svn commit: samba r21154 - in branches: SAMBA_3_0/source/nsswitch
SAMBA_3_0_25/source/nsswitch
gd at samba.org
gd at samba.org
Mon Feb 5 17:12:13 GMT 2007
Author: gd
Date: 2007-02-05 17:12:13 +0000 (Mon, 05 Feb 2007)
New Revision: 21154
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21154
Log:
Add PAM_WINBIND_LOGONSERVER, also merge the various pam_set_data calls.
Guenther
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
branches/SAMBA_3_0/source/nsswitch/pam_winbind.h
branches/SAMBA_3_0_25/source/nsswitch/pam_winbind.c
branches/SAMBA_3_0_25/source/nsswitch/pam_winbind.h
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2007-02-05 15:28:11 UTC (rev 21153)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2007-02-05 17:12:13 UTC (rev 21154)
@@ -742,6 +742,68 @@
}
/**
+ * Set string into the PAM stack.
+ *
+ * @param pamh PAM handle
+ * @param ctrl PAM winbind options.
+ * @param data_name Key name for pam_set_data.
+ * @param value String value.
+ *
+ * @return void.
+ */
+
+static void _pam_set_data_string(pam_handle_t *pamh, int ctrl, const char *data_name, const char *value)
+{
+ int ret;
+
+ if ( !data_name || !value || (strlen(data_name) == 0) || (strlen(value) == 0) ) {
+ return;
+ }
+
+ ret = pam_set_data(pamh, data_name, (void *)strdup(value), _pam_winbind_cleanup_func);
+ if (ret) {
+ _pam_log_debug(pamh, ctrl, LOG_DEBUG, "Could not set data %s: %s\n",
+ data_name, pam_strerror(pamh, ret));
+ }
+
+}
+
+/**
+ * Set info3 strings into the PAM stack.
+ *
+ * @param pamh PAM handle
+ * @param ctrl PAM winbind options.
+ * @param data_name Key name for pam_set_data.
+ * @param value String value.
+ *
+ * @return void.
+ */
+
+static void _pam_set_data_info3(pam_handle_t *pamh, int ctrl, struct winbindd_response *response)
+{
+ _pam_set_data_string(pamh, ctrl, PAM_WINBIND_HOMEDIR, response->data.auth.info3.home_dir);
+ _pam_set_data_string(pamh, ctrl, PAM_WINBIND_LOGONSCRIPT, response->data.auth.info3.logon_script);
+ _pam_set_data_string(pamh, ctrl, PAM_WINBIND_LOGONSERVER, response->data.auth.info3.logon_srv);
+ _pam_set_data_string(pamh, ctrl, PAM_WINBIND_PROFILEPATH, response->data.auth.info3.profile_path);
+}
+
+/**
+ * Free info3 strings in the PAM stack.
+ *
+ * @param pamh PAM handle
+ *
+ * @return void.
+ */
+
+static void _pam_free_data_info3(pam_handle_t *pamh)
+{
+ pam_set_data(pamh, PAM_WINBIND_HOMEDIR, NULL, NULL);
+ pam_set_data(pamh, PAM_WINBIND_LOGONSCRIPT, NULL, NULL);
+ pam_set_data(pamh, PAM_WINBIND_LOGONSERVER, NULL, NULL);
+ pam_set_data(pamh, PAM_WINBIND_PROFILEPATH, NULL, NULL);
+}
+
+/**
* Compose Password Restriction String for a PAM_ERROR_MSG conversation.
*
* @param response The struct winbindd_response.
