[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Fri Apr 23 15:42:17 MDT 2010


The branch, master has been updated
       via  328ca04... libwbclient: Test WBC_CHANGE_PASSWORD_LEVEL_RESPONSE
       via  7099a3c... s3: Allow pdb password change using WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP
       via  f43d182... s3: init_dc_connection() can't init for internal domains
       via  03115ef... libwbclient: Actually copy something in wbcChangeUserPasswordEx
       via  6eec46e... s3: replace some data_blob_talloc by data_blob_const
       via  7574347... libwbclient: Remove some pointless BAIL_ON_WBC_ERROR macro calls
       via  f2f0fed... s3: Convert WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP to the new async API
      from  168b86c... s3-smbd: group print relate data in own structure

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 328ca041e0bd2657b6f5c1e9ea57684da5b68312
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Apr 23 19:46:03 2010 +0200

    libwbclient: Test WBC_CHANGE_PASSWORD_LEVEL_RESPONSE

commit 7099a3c446aa7a4de42c7cffa9b409f319f0ec76
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Apr 23 19:44:05 2010 +0200

    s3: Allow pdb password change using WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP

commit f43d1827f389e458d9430bddac7344c8117515c1
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Apr 23 19:42:33 2010 +0200

    s3: init_dc_connection() can't init for internal domains
    
    This fixes a crash in winbindd_dual_pam_chng_pswd_auth_crap when given
    global_sam_name() in the domain field

commit 03115efae89c8c4f51dea1ce82613817bd9fcf5b
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Apr 23 19:41:29 2010 +0200

    libwbclient: Actually copy something in wbcChangeUserPasswordEx
    
    The length argument for memcpy was initialized to 0 and not initialized

commit 6eec46ec44480db77d16bbd3332b8b10306f64f0
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Apr 20 20:37:35 2010 +0200

    s3: replace some data_blob_talloc by data_blob_const

commit 7574347e68b258456179614d65ecb5549dfe97a5
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Apr 20 16:07:13 2010 +0200

    libwbclient: Remove some pointless BAIL_ON_WBC_ERROR macro calls

commit f2f0fed8aad21e09837f256e00bb38f33dc73e44
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Apr 20 11:11:19 2010 +0200

    s3: Convert WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP to the new async API

-----------------------------------------------------------------------

Summary of changes:
 nsswitch/libwbclient/tests/wbclient.c              |   80 ++++++++++++++++++-
 nsswitch/libwbclient/wbc_pam.c                     |   40 +++++-----
 source3/Makefile.in                                |    1 +
 source3/winbindd/winbindd.c                        |    7 +-
 source3/winbindd/winbindd_cm.c                     |    4 +
 source3/winbindd/winbindd_pam.c                    |   69 +++++------------
 ...h_crap.c => winbindd_pam_chng_pswd_auth_crap.c} |   64 ++++++++--------
 source3/winbindd/winbindd_proto.h                  |   10 ++-
 8 files changed, 162 insertions(+), 113 deletions(-)
 copy source3/winbindd/{winbindd_pam_auth_crap.c => winbindd_pam_chng_pswd_auth_crap.c} (59%)


Changeset truncated at 500 lines:

diff --git a/nsswitch/libwbclient/tests/wbclient.c b/nsswitch/libwbclient/tests/wbclient.c
index 5be1fad..f3f45be 100644
--- a/nsswitch/libwbclient/tests/wbclient.c
+++ b/nsswitch/libwbclient/tests/wbclient.c
@@ -17,12 +17,21 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#include "includes.h"
+#include "lib/replace/replace.h"
+#include "libcli/util/ntstatus.h"
+#include "libcli/util/werror.h"
+#include "lib/util/data_blob.h"
+#include "lib/util/time.h"
 #include "nsswitch/libwbclient/wbclient.h"
 #include "nsswitch/libwbclient/wbc_async.h"
 #include "torture/smbtorture.h"
 #include "torture/winbind/proto.h"
 #include "lib/util/util_net.h"
+#include "lib/util/charset/charset.h"
+#include "libcli/auth/libcli_auth.h"
+#include "source4/param/param.h"
+#include "lib/util/util.h"
+#include "lib/crypto/arcfour.h"
 
