svn commit: samba r21143 - in branches: SAMBA_3_0/source/nsswitch
SAMBA_3_0_24/source/nsswitch
gd at samba.org
gd at samba.org
Mon Feb 5 14:34:13 GMT 2007
Author: gd
Date: 2007-02-05 14:34:12 +0000 (Mon, 05 Feb 2007)
New Revision: 21143
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21143
Log:
Fix wrong check for pam error codes for getpwnam and lookup winbind
requests in pam_winbind (Bug #4094).
Inspired by fix from Lars Heete.
Guenther
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2007-02-05 14:20:35 UTC (rev 21142)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2007-02-05 14:34:12 UTC (rev 21143)
@@ -444,21 +444,34 @@
close_sock();
/* Copy reply data from socket */
- if (response->result != WINBINDD_OK) {
- if (response->data.auth.pam_error != PAM_SUCCESS) {
- _pam_log(pamh, ctrl, LOG_ERR, "request failed: %s, PAM error was %s (%d), NT error was %s",
- response->data.auth.error_string,
- pam_strerror(pamh, response->data.auth.pam_error),
- response->data.auth.pam_error,
- response->data.auth.nt_status_string);
- return response->data.auth.pam_error;
- } else {
- _pam_log(pamh, ctrl, LOG_ERR, "request failed, but PAM error 0!");
- return PAM_SERVICE_ERR;
- }
+ if (response->result == WINBINDD_OK) {
+ return PAM_SUCCESS;
}
- return PAM_SUCCESS;
+ /* no need to check for pam_error codes for getpwnam() */
+ switch (req_type) {
+
+ case WINBINDD_GETPWNAM:
+ case WINBINDD_LOOKUPNAME:
+ _pam_log(pamh, ctrl, LOG_ERR, "request failed: %s, NT error was %s",
+ response->data.auth.nt_status_string);
+ return PAM_USER_UNKNOWN;
+ default:
+ break;
+ }
+
+ if (response->data.auth.pam_error != PAM_SUCCESS) {
+ _pam_log(pamh, ctrl, LOG_ERR, "request failed: %s, PAM error was %s (%d), NT error was %s",
+ response->data.auth.error_string,
+ pam_strerror(pamh, response->data.auth.pam_error),
+ response->data.auth.pam_error,
+ response->data.auth.nt_status_string);
+ return response->data.auth.pam_error;
+ }
+
+ _pam_log(pamh, ctrl, LOG_ERR, "request failed, but PAM error 0!");
+
+ return PAM_SERVICE_ERR;
}
static int pam_winbind_request_log(pam_handle_t * pamh,
Modified: branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c 2007-02-05 14:20:35 UTC (rev 21142)
+++ branches/SAMBA_3_0_24/source/nsswitch/pam_winbind.c 2007-02-05 14:34:12 UTC (rev 21143)
@@ -305,21 +305,34 @@
close_sock();
/* Copy reply data from socket */
- if (response->result != WINBINDD_OK) {
- if (response->data.auth.pam_error != PAM_SUCCESS) {
- _pam_log(pamh, ctrl, LOG_ERR, "request failed: %s, PAM error was %s (%d), NT error was %s",
- response->data.auth.error_string,
- pam_strerror(pamh, response->data.auth.pam_error),
- response->data.auth.pam_error,
- response->data.auth.nt_status_string);
- return response->data.auth.pam_error;
- } else {
- _pam_log(pamh, ctrl, LOG_ERR, "request failed, but PAM error 0!");
- return PAM_SERVICE_ERR;
- }
+ if (response->result == WINBINDD_OK) {
+ return PAM_SUCCESS;
}
- return PAM_SUCCESS;
+ /* no need to check for pam_error codes for getpwnam() */
+ switch (req_type) {
+
+ case WINBINDD_GETPWNAM:
+ case WINBINDD_LOOKUPNAME:
+ _pam_log(pamh, ctrl, LOG_ERR, "request failed: %s, NT error was %s",
+ response->data.auth.nt_status_string);
+ return PAM_USER_UNKNOWN;
+ default:
+ break;
+ }
+
+ if (response->data.auth.pam_error != PAM_SUCCESS) {
+ _pam_log(pamh, ctrl, LOG_ERR, "request failed: %s, PAM error was %s (%d), NT error was %s",
+ response->data.auth.error_string,
+ pam_strerror(pamh, response->data.auth.pam_error),
+ response->data.auth.pam_error,
+ response->data.auth.nt_status_string);
+ return response->data.auth.pam_error;
+ }
+
+ _pam_log(pamh, ctrl, LOG_ERR, "request failed, but PAM error 0!");
+
+ return PAM_SERVICE_ERR;
}
static int pam_winbind_request_log(pam_handle_t * pamh,
More information about the samba-cvs
mailing list