@@ -969,43 +1031,9 @@
"User %s logged on using cached account\n", user);
}
- /* save the CIFS homedir for pam_cifs / pam_mount */
- if (response.data.auth.info3.home_dir[0] != '\0') {
+ /* set some info3 info for other modules in the stack */
+ _pam_set_data_info3(pamh, ctrl, &response);
- int ret2 = pam_set_data(pamh, PAM_WINBIND_HOMEDIR,
- (void *) strdup(response.data.auth.info3.home_dir),
- _pam_winbind_cleanup_func);
- if (ret2) {
- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "Could not set data: %s",
- pam_strerror(pamh, ret2));
- }
-
- }
-
- /* save the logon script path for other PAM modules */
- if (response.data.auth.info3.logon_script[0] != '\0') {
-
- int ret2 = pam_set_data(pamh, PAM_WINBIND_LOGONSCRIPT,
- (void *) strdup(response.data.auth.info3.logon_script),
- _pam_winbind_cleanup_func);
- if (ret2) {
- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "Could not set data: %s",
- pam_strerror(pamh, ret2));
- }
- }
-
- /* save the profile path for other PAM modules */
- if (response.data.auth.info3.profile_path[0] != '\0') {
-
- int ret2 = pam_set_data(pamh, PAM_WINBIND_PROFILEPATH,
- (void *) strdup(response.data.auth.info3.profile_path),
- _pam_winbind_cleanup_func);
- if (ret2) {
- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "Could not set data: %s",
- pam_strerror(pamh, ret2));
- }
- }
-
/* If winbindd returned a username, return the pointer to it here. */
if (user_ret && response.extra_data.data) {
/* We have to trust it's a null terminated string. */
@@ -1465,6 +1493,10 @@
pam_set_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, NULL, NULL);
}
+ if (retval != PAM_SUCCESS) {
+ _pam_free_data_info3(pamh);
+ }
+
_PAM_LOG_FUNCTION_LEAVE("pam_sm_authenticate", pamh, ctrl, retval);
return retval;
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.h
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.h 2007-02-05 15:28:11 UTC (rev 21153)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.h 2007-02-05 17:12:13 UTC (rev 21154)
@@ -101,6 +101,7 @@
#define PAM_WINBIND_NEW_AUTHTOK_REQD "PAM_WINBIND_NEW_AUTHTOK_REQD"
#define PAM_WINBIND_HOMEDIR "PAM_WINBIND_HOMEDIR"
#define PAM_WINBIND_LOGONSCRIPT "PAM_WINBIND_LOGONSCRIPT"
+#define PAM_WINBIND_LOGONSERVER "PAM_WINBIND_LOGONSERVER"
#define PAM_WINBIND_PROFILEPATH "PAM_WINBIND_PROFILEPATH"
#define PAM_WINBIND_PWD_LAST_SET "PAM_WINBIND_PWD_LAST_SET"
Modified: branches/SAMBA_3_0_25/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0_25/source/nsswitch/pam_winbind.c 2007-02-05 15:28:11 UTC (rev 21153)
+++ branches/SAMBA_3_0_25/source/nsswitch/pam_winbind.c 2007-02-05 17:12:13 UTC (rev 21154)
@@ -465,6 +465,68 @@
}
/**
+ * Set string into the PAM stack.
+ *
+ * @param pamh PAM handle
+ * @param ctrl PAM winbind options.
+ * @param data_name Key name for pam_set_data.
+ * @param value String value.
+ *
+ * @return void.
+ */
+
+static void _pam_set_data_string(pam_handle_t *pamh, int ctrl, const char *data_name, const char *value)
+{
+ int ret;
+
+ if ( !data_name || !value || (strlen(data_name) == 0) || (strlen(value) == 0) ) {
+ return;
+ }
+
+ ret = pam_set_data(pamh, data_name, (void *)strdup(value), _pam_winbind_cleanup_func);
+ if (ret) {
+ _pam_log_debug(pamh, ctrl, LOG_DEBUG, "Could not set data %s: %s\n",
+ data_name, pam_strerror(pamh, ret));
+ }
+
+}
+
+/**
+ * Set info3 strings into the PAM stack.
+ *
+ * @param pamh PAM handle
+ * @param ctrl PAM winbind options.
+ * @param data_name Key name for pam_set_data.
+ * @param value String value.
+ *
+ * @return void.
+ */
+
+static void _pam_set_data_info3(pam_handle_t *pamh, int ctrl, struct winbindd_response *response)
+{
+ _pam_set_data_string(pamh, ctrl, PAM_WINBIND_HOMEDIR, response->data.auth.info3.home_dir);
+ _pam_set_data_string(pamh, ctrl, PAM_WINBIND_LOGONSCRIPT, response->data.auth.info3.logon_script);
+ _pam_set_data_string(pamh, ctrl, PAM_WINBIND_LOGONSERVER, response->data.auth.info3.logon_srv);
+ _pam_set_data_string(pamh, ctrl, PAM_WINBIND_PROFILEPATH, response->data.auth.info3.profile_path);
+}
+
+/**
+ * Free info3 strings in the PAM stack.