 #define WBC_ERROR_EQUAL(x,y) (x == y)
 
@@ -577,17 +586,78 @@ static bool test_wbc_authenticate_user(struct torture_context *tctx)
 static bool test_wbc_change_password(struct torture_context *tctx)
 {
 	wbcErr ret;
+	const char *oldpass = getenv("PASSWORD");
+	const char *newpass = "Koo8irei";
 
-	ret = wbcChangeUserPassword(getenv("USERNAME"), getenv("PASSWORD"),
-				    "passW0rd");
+	struct samr_CryptPassword new_nt_password;
+	struct samr_CryptPassword new_lm_password;
+	struct samr_Password old_nt_hash_enc;
+	struct samr_Password old_lanman_hash_enc;
+
+	uint8_t old_nt_hash[16];
+	uint8_t old_lanman_hash[16];
+	uint8_t new_nt_hash[16];
+	uint8_t new_lanman_hash[16];
+
+	struct wbcChangePasswordParams params;
+
+	ZERO_STRUCT(params);
+
+	E_md4hash(oldpass, old_nt_hash);
+	E_md4hash(newpass, new_nt_hash);
+
+	if (lp_client_lanman_auth(tctx->lp_ctx) &&
+	    E_deshash(newpass, new_lanman_hash) &&
+	    E_deshash(oldpass, old_lanman_hash)) {
+
+		/* E_deshash returns false for 'long' passwords (> 14
+		   DOS chars).  This allows us to match Win2k, which
+		   does not store a LM hash for these passwords (which
+		   would reduce the effective password length to 14) */
+
+		encode_pw_buffer(new_lm_password.data, newpass, STR_UNICODE);
+		arcfour_crypt(new_lm_password.data, old_nt_hash, 516);
+		E_old_pw_hash(new_nt_hash, old_lanman_hash,
+			      old_lanman_hash_enc.hash);
+
+		params.old_password.response.old_lm_hash_enc_length =
+			sizeof(old_lanman_hash_enc.hash);
+		params.old_password.response.old_lm_hash_enc_data =
+			old_lanman_hash_enc.hash;
+		params.new_password.response.lm_length =
+			sizeof(new_lm_password.data);
+		params.new_password.response.lm_data =
+			new_lm_password.data;
+	} else {
+		ZERO_STRUCT(new_lm_password);
+		ZERO_STRUCT(old_lanman_hash_enc);
+	}
+
+	encode_pw_buffer(new_nt_password.data, newpass, STR_UNICODE);
+
+	arcfour_crypt(new_nt_password.data, old_nt_hash, 516);
+	E_old_pw_hash(new_nt_hash, old_nt_hash, old_nt_hash_enc.hash);
+
+	params.old_password.response.old_nt_hash_enc_length =
+		sizeof(old_nt_hash_enc.hash);
+	params.old_password.response.old_nt_hash_enc_data =
+		old_nt_hash_enc.hash;
+	params.new_password.response.nt_length = sizeof(new_nt_password.data);
+	params.new_password.response.nt_data = new_nt_password.data;
+
+	params.level = WBC_CHANGE_PASSWORD_LEVEL_RESPONSE;
+	params.account_name = getenv("USERNAME");
+	params.domain_name = "SAMBA-TEST";
+
+	ret = wbcChangeUserPasswordEx(&params, NULL, NULL, NULL);
 	torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
 				 "wbcChangeUserPassword failed");
 
-	if (!test_wbc_authenticate_user_int(tctx, "passW0rd")) {
+	if (!test_wbc_authenticate_user_int(tctx, "Koo8irei")) {
 		return false;
 	}
 
