[SCM] Samba Shared Repository - branch v3-3-stable updated -
release-3-2-0pre2-3816-gdd1357c
Karolin Seeger
kseeger at samba.org
Mon Aug 25 13:41:32 GMT 2008
The branch, v3-3-stable has been updated
via dd1357cb2ab3957da4be1c7429b604b7d68840a2 (commit)
via f6b5a6e819e8f2b21aebe1eedddfac8b03a5ee4a (commit)
via 457afede50b4a039e1afcfeffbebca20a0f4f4d5 (commit)
via 39e375d606790f246745b4795a2dbcf8617fbc38 (commit)
from 07dece84fbff76de2278605e254089b6f7a18163 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-stable
- Log -----------------------------------------------------------------
commit dd1357cb2ab3957da4be1c7429b604b7d68840a2
Author: Günther Deschner <gd at samba.org>
Date: Mon Aug 25 13:03:15 2008 +0200
winbindd: use set_auth_errors() in winbindd_dual_check_machine_acct as well.
Guenther
(cherry picked from commit bb9c59e892cc9d3047bde89a15cc341e2bd21bc5)
(cherry picked from commit fba93f94761203163b3e3811fc3fcbeec576d30b)
commit f6b5a6e819e8f2b21aebe1eedddfac8b03a5ee4a
Author: Günther Deschner <gd at samba.org>
Date: Mon Aug 25 13:15:41 2008 +0200
winbindd: move set_auth_errors to util functions.
Guenther
(cherry picked from commit ae3fa60c4546c7420722d8f422c22bbfd623ff5b)
(cherry picked from commit 84215f1c0ebfc1e613f4255ce9bdf941ae688adb)
commit 457afede50b4a039e1afcfeffbebca20a0f4f4d5
Author: Günther Deschner <gd at samba.org>
Date: Mon Aug 25 11:36:56 2008 +0200
auth: Fix build warning.
Guenther
(cherry picked from commit 4661ef625a6522d6f859b83e3e3702f01d0b952f)
(cherry picked from commit 60649a74cdf2594bc89c301025f86d23caba91c2)
commit 39e375d606790f246745b4795a2dbcf8617fbc38
Author: Günther Deschner <gd at samba.org>
Date: Fri Aug 22 00:20:46 2008 +0200
rpc_server: make it a little more obvious what flags we send to a client.
Guenther
(cherry picked from commit f3791e03ab09cadb1f54e32e67f4dfb3cf42e708)
(cherry picked from commit 14e022b95140441850f7ef4bded8ee82deae2d6f)
-----------------------------------------------------------------------
Summary of changes:
source/auth/pampass.c | 5 +++--
source/rpc_server/srv_netlog_nt.c | 11 ++++++++++-
source/winbindd/winbindd_misc.c | 5 +----
source/winbindd/winbindd_pam.c | 12 ------------
source/winbindd/winbindd_proto.h | 1 +
source/winbindd/winbindd_util.c | 12 ++++++++++++
6 files changed, 27 insertions(+), 19 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/auth/pampass.c b/source/auth/pampass.c
index 58921bd..9345eed 100644
--- a/source/auth/pampass.c
+++ b/source/auth/pampass.c
@@ -63,6 +63,7 @@ typedef int (*smb_pam_conv_fn)(int, const struct pam_message **, struct pam_resp
* Macros to help make life easy
*/
#define COPY_STRING(s) (s) ? SMB_STRDUP(s) : NULL
+#define COPY_FSTRING(s) (s[0]) ? SMB_STRDUP(s) : NULL
/*******************************************************************
PAM error handler.
