[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Wed Sep 8 22:19:36 MDT 2010


The branch, master has been updated
       via  eedf476 s3: Remove "mem_ctx" from a few functions
       via  eaf7785 s3: Remove "mem_ctx" from wcache_save_creds()
       via  d38e1d1 s3: Remove "mem_ctx" from lookup_cached_name()
       via  c7d6e6f s3: Remove a nested if-statement
       via  6f19165 s3: Fill in workstation in winbindd_pam_auth_crap_send
       via  f506871 s3: Fill in domain in winbindd_pam_auth_crap_send
       via  c2048db s3: Remove redundant flag checks
       via  4e4228b s3: Remove unused arg "user_sid" from winbindd_store_creds
       via  7372a50 s3: Remove unused winbindd_update_creds_by_sid
       via  a0de3fc s3: Remove unused winbindd_dual_show_sequence()
      from  bec9baf Don't rely on the underlying ACL modules to enforce share level security when setting ACLs, check at the call level as well.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit eedf476c248319efa2fcf552dc330b10423a1bb0
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 19:12:21 2010 -0700

    s3: Remove "mem_ctx" from a few functions

commit eaf778593f7e56774913ec4348b1c59a9488676c
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 19:09:21 2010 -0700

    s3: Remove "mem_ctx" from wcache_save_creds()

commit d38e1d13eab1a8d8aa8c660a40f6803aa62c3d68
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 19:03:15 2010 -0700

    s3: Remove "mem_ctx" from lookup_cached_name()

commit c7d6e6f57174a684c5b84b31993b1d92311d4b80
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 19:01:11 2010 -0700

    s3: Remove a nested if-statement

commit 6f1916524bb1f7d38130ba273e3bebe0c93f3a74
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 18:09:07 2010 -0700

    s3: Fill in workstation in winbindd_pam_auth_crap_send

commit f50687153861efcbac2cbd281ab24141ea83167b
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 18:07:31 2010 -0700

    s3: Fill in domain in winbindd_pam_auth_crap_send

commit c2048db59d52051c045386a0075a11aea2f5bef7
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 17:56:55 2010 -0700

    s3: Remove redundant flag checks
    
    We're checking these in the parent already (winbindd_pam_auth_send and
    winbindd_pam_auth_crap_send). No point in doing it in the child as well

commit 4e4228bd5d970350516162cc716ec2e083ead56f
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 16:58:21 2010 -0700

    s3: Remove unused arg "user_sid" from winbindd_store_creds
    
    All callers have passed in NULL

commit 7372a50a0333b362745c89b7f0c17f77db156dec
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 16:54:50 2010 -0700

    s3: Remove unused winbindd_update_creds_by_sid

commit a0de3fc690d30a8fd4b0ebc1bc35670a8ba3109d
Author: Volker Lendecke <vl at samba.org>
Date:   Wed Sep 8 10:04:53 2010 -0700

    s3: Remove unused winbindd_dual_show_sequence()

-----------------------------------------------------------------------

Summary of changes:
 source3/winbindd/winbindd_cache.c         |    4 +--
 source3/winbindd/winbindd_creds.c         |   27 +++-------------
 source3/winbindd/winbindd_domain.c        |    4 --
 source3/winbindd/winbindd_misc.c          |   19 -----------
 source3/winbindd/winbindd_pam.c           |   48 +++++------------------------
 source3/winbindd/winbindd_pam_auth_crap.c |    6 +++
 source3/winbindd/winbindd_proto.h         |   16 +--------
 7 files changed, 22 insertions(+), 102 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 5d12c2b..9c48c71 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -1359,7 +1359,6 @@ NTSTATUS wcache_get_creds(struct winbindd_domain *domain,
 /* Store creds for a SID - only writes out new salted ones. */
 
 NTSTATUS wcache_save_creds(struct winbindd_domain *domain, 
-			   TALLOC_CTX *mem_ctx, 
 			   const struct dom_sid *sid,
 			   const uint8 nt_pass[NT_HASH_LEN])
 {
@@ -3194,8 +3193,7 @@ bool lookup_cached_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
 	return NT_STATUS_IS_OK(status);
 }
 
-bool lookup_cached_name(TALLOC_CTX *mem_ctx,
-			const char *domain_name,
+bool lookup_cached_name(const char *domain_name,
 			const char *name,
 			struct dom_sid *sid,
 			enum lsa_SidType *type)
diff --git a/source3/winbindd/winbindd_creds.c b/source3/winbindd/winbindd_creds.c
index 00b38e3..b1910b6 100644
--- a/source3/winbindd/winbindd_creds.c
+++ b/source3/winbindd/winbindd_creds.c
@@ -54,11 +54,9 @@ NTSTATUS winbindd_get_creds(struct winbindd_domain *domain,
 
