac_c" 1>&6
echo "configure:11494: checking whether to support Microsoft Dfs" >&5
echo "configure:11605: checking whether to support Microsoft Dfs" >&5
# Check whether --with-msdfs or --without-msdfs was given.
if test "${with_msdfs+set}" = set; then
withval="$with_msdfs"
@ -11590,14 +11701,14 @@ fi
#################################################
# these tests are taken from the GNU fileutils package
echo "checking how to get filesystem space usage" 1>&6
echo "configure:11594: checking how to get filesystem space usage" >&5
echo "configure:11705: checking how to get filesystem space usage" >&5
space=no
# Test for statvfs64.
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs64 function (SVR4)""... $ac_c" 1>&6
echo "configure:11601: checking statvfs64 function (SVR4)" >&5
echo "configure:11712: checking statvfs64 function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs64'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -11605,7 +11716,7 @@ else
fu_cv_sys_stat_statvfs64=cross
else
cat > conftest.$ac_ext <<EOF
#line 11609 "configure"
#line 11720 "configure"
#include "confdefs.h"
#if defined(HAVE_UNISTD_H)
@ -11619,7 +11730,7 @@ else
exit (statvfs64 (".", &fsd));
}
EOF
if { (eval echo configure:11623: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:11734: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statvfs64=yes
else
@ -11652,12 +11763,12 @@ fi
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs function (SVR4)""... $ac_c" 1>&6
echo "configure:11656: checking statvfs function (SVR4)" >&5
echo "configure:11767: checking statvfs function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 11661 "configure"
#line 11772 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statvfs.h>
@ -11665,7 +11776,7 @@ int main() {
struct statvfs fsd; statvfs (0, &fsd);
; return 0; }
EOF
if { (eval echo configure:11669: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:11780: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
fu_cv_sys_stat_statvfs=yes
else
@ -11690,7 +11801,7 @@ fi
if test $space = no; then
# DEC Alpha running OSF/1
echo $ac_n "checking for 3-argument statfs function (DEC OSF/1)""... $ac_c" 1>&6
echo "configure:11694: checking for 3-argument statfs function (DEC OSF/1)" >&5
echo "configure:11805: checking for 3-argument statfs function (DEC OSF/1)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs3_osf1'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -11698,7 +11809,7 @@ else
fu_cv_sys_stat_statfs3_osf1=no
else
cat > conftest.$ac_ext <<EOF
#line 11702 "configure"
#line 11813 "configure"
#include "confdefs.h"
#include <sys/param.h>
@ -11711,7 +11822,7 @@ else
exit (statfs (".", &fsd, sizeof (struct statfs)));
}
EOF
if { (eval echo configure:11715: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:11826: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs3_osf1=yes
else
@ -11738,7 +11849,7 @@ fi
if test $space = no; then
# AIX
echo $ac_n "checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)""... $ac_c" 1>&6
echo "configure:11742: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
echo "configure:11853: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_bsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -11746,7 +11857,7 @@ else
fu_cv_sys_stat_statfs2_bsize=no
else
cat > conftest.$ac_ext <<EOF
#line 11750 "configure"
#line 11861 "configure"
#include "confdefs.h"
#ifdef HAVE_SYS_PARAM_H
@ -11765,7 +11876,7 @@ else
exit (statfs (".", &fsd));
}
EOF
if { (eval echo configure:11769: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:11880: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_bsize=yes
else
@ -11792,7 +11903,7 @@ fi
if test $space = no; then
# SVR3
echo $ac_n "checking for four-argument statfs (AIX-3.2.5, SVR3)""... $ac_c" 1>&6
echo "configure:11796: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
echo "configure:11907: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs4'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -11800,7 +11911,7 @@ else
fu_cv_sys_stat_statfs4=no
else
cat > conftest.$ac_ext <<EOF
#line 11804 "configure"
#line 11915 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statfs.h>
@ -11810,7 +11921,7 @@ else
exit (statfs (".", &fsd, sizeof fsd, 0));
}
EOF
if { (eval echo configure:11814: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:11925: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs4=yes
else
@ -11837,7 +11948,7 @@ fi
if test $space = no; then
# 4.4BSD and NetBSD
echo $ac_n "checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)""... $ac_c" 1>&6
echo "configure:11841: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
echo "configure:11952: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_fsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -11845,7 +11956,7 @@ else
fu_cv_sys_stat_statfs2_fsize=no
else
cat > conftest.$ac_ext <<EOF
#line 11849 "configure"
#line 11960 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
@ -11861,7 +11972,7 @@ else
exit (statfs (".", &fsd));
}
EOF
if { (eval echo configure:11865: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:11976: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_fsize=yes
else
@ -11888,7 +11999,7 @@ fi
if test $space = no; then
