[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-1772-g1950e18
Günther Deschner
gd at samba.org
Mon May 25 11:53:07 GMT 2009
The branch, master has been updated
via 1950e180caf707346300b83021624d586cc3776d (commit)
via 86d087fccc30a82cb1fe3a71d0353634496e72c4 (commit)
from 2d689ad9fc6ff86c70db24c5d57429ddfd0a948e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1950e180caf707346300b83021624d586cc3776d
Author: Günther Deschner <gd at samba.org>
Date: Fri May 22 17:56:37 2009 +0200
s3-pamsmbpass: copy _pam_get_item and _pam_get_data from pam_winbind.
Guenther
commit 86d087fccc30a82cb1fe3a71d0353634496e72c4
Author: Günther Deschner <gd at samba.org>
Date: Fri May 22 16:48:01 2009 +0200
s3-rpcclient: use get_domain_handle() fn in enum domain users & groups.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/pam_smbpass/pam_smb_auth.c | 4 +-
source3/pam_smbpass/pam_smb_passwd.c | 8 +++---
source3/pam_smbpass/support.c | 38 +++++++++++++++++++++++++--------
source3/pam_smbpass/support.h | 7 ++++++
source3/rpcclient/cmd_samr.c | 22 +++++++++----------
5 files changed, 52 insertions(+), 27 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c
index 3dceb52..b5a6a47 100644
--- a/source3/pam_smbpass/pam_smb_auth.c
+++ b/source3/pam_smbpass/pam_smb_auth.c
@@ -179,7 +179,7 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags,
retval = PAM_SUCCESS;
- pam_get_data(pamh, "smb_setcred_return", (const void **) &pretval);
+ _pam_get_data(pamh, "smb_setcred_return", &pretval);
if(pretval) {
retval = *pretval;
SAFE_FREE(pretval);
@@ -199,7 +199,7 @@ static int _smb_add_user(pam_handle_t *pamh, unsigned int ctrl,
int retval;
/* Get the authtok; if we don't have one, silently fail. */
- retval = pam_get_item( pamh, PAM_AUTHTOK, (const void **) &pass );
+ retval = _pam_get_item( pamh, PAM_AUTHTOK, &pass );
if (retval != PAM_SUCCESS) {
_log_err( LOG_ALERT
diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c
index b6de43f..dce6e01 100644
--- a/source3/pam_smbpass/pam_smb_passwd.c
+++ b/source3/pam_smbpass/pam_smb_passwd.c
@@ -229,11 +229,11 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
*/
if (off( SMB_NOT_SET_PASS, ctrl )) {
- retval = pam_get_item( pamh, PAM_OLDAUTHTOK,
- (const void **)&pass_old );
+ retval = _pam_get_item( pamh, PAM_OLDAUTHTOK,
+ &pass_old );
} else {
- retval = pam_get_data( pamh, _SMB_OLD_AUTHTOK,
- (const void **)&pass_old );
+ retval = _pam_get_data( pamh, _SMB_OLD_AUTHTOK,
+ &pass_old );
if (retval == PAM_NO_MODULE_DATA) {
pass_old = NULL;
retval = PAM_SUCCESS;
diff --git a/source3/pam_smbpass/support.c b/source3/pam_smbpass/support.c
index 1e66f40..b6cf3a8 100644
--- a/source3/pam_smbpass/support.c
+++ b/source3/pam_smbpass/support.c
@@ -85,7 +85,7 @@ int converse( pam_handle_t * pamh, int ctrl, int nargs
int retval;
struct pam_conv *conv;
- retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv);
+ retval = _pam_get_item(pamh, PAM_CONV, &conv);
if (retval == PAM_SUCCESS) {
retval = conv->conv(nargs, (const struct pam_message **) message
@@ -278,7 +278,7 @@ void _cleanup_failures( pam_handle_t * pamh, void *fl, int err )
/* log the number of authentication failures */
if (failure->count != 0) {
- pam_get_item( pamh, PAM_SERVICE, (const void **) &service );
+ _pam_get_item( pamh, PAM_SERVICE, &service );
_log_err( LOG_NOTICE
, "%d authentication %s "
"from %s for service %s as %s(%d)"
@@ -334,7 +334,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
} else {
const char *service;
- pam_get_item( pamh, PAM_SERVICE, (const void **)&service );
+ _pam_get_item( pamh, PAM_SERVICE, &service );
_log_err( LOG_NOTICE, "failed auth request by %s for service %s as %s",
uidtoname(getuid()), service ? service : "**unknown**", name);
return PAM_AUTH_ERR;
@@ -369,7 +369,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