 
 NTSTATUS winbindd_store_creds(struct winbindd_domain *domain,
-			      TALLOC_CTX *mem_ctx, 
 			      const char *user, 
 			      const char *pass, 
-			      struct netr_SamInfo3 *info3,
-			      const struct dom_sid *user_sid)
+			      struct netr_SamInfo3 *info3)
 {
 	NTSTATUS status;
 	uchar nt_pass[NT_HASH_LEN];
@@ -70,18 +68,13 @@ NTSTATUS winbindd_store_creds(struct winbindd_domain *domain,
 			    info3->base.rid);
 		info3->base.user_flags |= NETLOGON_CACHED_ACCOUNT;
 
-	} else if (user_sid != NULL) {
-
-		sid_copy(&cred_sid, user_sid);
-
 	} else if (user != NULL) {
 
 		/* do lookup ourself */
 
 		enum lsa_SidType type;
 
-		if (!lookup_cached_name(mem_ctx,
-	        	                domain->name,
+		if (!lookup_cached_name(domain->name,
 					user,
 					&cred_sid,
 					&type)) {
@@ -118,7 +111,7 @@ NTSTATUS winbindd_store_creds(struct winbindd_domain *domain,
 
 		dump_data_pw("nt_pass", nt_pass, NT_HASH_LEN);
 
-		status = wcache_save_creds(domain, mem_ctx, &cred_sid, nt_pass);
+		status = wcache_save_creds(domain, &cred_sid, nt_pass);
 		if (!NT_STATUS_IS_OK(status)) {
 			return status;
 		}
@@ -134,28 +127,18 @@ NTSTATUS winbindd_store_creds(struct winbindd_domain *domain,
 }
 
 NTSTATUS winbindd_update_creds_by_info3(struct winbindd_domain *domain,
-				        TALLOC_CTX *mem_ctx,
 				        const char *user,
 				        const char *pass,
 				        struct netr_SamInfo3 *info3)
 {
-	return winbindd_store_creds(domain, mem_ctx, user, pass, info3, NULL);
-}
-
-NTSTATUS winbindd_update_creds_by_sid(struct winbindd_domain *domain,
-				      TALLOC_CTX *mem_ctx,
-				      const struct dom_sid *sid,
-				      const char *pass)
-{
-	return winbindd_store_creds(domain, mem_ctx, NULL, pass, NULL, sid);
+	return winbindd_store_creds(domain, user, pass, info3);
 }
 
 NTSTATUS winbindd_update_creds_by_name(struct winbindd_domain *domain,
-				       TALLOC_CTX *mem_ctx,
 				       const char *user,
 				       const char *pass)
 {
-	return winbindd_store_creds(domain, mem_ctx, user, pass, NULL, NULL);
+	return winbindd_store_creds(domain, user, pass, NULL);
 }
 
 
diff --git a/source3/winbindd/winbindd_domain.c b/source3/winbindd/winbindd_domain.c
index d82db19..cd33708 100644
--- a/source3/winbindd/winbindd_domain.c
+++ b/source3/winbindd/winbindd_domain.c
@@ -39,10 +39,6 @@ static const struct winbindd_child_dispatch_table domain_dispatch_table[] = {
 		.struct_cmd	= WINBINDD_INIT_CONNECTION,
 		.struct_fn	= winbindd_dual_init_connection,
 	},{
-		.name		= "SHOW_SEQUENCE",
-		.struct_cmd	= WINBINDD_SHOW_SEQUENCE,
-		.struct_fn	= winbindd_dual_show_sequence,
-	},{
 		.name		= "PAM_AUTH",
 		.struct_cmd	= WINBINDD_PAM_AUTH,
 		.struct_fn	= winbindd_dual_pam_auth,
diff --git a/source3/winbindd/winbindd_misc.c b/source3/winbindd/winbindd_misc.c
index e6be280..84e8c38 100644
--- a/source3/winbindd/winbindd_misc.c
+++ b/source3/winbindd/winbindd_misc.c
@@ -209,25 +209,6 @@ enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *
 	return WINBINDD_OK;
 }
 