-	ret = wbcChangeUserPassword(getenv("USERNAME"), "passW0rd",
+	ret = wbcChangeUserPassword(getenv("USERNAME"), "Koo8irei",
 				    getenv("PASSWORD"));
 	torture_assert_wbc_equal(tctx, ret, WBC_ERR_SUCCESS,
 				 "wbcChangeUserPassword failed");
diff --git a/nsswitch/libwbclient/wbc_pam.c b/nsswitch/libwbclient/wbc_pam.c
index f9e1e38..50524d2 100644
--- a/nsswitch/libwbclient/wbc_pam.c
+++ b/nsswitch/libwbclient/wbc_pam.c
@@ -791,7 +791,7 @@ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
 
 	if (!params->account_name) {
 		wbc_status = WBC_ERR_INVALID_PARAM;
-		BAIL_ON_WBC_ERROR(wbc_status);
+		goto done;
 	}
 
 	if (error) {
@@ -815,7 +815,7 @@ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
 
 		if (!params->account_name) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		strncpy(request.data.chauthtok.user, params->account_name,
@@ -839,55 +839,55 @@ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
 
 		if (!params->account_name || !params->domain_name) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		if (params->old_password.response.old_lm_hash_enc_length &&
 		    !params->old_password.response.old_lm_hash_enc_data) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		if (params->old_password.response.old_lm_hash_enc_length == 0 &&
 		    params->old_password.response.old_lm_hash_enc_data) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		if (params->old_password.response.old_nt_hash_enc_length &&
 		    !params->old_password.response.old_nt_hash_enc_data) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		if (params->old_password.response.old_nt_hash_enc_length == 0 &&
 		    params->old_password.response.old_nt_hash_enc_data) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		if (params->new_password.response.lm_length &&
 		    !params->new_password.response.lm_data) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		if (params->new_password.response.lm_length == 0 &&
 		    params->new_password.response.lm_data) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		if (params->new_password.response.nt_length &&
 		    !params->new_password.response.nt_data) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		if (params->new_password.response.nt_length == 0 &&
 		    params->new_password.response.nt_data) {
 			wbc_status = WBC_ERR_INVALID_PARAM;
-			BAIL_ON_WBC_ERROR(wbc_status);
+			goto done;
 		}
 
 		strncpy(request.data.chng_pswd_auth_crap.user,
@@ -899,41 +899,41 @@ wbcErr wbcChangeUserPasswordEx(const struct wbcChangePasswordParams *params,
 			sizeof(request.data.chng_pswd_auth_crap.domain) - 1);
 
 		if (params->new_password.response.nt_data) {
+			request.data.chng_pswd_auth_crap.new_nt_pswd_len =
+				params->new_password.response.nt_length;
 			memcpy(request.data.chng_pswd_auth_crap.new_nt_pswd,
 			       params->new_password.response.nt_data,
 			       request.data.chng_pswd_auth_crap.new_nt_pswd_len);
-			request.data.chng_pswd_auth_crap.new_nt_pswd_len =
-				params->new_password.response.nt_length;
 		}
 
 		if (params->new_password.response.lm_data) {
+			request.data.chng_pswd_auth_crap.new_lm_pswd_len =
+				params->new_password.response.lm_length;
 			memcpy(request.data.chng_pswd_auth_crap.new_lm_pswd,
 			       params->new_password.response.lm_data,
 			       request.data.chng_pswd_auth_crap.new_lm_pswd_len);
-			request.data.chng_pswd_auth_crap.new_lm_pswd_len =
-				params->new_password.response.lm_length;
 		}
 
 		if (params->old_password.response.old_nt_hash_enc_data) {
+			request.data.chng_pswd_auth_crap.old_nt_hash_enc_len =
+				params->old_password.response.old_nt_hash_enc_length;
 			memcpy(request.data.chng_pswd_auth_crap.old_nt_hash_enc,
 			       params->old_password.response.old_nt_hash_enc_data,
 			       request.data.chng_pswd_auth_crap.old_nt_hash_enc_len);
-			request.data.chng_pswd_auth_crap.old_nt_hash_enc_len =
-				params->old_password.response.old_nt_hash_enc_length;
 		}
 
