[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Fri Aug 27 14:00:05 MDT 2010 

The branch, master has been updated
       via  9322fa4 s3: Lift smbd_server_fd() from smb_pam_passcheck
       via  26ee305 s3: Lift smbd_server_fd() from smb_pam_start
      from  619c348 s3: Pass "private_data" through string_combinations()

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 9322fa4077a9c15c9b5431ac2369b50bfffbb73d
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 21 14:41:01 2010 +0200

    s3: Lift smbd_server_fd() from smb_pam_passcheck

commit 26ee30585dbffd7e887c48ddf0900fe0afd90e47
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 21 14:38:11 2010 +0200

    s3: Lift smbd_server_fd() from smb_pam_start
    
    smb_pam_passcheck() is the only caller that fills in NULL, all other callers
    now properly fill rhost

-----------------------------------------------------------------------

Summary of changes:
 source3/auth/pampass.c    |   22 +++++-----------------
 source3/auth/pass_check.c |    9 ++++++++-
 source3/include/proto.h   |    3 ++-
 3 files changed, 15 insertions(+), 19 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c
index 9d5b9f5..7c09c16 100644
--- a/source3/auth/pampass.c
+++ b/source3/auth/pampass.c
@@ -479,10 +479,6 @@ static bool smb_pam_end(pam_handle_t *pamh, struct pam_conv *smb_pam_conv_ptr)
 static bool smb_pam_start(pam_handle_t **pamh, const char *user, const char *rhost, struct pam_conv *pconv)
 {
 	int pam_error;
-#if HAVE_PAM_RHOST
-	const char *our_rhost;
-	char addr[INET6_ADDRSTRLEN];
-#endif
 
 	*pamh = (pam_handle_t *)NULL;
 
@@ -495,17 +491,8 @@ static bool smb_pam_start(pam_handle_t **pamh, const char *user, const char *rho
 	}
 
 #if HAVE_PAM_RHOST
-	if (rhost == NULL) {
-		our_rhost = client_name(smbd_server_fd());
-		if (strequal(our_rhost,"UNKNOWN"))
-			our_rhost = client_addr(smbd_server_fd(), addr,
-						sizeof(addr));
-	} else {
-		our_rhost = rhost;
-	}
-
-	DEBUG(4,("smb_pam_start: PAM: setting rhost to: %s\n", our_rhost));
-	pam_error = pam_set_item(*pamh, PAM_RHOST, our_rhost);
+	DEBUG(4,("smb_pam_start: PAM: setting rhost to: %s\n", rhost));
+	pam_error = pam_set_item(*pamh, PAM_RHOST, rhost);
 	if(!smb_pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
 		smb_pam_end(*pamh, pconv);
 		*pamh = (pam_handle_t *)NULL;
@@ -819,7 +806,8 @@ NTSTATUS smb_pam_accountcheck(const char *user, const char *rhost)
  * PAM Password Validation Suite
  */
 
-NTSTATUS smb_pam_passcheck(const char * user, const char * password)
+NTSTATUS smb_pam_passcheck(const char * user, const char * password,
+			   const char * rhost)
 {
 	pam_handle_t *pamh = NULL;
 	NTSTATUS nt_status = NT_STATUS_LOGON_FAILURE;
@@ -834,7 +822,7 @@ NTSTATUS smb_pam_passcheck(const char * user, const char * password)
 	if ((pconv = smb_setup_pam_conv(smb_pam_conv, user, password, NULL)) == NULL)
 		return NT_STATUS_LOGON_FAILURE;
 
-	if (!smb_pam_start(&pamh, user, NULL, pconv))
+	if (!smb_pam_start(&pamh, user, rhost, pconv))
 		return NT_STATUS_LOGON_FAILURE;
 
 	if (!NT_STATUS_IS_OK(nt_status = smb_pam_auth(pamh, user))) {
diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c
index 5943761..a4bc6b5 100644
--- a/source3/auth/pass_check.c
+++ b/source3/auth/pass_check.c
@@ -553,7 +553,14 @@ core of password checking routine
 static NTSTATUS password_check(const char *password, void *private_data)
 {
 #ifdef WITH_PAM
-	return smb_pam_passcheck(get_this_user(), password);
+	const char *rhost;
+	char addr[INET6_ADDRSTRLEN];
+
+	rhost = client_name(smbd_server_fd());
+	if (strequal(rhost,"UNKNOWN"))
+		rhost = client_addr(smbd_server_fd(), addr, sizeof(addr));
+
+	return smb_pam_passcheck(get_this_user(), rhost, password);
 #else
 
 	bool ret;
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 1cafe9b..7d16559 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -222,7 +222,8 @@ NTSTATUS auth_wbc_init(void);
 bool smb_pam_claim_session(char *user, char *tty, char *rhost);
 bool smb_pam_close_session(char *user, char *tty, char *rhost);
 NTSTATUS smb_pam_accountcheck(const char *user, const char *rhost);
-NTSTATUS smb_pam_passcheck(const char * user, const char * password);
+NTSTATUS smb_pam_passcheck(const char * user, const char * password,
+			   const char * rhost);
 bool smb_pam_passchange(const char *user, const char *rhost,
 			const char *oldpassword, const char *newpassword);
 bool smb_pam_claim_session(char *user, char *tty, char *rhost);


-- 
Samba Shared Repository

More information about the samba-cvs mailing list