const char *service;
- pam_get_item( pamh, PAM_SERVICE, (const void **)&service );
+ _pam_get_item( pamh, PAM_SERVICE, &service );
if (data_name != NULL) {
struct _pam_failed_auth *newauth = NULL;
@@ -382,7 +382,7 @@ int _smb_verify_password( pam_handle_t * pamh, struct samu *sampass,
if (newauth != NULL) {
/* any previous failures for this user ? */
- pam_get_data(pamh, data_name, (const void **) &old);
+ _pam_get_data(pamh, data_name, &old);
if (old != NULL) {
newauth->count = old->count + 1;
@@ -487,7 +487,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
/* should we obtain the password from a PAM item ? */
if (on(SMB_TRY_FIRST_PASS, ctrl) || on(SMB_USE_FIRST_PASS, ctrl)) {
- retval = pam_get_item( pamh, authtok_flag, (const void **) &item );
+ retval = _pam_get_item( pamh, authtok_flag, &item );
if (retval != PAM_SUCCESS) {
/* very strange. */
_log_err( LOG_ALERT
@@ -580,8 +580,8 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
retval = pam_set_item( pamh, authtok_flag, (const void *)token );
_pam_delete( token ); /* clean it up */
if (retval != PAM_SUCCESS
- || (retval = pam_get_item( pamh, authtok_flag
- ,(const void **)&item )) != PAM_SUCCESS)
+ || (retval = _pam_get_item( pamh, authtok_flag
+ ,&item )) != PAM_SUCCESS)
{
_log_err( LOG_CRIT, "error manipulating password" );
return retval;
@@ -594,7 +594,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
retval = pam_set_data( pamh, data_name, (void *) token, _cleanup );
if (retval != PAM_SUCCESS
- || (retval = pam_get_data( pamh, data_name, (const void **)&item ))
+ || (retval = _pam_get_data( pamh, data_name, &item ))
!= PAM_SUCCESS)
{
_log_err( LOG_CRIT, "error manipulating password data [%s]"
@@ -632,3 +632,23 @@ int _pam_smb_approve_pass(pam_handle_t * pamh,
return PAM_SUCCESS;
}
+
+/*
+ * Work around the pam API that has functions with void ** as parameters
+ * These lead to strict aliasing warnings with gcc.
+ */
+int _pam_get_item(const pam_handle_t *pamh,
+ int item_type,
+ const void *_item)
+{
+ const void **item = (const void **)_item;
+ return pam_get_item(pamh, item_type, item);
+}
+
+int _pam_get_data(const pam_handle_t *pamh,
+ const char *module_data_name,
+ const void *_data)
+{
+ const void **data = (const void **)_data;
+ return pam_get_data(pamh, module_data_name, data);
+}
diff --git a/source3/pam_smbpass/support.h b/source3/pam_smbpass/support.h
index 5ac48c3..87f1690 100644
--- a/source3/pam_smbpass/support.h
+++ b/source3/pam_smbpass/support.h
@@ -48,3 +48,10 @@ extern int _smb_read_password( pam_handle_t *, unsigned int, const char*,
extern int _pam_smb_approve_pass(pam_handle_t *, unsigned int, const char *,
const char *);
+
+int _pam_get_item(const pam_handle_t *pamh,
+ int item_type,
+ const void *_item);
+int _pam_get_data(const pam_handle_t *pamh,
+ const char *module_data_name,
+ const void *_data);
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 96484f0..e074544 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -813,12 +813,11 @@ static NTSTATUS cmd_samr_enum_dom_users(struct rpc_pipe_client *cli,
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- access_mask,
- &domain_sid,
- &domain_pol);
-
+ result = get_domain_handle(cli, mem_ctx, "domain",
+ &connect_pol,
+ access_mask,
+ &domain_sid,
+ &domain_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
@@ -888,12 +887,11 @@ static NTSTATUS cmd_samr_enum_dom_groups(struct rpc_pipe_client *cli,
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(cli, mem_ctx,
- &connect_pol,
- access_mask,
- &domain_sid,
- &domain_pol);
-
+ result = get_domain_handle(cli, mem_ctx, "domain",
+ &connect_pol,
+ access_mask,
+ &domain_sid,
+ &domain_pol);
if (!NT_STATUS_IS_OK(result))
goto done;
--
Samba Shared Repository
More information about the samba-cvs
mailing list