@@ -327,7 +328,7 @@ static int smb_pam_passchange_conv(int num_msg,
DEBUG(100,("smb_pam_passchange_conv: PAM_PROMPT_ECHO_ON: We actualy sent: %s\n", current_reply));
#endif
reply[replies].resp_retcode = PAM_SUCCESS;
- reply[replies].resp = COPY_STRING(current_reply);
+ reply[replies].resp = COPY_FSTRING(current_reply);
found = True;
break;
}
@@ -355,7 +356,7 @@ static int smb_pam_passchange_conv(int num_msg,
DEBUG(10,("smb_pam_passchange_conv: PAM_PROMPT_ECHO_OFF: We sent: %s\n", current_reply));
pwd_sub(current_reply, udp->PAM_username, udp->PAM_password, udp->PAM_newpassword);
reply[replies].resp_retcode = PAM_SUCCESS;
- reply[replies].resp = COPY_STRING(current_reply);
+ reply[replies].resp = COPY_FSTRING(current_reply);
#ifdef DEBUG_PASSWORD
DEBUG(100,("smb_pam_passchange_conv: PAM_PROMPT_ECHO_OFF: We actualy sent: %s\n", current_reply));
#endif
diff --git a/source/rpc_server/srv_netlog_nt.c b/source/rpc_server/srv_netlog_nt.c
index 7ece482..4e211cf 100644
--- a/source/rpc_server/srv_netlog_nt.c
+++ b/source/rpc_server/srv_netlog_nt.c
@@ -521,7 +521,16 @@ NTSTATUS _netr_ServerAuthenticate2(pipes_struct *p,
return NT_STATUS_ACCESS_DENIED;
}
- srv_flgs = 0x000001ff;
+ /* 0x000001ff */
+ srv_flgs = NETLOGON_NEG_ACCOUNT_LOCKOUT |
+ NETLOGON_NEG_PERSISTENT_SAMREPL |
+ NETLOGON_NEG_ARCFOUR |
+ NETLOGON_NEG_PROMOTION_COUNT |
+ NETLOGON_NEG_CHANGELOG_BDC |
+ NETLOGON_NEG_FULL_SYNC_REPL |
+ NETLOGON_NEG_MULTIPLE_SIDS |
+ NETLOGON_NEG_REDO |
+ NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL;
if (lp_server_schannel() != false) {
srv_flgs |= NETLOGON_NEG_SCHANNEL;
diff --git a/source/winbindd/winbindd_misc.c b/source/winbindd/winbindd_misc.c
index 01a4054..50936c0 100644
--- a/source/winbindd/winbindd_misc.c
+++ b/source/winbindd/winbindd_misc.c
@@ -86,10 +86,7 @@ enum winbindd_result winbindd_dual_check_machine_acct(struct winbindd_domain *do
"good" : "bad"));
done:
- state->response.data.auth.nt_status = NT_STATUS_V(result);
- fstrcpy(state->response.data.auth.nt_status_string, nt_errstr(result));
- fstrcpy(state->response.data.auth.error_string, nt_errstr(result));
- state->response.data.auth.pam_error = nt_status_to_pam(result);
+ set_auth_errors(&state->response, result);
DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2, ("Checking the trust account password returned %s\n",
state->response.data.auth.nt_status_string));
diff --git a/source/winbindd/winbindd_pam.c b/source/winbindd/winbindd_pam.c
index 4beef85..a7911f6 100644
--- a/source/winbindd/winbindd_pam.c
+++ b/source/winbindd/winbindd_pam.c
@@ -381,18 +381,6 @@ struct winbindd_domain *find_auth_domain(struct winbindd_cli_state *state,
return find_our_domain();
}
-static void set_auth_errors(struct winbindd_response *resp, NTSTATUS result)
-{
- resp->data.auth.nt_status = NT_STATUS_V(result);
- fstrcpy(resp->data.auth.nt_status_string, nt_errstr(result));
-
- /* we might have given a more useful error above */
- if (*resp->data.auth.error_string == '\0')
- fstrcpy(resp->data.auth.error_string,
- get_friendly_nt_error_msg(result));
- resp->data.auth.pam_error = nt_status_to_pam(result);
-}
-
static void fill_in_password_policy(struct winbindd_response *r,
const struct samr_DomInfo1 *p)
{
diff --git a/source/winbindd/winbindd_proto.h b/source/winbindd/winbindd_proto.h
index 0e0db3e..c5b7b07 100644
--- a/source/winbindd/winbindd_proto.h
+++ b/source/winbindd/winbindd_proto.h
@@ -590,6 +590,7 @@ void winbindd_set_locator_kdc_envs(const struct winbindd_domain *domain);
void winbindd_unset_locator_kdc_env(const struct winbindd_domain *domain);
void winbindd_set_locator_kdc_envs(const struct winbindd_domain *domain);
void winbindd_unset_locator_kdc_env(const struct winbindd_domain *domain);
+void set_auth_errors(struct winbindd_response *resp, NTSTATUS result);
/* The following definitions come from winbindd/winbindd_wins.c */
diff --git a/source/winbindd/winbindd_util.c b/source/winbindd/winbindd_util.c
index 4668d37..83c5053 100644
--- a/source/winbindd/winbindd_util.c
+++ b/source/winbindd/winbindd_util.c
@@ -1544,3 +1544,15 @@ void winbindd_unset_locator_kdc_env(const struct winbindd_domain *domain)
}
#endif /* HAVE_KRB5_LOCATE_PLUGIN_H */
+
+void set_auth_errors(struct winbindd_response *resp, NTSTATUS result)
+{
+ resp->data.auth.nt_status = NT_STATUS_V(result);
+ fstrcpy(resp->data.auth.nt_status_string, nt_errstr(result));
+
+ /* we might have given a more useful error above */
+ if (*resp->data.auth.error_string == '\0')
+ fstrcpy(resp->data.auth.error_string,
+ get_friendly_nt_error_msg(result));
+ resp->data.auth.pam_error = nt_status_to_pam(result);
+}
--
Samba Shared Repository
More information about the samba-cvs
mailing list