 		if (params->old_password.response.old_lm_hash_enc_data) {
+			request.data.chng_pswd_auth_crap.old_lm_hash_enc_len =
+				params->old_password.response.old_lm_hash_enc_length;
 			memcpy(request.data.chng_pswd_auth_crap.old_lm_hash_enc,
 			       params->old_password.response.old_lm_hash_enc_data,
 			       request.data.chng_pswd_auth_crap.old_lm_hash_enc_len);
-			request.data.chng_pswd_auth_crap.old_lm_hash_enc_len =
-				params->old_password.response.old_lm_hash_enc_length;
 		}
 
 		break;
 	default:
 		wbc_status = WBC_ERR_INVALID_PARAM;
-		BAIL_ON_WBC_ERROR(wbc_status);
+		goto done;
 		break;
 	}
 
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 78c81c4..5551ee4 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -1242,6 +1242,7 @@ WINBINDD_OBJ1 = \
 		winbindd/winbindd_pam_auth.o \
 		winbindd/winbindd_pam_auth_crap.o \
 		winbindd/winbindd_pam_chauthtok.o \
+		winbindd/winbindd_pam_chng_pswd_auth_crap.o \
 		winbindd/winbindd_pam_logoff.o \
 		auth/token_util.o \
 		auth/check_samsec.o \
diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c
index 3bd2ad7..4d00269 100644
--- a/source3/winbindd/winbindd.c
+++ b/source3/winbindd/winbindd.c
@@ -442,10 +442,6 @@ static struct winbindd_dispatch_table {
 	const char *winbindd_cmd_name;
 } dispatch_table[] = {
 
-	/* PAM auth functions */
-
-	{ WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP, winbindd_pam_chng_pswd_auth_crap, "CHNG_PSWD_AUTH_CRAP" },
-
 	/* Enumeration functions */
 
 	{ WINBINDD_LIST_TRUSTDOM, winbindd_list_trusted_domains,
@@ -554,6 +550,9 @@ static struct winbindd_async_dispatch_table async_nonpriv_table[] = {
 	  winbindd_pam_logoff_send, winbindd_pam_logoff_recv },
 	{ WINBINDD_PAM_CHAUTHTOK, "PAM_CHAUTHTOK",
 	  winbindd_pam_chauthtok_send, winbindd_pam_chauthtok_recv },
+	{ WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP, "PAM_CHNG_PSWD_AUTH_CRAP",
+	  winbindd_pam_chng_pswd_auth_crap_send,
+	  winbindd_pam_chng_pswd_auth_crap_recv },
 
 	{ 0, NULL, NULL, NULL }
 };
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index c013fae..8a1456f 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1665,6 +1665,10 @@ static NTSTATUS init_dc_connection_network(struct winbindd_domain *domain)
 
 NTSTATUS init_dc_connection(struct winbindd_domain *domain)
 {
+	if (domain->internal) {
+		return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+	}
+
 	if (domain->initialized && !domain->online) {
 		/* We check for online status elsewhere. */
 		return NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 3f350e3..aea2a2a 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -2127,48 +2127,6 @@ process_result:
 