+ *
+ * @param pamh PAM handle
+ *
+ * @return void.
+ */
+
+static void _pam_free_data_info3(pam_handle_t *pamh)
+{
+ pam_set_data(pamh, PAM_WINBIND_HOMEDIR, NULL, NULL);
+ pam_set_data(pamh, PAM_WINBIND_LOGONSCRIPT, NULL, NULL);
+ pam_set_data(pamh, PAM_WINBIND_LOGONSERVER, NULL, NULL);
+ pam_set_data(pamh, PAM_WINBIND_PROFILEPATH, NULL, NULL);
+}
+
+/**
* Compose Password Restriction String for a PAM_ERROR_MSG conversation.
*
* @param response The struct winbindd_response.
@@ -712,43 +774,9 @@
"User %s logged on using cached account\n", user);
}
- /* save the CIFS homedir for pam_cifs / pam_mount */
- if (response.data.auth.info3.home_dir[0] != '\0') {
+ /* set some info3 info for other modules in the stack */
+ _pam_set_data_info3(pamh, ctrl, &response);
- int ret2 = pam_set_data(pamh, PAM_WINBIND_HOMEDIR,
- (void *) strdup(response.data.auth.info3.home_dir),
- _pam_winbind_cleanup_func);
- if (ret2) {
- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "Could not set data: %s",
- pam_strerror(pamh, ret2));
- }
-
- }
-
- /* save the logon script path for other PAM modules */
- if (response.data.auth.info3.logon_script[0] != '\0') {
-
- int ret2 = pam_set_data(pamh, PAM_WINBIND_LOGONSCRIPT,
- (void *) strdup(response.data.auth.info3.logon_script),
- _pam_winbind_cleanup_func);
- if (ret2) {
- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "Could not set data: %s",
- pam_strerror(pamh, ret2));
- }
- }
-
- /* save the profile path for other PAM modules */
- if (response.data.auth.info3.profile_path[0] != '\0') {
-
- int ret2 = pam_set_data(pamh, PAM_WINBIND_PROFILEPATH,
- (void *) strdup(response.data.auth.info3.profile_path),
- _pam_winbind_cleanup_func);
- if (ret2) {
- _pam_log_debug(pamh, ctrl, LOG_DEBUG, "Could not set data: %s",
- pam_strerror(pamh, ret2));
- }
- }
-
/* If winbindd returned a username, return the pointer to it here. */
if (user_ret && response.extra_data.data) {
/* We have to trust it's a null terminated string. */
@@ -1200,6 +1228,11 @@
if (d) {
iniparser_freedict(d);
}
+
+ if (retval != PAM_SUCCESS) {
+ _pam_free_data_info3(pamh);
+ }
+
return retval;
}
Modified: branches/SAMBA_3_0_25/source/nsswitch/pam_winbind.h
===================================================================
--- branches/SAMBA_3_0_25/source/nsswitch/pam_winbind.h 2007-02-05 15:28:11 UTC (rev 21153)
+++ branches/SAMBA_3_0_25/source/nsswitch/pam_winbind.h 2007-02-05 17:12:13 UTC (rev 21154)
@@ -100,6 +100,7 @@
#define PAM_WINBIND_NEW_AUTHTOK_REQD "PAM_WINBIND_NEW_AUTHTOK_REQD"
#define PAM_WINBIND_HOMEDIR "PAM_WINBIND_HOMEDIR"
#define PAM_WINBIND_LOGONSCRIPT "PAM_WINBIND_LOGONSCRIPT"
+#define PAM_WINBIND_LOGONSERVER "PAM_WINBIND_LOGONSERVER"
#define PAM_WINBIND_PROFILEPATH "PAM_WINBIND_PROFILEPATH"
#define PAM_WINBIND_PWD_LAST_SET "PAM_WINBIND_PWD_LAST_SET"
More information about the samba-cvs
mailing list