svn commit: samba r14496 - branches/SAMBA_3_0/source/nsswitch
trunk/source/nsswitch
gd at samba.org
gd at samba.org
Thu Mar 16 23:54:07 GMT 2006
Author: gd
Date: 2006-03-16 23:54:05 +0000 (Thu, 16 Mar 2006)
New Revision: 14496
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14496
Log:
Add WBFLAG_PAM_GET_PWD_POLICY bit to only callout for domain password
policies when requested.
No panic, the flags is uint32 so we are not running out of WBFLAG bits.
Guenther
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h
branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c
trunk/source/nsswitch/pam_winbind.c
trunk/source/nsswitch/winbindd_nss.h
trunk/source/nsswitch/winbindd_pam.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2006-03-16 22:54:07 UTC (rev 14495)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2006-03-16 23:54:05 UTC (rev 14496)
@@ -321,7 +321,7 @@
request.data.auth.krb5_cc_type[0] = '\0';
request.data.auth.uid = -1;
- request.flags = WBFLAG_PAM_INFO3_TEXT;
+ request.flags = WBFLAG_PAM_INFO3_TEXT | WBFLAG_PAM_GET_PWD_POLICY;
if (ctrl & WINBIND_KRB5_AUTH) {
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h 2006-03-16 22:54:07 UTC (rev 14495)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_nss.h 2006-03-16 23:54:05 UTC (rev 14496)
@@ -179,6 +179,7 @@
#define WBFLAG_PAM_KRB5 0x1000
#define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x2000
#define WBFLAG_PAM_CACHED_LOGIN 0x4000
+#define WBFLAG_PAM_GET_PWD_POLICY 0x8000
#define WINBINDD_MAX_EXTRA_DATA (128*1024)
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c 2006-03-16 22:54:07 UTC (rev 14495)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c 2006-03-16 23:54:05 UTC (rev 14496)
@@ -1210,11 +1210,14 @@
}
- result = fillup_password_policy(domain, state);
+ /* this is required to provide password expiry warning */
+ if (state->request.flags & WBFLAG_PAM_GET_PWD_POLICY) {
+ result = fillup_password_policy(domain, state);
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(10,("Failed to get password policies: %s\n", nt_errstr(result)));
- goto done;
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(10,("Failed to get password policies: %s\n", nt_errstr(result)));
+ goto done;
+ }
}
}
Modified: trunk/source/nsswitch/pam_winbind.c
===================================================================
--- trunk/source/nsswitch/pam_winbind.c 2006-03-16 22:54:07 UTC (rev 14495)
+++ trunk/source/nsswitch/pam_winbind.c 2006-03-16 23:54:05 UTC (rev 14496)
@@ -321,7 +321,7 @@
request.data.auth.krb5_cc_type[0] = '\0';
request.data.auth.uid = -1;
- request.flags = WBFLAG_PAM_INFO3_TEXT;
+ request.flags = WBFLAG_PAM_INFO3_TEXT | WBFLAG_PAM_GET_PWD_POLICY;
if (ctrl & WINBIND_KRB5_AUTH) {
Modified: trunk/source/nsswitch/winbindd_nss.h
===================================================================
--- trunk/source/nsswitch/winbindd_nss.h 2006-03-16 22:54:07 UTC (rev 14495)
+++ trunk/source/nsswitch/winbindd_nss.h 2006-03-16 23:54:05 UTC (rev 14496)
@@ -179,6 +179,7 @@
#define WBFLAG_PAM_KRB5 0x1000
#define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x2000
#define WBFLAG_PAM_CACHED_LOGIN 0x4000
+#define WBFLAG_PAM_GET_PWD_POLICY 0x8000
#define WINBINDD_MAX_EXTRA_DATA (128*1024)
Modified: trunk/source/nsswitch/winbindd_pam.c
===================================================================
--- trunk/source/nsswitch/winbindd_pam.c 2006-03-16 22:54:07 UTC (rev 14495)
+++ trunk/source/nsswitch/winbindd_pam.c 2006-03-16 23:54:05 UTC (rev 14496)
@@ -1210,11 +1210,14 @@
}
- result = fillup_password_policy(domain, state);
+ /* this is required to provide password expiry warning */
+ if (state->request.flags & WBFLAG_PAM_GET_PWD_POLICY) {
+ result = fillup_password_policy(domain, state);
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(10,("Failed to get password policies: %s\n", nt_errstr(result)));
- goto done;
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(10,("Failed to get password policies: %s\n", nt_errstr(result)));
+ goto done;
+ }
}
}
More information about the samba-cvs
mailing list