 /* Change user password with auth crap*/
 
-void winbindd_pam_chng_pswd_auth_crap(struct winbindd_cli_state *state)
-{
-	struct winbindd_domain *domain = NULL;
-	const char *domain_name = NULL;
-
-	/* Ensure null termination */
-	state->request->data.chng_pswd_auth_crap.user[
-		sizeof(state->request->data.chng_pswd_auth_crap.user)-1]=0;
-	state->request->data.chng_pswd_auth_crap.domain[
-		sizeof(state->request->data.chng_pswd_auth_crap.domain)-1]=0;
-
-	DEBUG(3, ("[%5lu]: pam change pswd auth crap domain: %s user: %s\n",
-		  (unsigned long)state->pid,
-		  state->request->data.chng_pswd_auth_crap.domain,
-		  state->request->data.chng_pswd_auth_crap.user));
-
-	if (*state->request->data.chng_pswd_auth_crap.domain != '\0') {
-		domain_name = state->request->data.chng_pswd_auth_crap.domain;
-	} else if (lp_winbind_use_default_domain()) {
-		domain_name = lp_workgroup();
-	}
-
-	if (domain_name != NULL)
-		domain = find_domain_from_name(domain_name);
-
-	if (domain != NULL) {
-		DEBUG(7, ("[%5lu]: pam auth crap changing pswd in domain: "
-			  "%s\n", (unsigned long)state->pid,domain->name));
-		sendto_domain(state, domain);
-		return;
-	}
-
-	set_auth_errors(state->response, NT_STATUS_NO_SUCH_USER);
-	DEBUG(5, ("CRAP change password  for %s\\%s returned %s (PAM: %d)\n",
-		  state->request->data.chng_pswd_auth_crap.domain,
-		  state->request->data.chng_pswd_auth_crap.user,
-		  state->response->data.auth.nt_status_string,
-		  state->response->data.auth.pam_error));
-	request_error(state);
-	return;
-}
-
 enum winbindd_result winbindd_dual_pam_chng_pswd_auth_crap(struct winbindd_domain *domainSt, struct winbindd_cli_state *state)
 {
 	NTSTATUS result;
@@ -2227,25 +2185,36 @@ enum winbindd_result winbindd_dual_pam_chng_pswd_auth_crap(struct winbindd_domai
 	DEBUG(3, ("[%5lu]: pam auth crap domain: %s user: %s\n",
 		  (unsigned long)state->pid, domain, user));
 
+	if (strequal(domain, get_global_sam_name())) {
+		enum samPwdChangeReason reject_reason;
+
+		result = pass_oem_change(
+			user,
+			state->request->data.chng_pswd_auth_crap.new_lm_pswd,
+			state->request->data.chng_pswd_auth_crap.old_lm_hash_enc,
+			state->request->data.chng_pswd_auth_crap.new_nt_pswd,
+			state->request->data.chng_pswd_auth_crap.old_nt_hash_enc,
+			&reject_reason);
+		DEBUG(10, ("pass_oem_change returned %s\n",
+			   nt_errstr(result)));
+		goto done;
+	}
+
 	/* Change password */
-	new_nt_password = data_blob_talloc(
-		state->mem_ctx,
+	new_nt_password = data_blob_const(
 		state->request->data.chng_pswd_auth_crap.new_nt_pswd,
 		state->request->data.chng_pswd_auth_crap.new_nt_pswd_len);
 
-	old_nt_hash_enc = data_blob_talloc(
-		state->mem_ctx,
+	old_nt_hash_enc = data_blob_const(
 		state->request->data.chng_pswd_auth_crap.old_nt_hash_enc,
 		state->request->data.chng_pswd_auth_crap.old_nt_hash_enc_len);
 
 	if(state->request->data.chng_pswd_auth_crap.new_lm_pswd_len > 0)	{
-		new_lm_password = data_blob_talloc(
-			state->mem_ctx,
+		new_lm_password = data_blob_const(
 			state->request->data.chng_pswd_auth_crap.new_lm_pswd,
 			state->request->data.chng_pswd_auth_crap.new_lm_pswd_len);
 
-		old_lm_hash_enc = data_blob_talloc(
-			state->mem_ctx,
+		old_lm_hash_enc = data_blob_const(
 			state->request->data.chng_pswd_auth_crap.old_lm_hash_enc,
 			state->request->data.chng_pswd_auth_crap.old_lm_hash_enc_len);
 	} else {
diff --git a/source3/winbindd/winbindd_pam_auth_crap.c b/source3/winbindd/winbindd_pam_chng_pswd_auth_crap.c
similarity index 59%
copy from source3/winbindd/winbindd_pam_auth_crap.c
copy to source3/winbindd/winbindd_pam_chng_pswd_auth_crap.c
index dc2dc3e..9133a91 100644
--- a/source3/winbindd/winbindd_pam_auth_crap.c
+++ b/source3/winbindd/winbindd_pam_chng_pswd_auth_crap.c
@@ -1,6 +1,6 @@
 /*
    Unix SMB/CIFS implementation.
-   async implementation of WINBINDD_PAM_AUTH_CRAP
+   async implementation of WINBINDD_PAM_CHNG_PSWD_AUTH_CRAP
    Copyright (C) Volker Lendecke 2010
 