# Ultrix
echo $ac_n "checking for two-argument statfs with struct fs_data (Ultrix)""... $ac_c" 1>&6
echo "configure:11892: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
echo "configure:12003: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_fs_data'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@ -11896,7 +12007,7 @@ else
fu_cv_sys_stat_fs_data=no
else
cat > conftest.$ac_ext <<EOF
#line 11900 "configure"
#line 12011 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
@ -11916,7 +12027,7 @@ else
exit (statfs (".", &fsd) != 1);
}
EOF
if { (eval echo configure:11920: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:12031: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_fs_data=yes
else
@ -11949,9 +12060,9 @@ fi
# file support.
#
echo $ac_n "checking if large file support can be enabled""... $ac_c" 1>&6
echo "configure:11953: checking if large file support can be enabled" >&5
echo "configure:12064: checking if large file support can be enabled" >&5
cat > conftest.$ac_ext <<EOF
#line 11955 "configure"
#line 12066 "configure"
#include "confdefs.h"
#if defined(HAVE_LONGLONG) && (defined(HAVE_OFF64_T) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8)))
@ -11964,7 +12075,7 @@ int main() {
int i
; return 0; }
EOF
if { (eval echo configure:11968: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
if { (eval echo configure:12079: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
samba_cv_HAVE_EXPLICIT_LARGEFILE_SUPPORT=yes
else
@ -12032,7 +12143,7 @@ fi
# check for ACL support
echo $ac_n "checking whether to support ACLs""... $ac_c" 1>&6
echo "configure:12036: checking whether to support ACLs" >&5
echo "configure:12147: checking whether to support ACLs" >&5
# Check whether --with-acl-support or --without-acl-support was given.
if test "${with_acl_support+set}" = set; then
withval="$with_acl_support"
@ -12070,7 +12181,7 @@ EOF
;;
*)
echo $ac_n "checking for acl_get_file in -lacl""... $ac_c" 1>&6
echo "configure:12074: checking for acl_get_file in -lacl" >&5
echo "configure:12185: checking for acl_get_file in -lacl" >&5
ac_lib_var=`echo acl'_'acl_get_file | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@ -12078,7 +12189,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lacl $LIBS"
cat > conftest.$ac_ext <<EOF
#line 12082 "configure"
#line 12193 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@ -12089,7 +12200,7 @@ int main() {
acl_get_file()
; return 0; }
EOF
if { (eval echo configure:12093: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:12204: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@ -12117,13 +12228,13 @@ else
fi
echo $ac_n "checking for ACL support""... $ac_c" 1>&6
echo "configure:12121: checking for ACL support" >&5
echo "configure:12232: checking for ACL support" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_POSIX_ACLS'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 12127 "configure"
#line 12238 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/acl.h>
@ -12131,7 +12242,7 @@ int main() {
acl_t acl; int entry_id; acl_entry_t *entry_p; return acl_get_entry( acl, entry_id, entry_p);
; return 0; }
EOF
if { (eval echo configure:12135: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:12246: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
samba_cv_HAVE_POSIX_ACLS=yes
else
@ -12151,13 +12262,13 @@ echo "$ac_t""$samba_cv_HAVE_POSIX_ACLS" 1>&6
EOF
echo $ac_n "checking for acl_get_perm_np""... $ac_c" 1>&6
echo "configure:12155: checking for acl_get_perm_np" >&5
echo "configure:12266: checking for acl_get_perm_np" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_ACL_GET_PERM_NP'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 12161 "configure"
#line 12272 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/acl.h>
@ -12165,7 +12276,7 @@ int main() {
acl_permset_t permset_d; acl_perm_t perm; return acl_get_perm_np( permset_d, perm);
; return 0; }
EOF
if { (eval echo configure:12169: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:12280: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
samba_cv_HAVE_ACL_GET_PERM_NP=yes
else
@ -12186,13 +12297,13 @@ EOF
fi
fi
echo $ac_n "checking for XFS ACL support""... $ac_c" 1>&6
echo "configure:12190: checking for XFS ACL support" >&5
echo "configure:12301: checking for XFS ACL support" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_XFS_ACLS'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 12196 "configure"
#line 12307 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <acl/acl.h>
@ -12200,7 +12311,7 @@ int main() {
char test_str[13] = SGI_ACL_FILE;
; return 0; }
EOF
if { (eval echo configure:12204: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
if { (eval echo configure:12315: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
samba_cv_HAVE_XFS_ACLS=yes
else
@ -12245,11 +12356,11 @@ if test "$cross_compiling" = yes; then
:
else
cat > conftest.$ac_ext <<EOF
#line 12249 "configure"
#line 12360 "configure"
#include "confdefs.h"
#include "${srcdir-.}/tests/summary.c"
EOF
if { (eval echo configure:12253: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
if { (eval echo configure:12364: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
echo "configure OK";
else

