svn commit: samba r13284 - in trunk/source/nsswitch: .
gd at samba.org
gd at samba.org
Wed Feb 1 20:25:15 GMT 2006
Author: gd
Date: 2006-02-01 20:25:14 +0000 (Wed, 01 Feb 2006)
New Revision: 13284
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13284
Log:
Don't let nss_winbind consumers assume we have shadow information.
Setting pw->pwd to "x" points to having an encrypted password (and other shadow
information) in /etc/shadow. This is problematic esp. when stacking PAM
modules that interprete the "x" string. nss_ldap uses "*" as well.
Guenther
Modified:
trunk/source/nsswitch/winbindd_user.c
Changeset:
Modified: trunk/source/nsswitch/winbindd_user.c
===================================================================
--- trunk/source/nsswitch/winbindd_user.c 2006-02-01 10:50:26 UTC (rev 13283)
+++ trunk/source/nsswitch/winbindd_user.c 2006-02-01 20:25:14 UTC (rev 13284)
@@ -122,10 +122,10 @@
pw->pw_uid, pw->pw_gid, shell, pw->pw_shell))
return False;
- /* Password - set to "x" as we can't generate anything useful here.
+ /* Password - set to "*" as we can't generate anything useful here.
Authentication can be done using the pam_winbind module. */
- safe_strcpy(pw->pw_passwd, "x", sizeof(pw->pw_passwd) - 1);
+ safe_strcpy(pw->pw_passwd, "*", sizeof(pw->pw_passwd) - 1);
return True;
}
@@ -307,10 +307,10 @@
goto failed;
}
- /* Password - set to "x" as we can't generate anything useful here.
+ /* Password - set to "*" as we can't generate anything useful here.
Authentication can be done using the pam_winbind module. */
- safe_strcpy(pw->pw_passwd, "x", sizeof(pw->pw_passwd) - 1);
+ safe_strcpy(pw->pw_passwd, "*", sizeof(pw->pw_passwd) - 1);
request_ok(s->state);
return;
More information about the samba-cvs
mailing list