    This program is free software; you can redistribute it and/or modify
@@ -20,57 +20,52 @@
 #include "includes.h"
 #include "winbindd.h"
 
-struct winbindd_pam_auth_crap_state {
+struct winbindd_pam_chng_pswd_auth_crap_state {
+	struct winbindd_request *request;
 	struct winbindd_response *response;
 };
 
-static void winbindd_pam_auth_crap_done(struct tevent_req *subreq);
+static void winbindd_pam_chng_pswd_auth_crap_done(struct tevent_req *subreq);
 
-struct tevent_req *winbindd_pam_auth_crap_send(
+struct tevent_req *winbindd_pam_chng_pswd_auth_crap_send(
 	TALLOC_CTX *mem_ctx,
 	struct tevent_context *ev,
 	struct winbindd_cli_state *cli,
 	struct winbindd_request *request)
 {
 	struct tevent_req *req, *subreq;
-	struct winbindd_pam_auth_crap_state *state;
+	struct winbindd_pam_chng_pswd_auth_crap_state *state;
 	struct winbindd_domain *domain;
 	const char *domain_name;
 
 	req = tevent_req_create(mem_ctx, &state,
-				struct winbindd_pam_auth_crap_state);
+				struct winbindd_pam_chng_pswd_auth_crap_state);
 	if (req == NULL) {
 		return NULL;
 	}
+	state->request = request;
 
 	/* Ensure null termination */
-	request->data.auth_crap.user[
-		sizeof(request->data.auth_crap.user)-1] = '\0';
-	request->data.auth_crap.domain[
-		sizeof(request->data.auth_crap.domain)-1] = '\0';
+	request->data.chng_pswd_auth_crap.user[
+		sizeof(request->data.chng_pswd_auth_crap.user)-1]='\0';
+	request->data.chng_pswd_auth_crap.domain[
+		sizeof(request->data.chng_pswd_auth_crap.domain)-1]=0;
 
-	DEBUG(3, ("[%5lu]: pam auth crap domain: [%s] user: %s\n",
+	DEBUG(3, ("[%5lu]: pam change pswd auth crap domain: %s user: %s\n",
 		  (unsigned long)cli->pid,
-		  request->data.auth_crap.domain,
-		  request->data.auth_crap.user));
-
-	if (!check_request_flags(request->flags)) {
-		tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX);
-		return tevent_req_post(req, ev);
-	}
+		  request->data.chng_pswd_auth_crap.domain,
+		  request->data.chng_pswd_auth_crap.user));
 
 	domain_name = NULL;
-
-	if (request->data.auth_crap.domain[0] != '\0') {
-		domain_name = request->data.auth_crap.domain;
+	if (*state->request->data.chng_pswd_auth_crap.domain != '\0') {
+		domain_name = state->request->data.chng_pswd_auth_crap.domain;
 	} else if (lp_winbind_use_default_domain()) {
 		domain_name = lp_workgroup();
 	}
 
 	domain = NULL;
-
 	if (domain_name != NULL) {
-		domain = find_auth_domain(request->flags, domain_name);
+		domain = find_domain_from_name(domain_name);
 	}
 
 	if (domain == NULL) {
@@ -78,21 +73,22 @@ struct tevent_req *winbindd_pam_auth_crap_send(
 		return tevent_req_post(req, ev);
 	}
 
-	subreq = wb_domain_request_send(state, winbind_event_context(), domain,
-					request);
+	subreq = wb_domain_request_send(state, winbind_event_context(),
+					domain, request);
 	if (tevent_req_nomem(subreq, req)) {
 		return tevent_req_post(req, ev);
 	}
-	tevent_req_set_callback(subreq, winbindd_pam_auth_crap_done, req);


-- 
Samba Shared Repository


More information about the samba-cvs mailing list