6
source/include/proto.h
View File

@ -1922,9 +1922,9 @@ BOOL pdb_generate_sam_sid(void);
/*The following definitions come from passdb/pampass.c */
BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost);
BOOL pam_accountcheck(char * user);
BOOL pam_passcheck(char * user, char * password);
BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost);
BOOL smb_pam_accountcheck(char * user);
BOOL smb_pam_passcheck(char * user, char * password);
/*The following definitions come from passdb/pass_check.c */

96
source/passdb/pampass.c
View File

@ -5,6 +5,7 @@
Copyright (C) Andrew Tridgell 1992-2001
Copyright (C) John H Terpsta 1999-2001
Copyright (C) Andrew Bartlett 2001
Copyright (C) Jeremy Allison 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -58,7 +59,7 @@ static char *PAM_password;
/*
* PAM error handler.
*/
static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
static BOOL smb_pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
{
if( pam_error != PAM_SUCCESS) {
@ -74,7 +75,7 @@ static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int
* echo off means password.
*/
static int PAM_conv(int num_msg,
static int smb_pam_conv(int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr)
@ -122,21 +123,21 @@ static int PAM_conv(int num_msg,
return PAM_SUCCESS;
}
static struct pam_conv PAM_conversation = {
&PAM_conv,
static struct pam_conv smb_pam_conversation = {
&smb_pam_conv,
NULL
};
/*
* PAM Closing out cleanup handler
*/
static BOOL proc_pam_end(pam_handle_t *pamh)
static BOOL smb_pam_end(pam_handle_t *pamh)
{
int pam_error;
if( pamh != NULL ) {
pam_error = pam_end(pamh, 0);
if(pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
if(smb_pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
DEBUG(4, ("PAM: PAM_END OK.\n"));
return True;
}
@ -148,15 +149,15 @@ static BOOL proc_pam_end(pam_handle_t *pamh)
/*
* Start PAM authentication for specified account
*/
static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
static BOOL smb_pam_start(pam_handle_t **pamh, char *user, char *rhost)
{
int pam_error;
DEBUG(4,("PAM: Init user: %s\n", user));
pam_error = pam_start("samba", user, &PAM_conversation, pamh);
if( !pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
proc_pam_end(*pamh);
pam_error = pam_start("samba", user, &smb_pam_conversation, pamh);
if( !smb_pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
smb_pam_end(*pamh);
return False;
}
@ -169,16 +170,16 @@ static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
#ifdef PAM_RHOST
DEBUG(4,("PAM: setting rhost to: %s\n", rhost));
pam_error = pam_set_item(*pamh, PAM_RHOST, rhost);
if(!pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
proc_pam_end(*pamh);
if(!smb_pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
smb_pam_end(*pamh);
return False;
}
#endif
#ifdef PAM_TTY
DEBUG(4,("PAM: setting tty\n"));
pam_error = pam_set_item(*pamh, PAM_TTY, "samba");
if (!pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
proc_pam_end(*pamh);
if (!smb_pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
smb_pam_end(*pamh);
return False;
}
#endif
@ -189,7 +190,7 @@ static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
/*
* PAM Authentication Handler
*/
static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
static BOOL smb_pam_auth(pam_handle_t *pamh, char *user, char *password)
{
int pam_error;
@ -225,8 +226,8 @@ static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
default:
DEBUG(0, ("PAM: UNKNOWN ERROR while authenticating user %s\n", user));
}
if(!pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
proc_pam_end(pamh);
if(!smb_pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
smb_pam_end(pamh);
return False;
}
/* If this point is reached, the user has been authenticated. */
@ -236,7 +237,7 @@ static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
/*
* PAM Account Handler
*/
static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
static BOOL smb_pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
{
int pam_error;
@ -264,8 +265,8 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
default:
DEBUG(0, ("PAM: UNKNOWN ERROR for User: %s\n", user));
}
if(!pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
proc_pam_end(pamh);
if(!smb_pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
smb_pam_end(pamh);
return False;
}
@ -303,8 +304,8 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
default:
DEBUG(0, ("PAM: Error Condition Unknown in pam_setcred function call!"));
}
if(!pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
proc_pam_end(pamh);
if(!smb_pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
smb_pam_end(pamh);
return False;
}
@ -316,7 +317,7 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
/*
* PAM Internal Session Handler
*/
static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
static BOOL smb_internal_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
{
int pam_error;
@ -326,22 +327,22 @@ static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL fla
#ifdef PAM_TTY
DEBUG(4,("PAM: tty set to: %s\n", tty));
pam_error = pam_set_item(pamh, PAM_TTY, tty);
if (!pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
proc_pam_end(pamh);
if (!smb_pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
smb_pam_end(pamh);
return False;
}
#endif
if (flag) {
pam_error = pam_open_session(pamh, PAM_SILENT);
if (!pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
proc_pam_end(pamh);
if (!smb_pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
smb_pam_end(pamh);
return False;
}
} else {
pam_error = pam_close_session(pamh, PAM_SILENT);
if (!pam_error_handler(pamh, pam_error, "session close failed", 0)) {
proc_pam_end(pamh);
if (!smb_pam_error_handler(pamh, pam_error, "session close failed", 0)) {
smb_pam_end(pamh);
return False;
}
}
@ -351,29 +352,26 @@ static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL fla
/*
* PAM Externally accessible Session handler
*/
BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
{
pam_handle_t *pamh = NULL;
char * user;
user = malloc(strlen(in_user)+1);
user = strdup(in_user);
if ( user == NULL ) {
DEBUG(0, ("PAM: PAM_session Malloc Failed!\n"));
return False;
}
/* This is freed by PAM */
StrnCpy(user, in_user, strlen(in_user)+1);
if (!proc_pam_start(&pamh, user, rhost)) {
proc_pam_end(pamh);
if (!smb_pam_start(&pamh, user, rhost)) {
smb_pam_end(pamh);
return False;
}
if (proc_pam_session(pamh, user, tty, flag)) {
return proc_pam_end(pamh);
if (smb_internal_pam_session(pamh, user, tty, flag)) {
return smb_pam_end(pamh);
} else {
proc_pam_end(pamh);
smb_pam_end(pamh);
return False;
}
}
@ -381,16 +379,16 @@ BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
/*
* PAM Externally accessible Account handler
*/
BOOL pam_accountcheck(char * user)
BOOL smb_pam_accountcheck(char * user)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = NULL;
if( proc_pam_start(&pamh, user, NULL)) {
if ( pam_account(pamh, user, NULL, False)) {
return( proc_pam_end(pamh));
if( smb_pam_start(&pamh, user, NULL)) {
if ( smb_pam_account(pamh, user, NULL, False)) {
return( smb_pam_end(pamh));
}
}
DEBUG(0, ("PAM: Account Validation Failed - Rejecting User!\n"));
@ -400,17 +398,17 @@ BOOL pam_accountcheck(char * user)
/*
* PAM Password Validation Suite
*/
BOOL pam_passcheck(char * user, char * password)
BOOL smb_pam_passcheck(char * user, char * password)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = password;
if( proc_pam_start(&pamh, user, NULL)) {
if ( pam_auth(pamh, user, password)) {
if ( pam_account(pamh, user, password, True)) {
return( proc_pam_end(pamh));
if( smb_pam_start(&pamh, user, NULL)) {
if ( smb_pam_auth(pamh, user, password)) {
if ( smb_pam_account(pamh, user, password, True)) {
return( smb_pam_end(pamh));
}
}
}
@ -421,7 +419,7 @@ BOOL pam_passcheck(char * user, char * password)
#else
/* If PAM not used, no PAM restrictions on accounts. */
BOOL pam_accountcheck(char * user)
BOOL smb_pam_accountcheck(char * user)
{
return True;
}

2
source/passdb/pass_check.c
View File

@ -599,7 +599,7 @@ static BOOL password_check(char *password)
{
#ifdef WITH_PAM
return (pam_passcheck(this_user, password));
return (smb_pam_passcheck(this_user, password));
#endif /* WITH_PAM */
#ifdef WITH_AFS

2
source/smbd/password.c
View File

@ -632,7 +632,7 @@ BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd)
*/
if (ret)
return pam_accountcheck(user);
return smb_pam_accountcheck(user);
}
return pass_check(user, password, pwlen, pwd,

6
source/smbd/session.c
View File

@ -111,8 +111,8 @@ BOOL session_claim(uint16 vuid)
}
#if WITH_PAM
if (!pam_session(True, sessionid.username, sessionid.id_str, sessionid.hostname)) {
DEBUG(1,("pam_session rejected the session for %s [%s]\n",
if (!smb_pam_session(True, sessionid.username, sessionid.id_str, sessionid.hostname)) {
DEBUG(1,("smb_pam_session rejected the session for %s [%s]\n",
sessionid.username, sessionid.id_str));
tdb_delete(tdb, key);
return False;
@ -167,7 +167,7 @@ void session_yield(uint16 vuid)
#endif
#if WITH_PAM
pam_session(False, sessionid.username, sessionid.id_str, sessionid.hostname);
smb_pam_session(False, sessionid.username, sessionid.id_str, sessionid.hostname);
#endif
tdb_delete(tdb, key);