-/* This is the child-only version of --sequence. It only allows for a single
- * domain (ie "our" one) to be displayed. */
-
-enum winbindd_result winbindd_dual_show_sequence(struct winbindd_domain *domain,
-						 struct winbindd_cli_state *state)
-{
-	DEBUG(3, ("[%5lu]: show sequence\n", (unsigned long)state->pid));
-
-	/* Ensure null termination */
-	state->request->domain_name[sizeof(state->request->domain_name)-1]='\0';
-
-	domain->methods->sequence_number(domain, &domain->sequence_number);
-
-	state->response->data.sequence_number =
-		domain->sequence_number;
-
-	return WINBINDD_OK;
-}
-
 struct domain_info_state {
 	struct winbindd_domain *domain;
 	struct winbindd_cli_state *cli;
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 86d9e6d..e71e152 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -838,8 +838,7 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
 	parse_domain_user(state->request->data.auth.user, name_domain, name_user);
 
 
-	if (!lookup_cached_name(state->mem_ctx,
-	                        name_domain,
+	if (!lookup_cached_name(name_domain,
 				name_user,
 				&sid,
 				&type)) {
@@ -1005,7 +1004,6 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
 		my_info3->base.bad_password_count = 0;
 
 		result = winbindd_update_creds_by_info3(domain,
-							state->mem_ctx,
 							state->request->data.auth.user,
 							state->request->data.auth.pass,
 							my_info3);
@@ -1053,7 +1051,6 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
 
 failed:
 	result = winbindd_update_creds_by_info3(domain,
-						state->mem_ctx,
 						state->request->data.auth.user,
 						NULL,
 						my_info3);
@@ -1429,11 +1426,6 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain,
 	DEBUG(3, ("[%5lu]: dual pam auth %s\n", (unsigned long)state->pid,
 		  state->request->data.auth.user));
 
-	if (!check_request_flags(state->request->flags)) {
-		result = NT_STATUS_INVALID_PARAMETER_MIX;
-		goto done;
-	}
-
 	/* Parse domain and username */
 
 	name_map_status = normalize_name_unmap(state->mem_ctx,
@@ -1617,18 +1609,15 @@ process_result:
 			goto done;
 		}
 
-		if ((state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) {
+		if ((state->request->flags & WBFLAG_PAM_CACHED_LOGIN)
+		    && lp_winbind_offline_logon()) {
 
-			if (lp_winbind_offline_logon()) {
-				result = winbindd_store_creds(domain,
-						      state->mem_ctx,
+			result = winbindd_store_creds(domain,
 						      state->request->data.auth.user,
 						      state->request->data.auth.pass,
-						      info3, NULL);
-			}
+						      info3);
 		}
 
-
 		if (state->request->flags & WBFLAG_PAM_GET_PWD_POLICY) {
 			struct winbindd_domain *our_domain = find_our_domain();
 
@@ -1693,33 +1682,13 @@ enum winbindd_result winbindd_dual_pam_auth_crap(struct winbindd_domain *domain,
 	state->request->data.auth_crap.user[sizeof(state->request->data.auth_crap.user)-1]=0;
 	state->request->data.auth_crap.domain[sizeof(state->request->data.auth_crap.domain)-1]=0;
 
-	if (!check_request_flags(state->request->flags)) {
-		result = NT_STATUS_INVALID_PARAMETER_MIX;
-		goto done;
-	}
-
 	name_user = state->request->data.auth_crap.user;
-
-	if (*state->request->data.auth_crap.domain) {
-		name_domain = state->request->data.auth_crap.domain;
-	} else if (lp_winbind_use_default_domain()) {
-		name_domain = lp_workgroup();
-	} else {
-		DEBUG(5,("no domain specified with username (%s) - failing auth\n",
-			 name_user));
-		result = NT_STATUS_NO_SUCH_USER;
-		goto done;
-	}
+	name_domain = state->request->data.auth_crap.domain;
+	workstation = state->request->data.auth_crap.workstation;
 
 	DEBUG(3, ("[%5lu]: pam auth crap domain: %s user: %s\n", (unsigned long)state->pid,
 		  name_domain, name_user));
 
-	if (*state->request->data.auth_crap.workstation) {
-		workstation = state->request->data.auth_crap.workstation;
-	} else {
-		workstation = global_myname();
-	}
-
 	if (state->request->data.auth_crap.lm_resp_len > sizeof(state->request->data.auth_crap.lm_resp)
 		|| state->request->data.auth_crap.nt_resp_len > sizeof(state->request->data.auth_crap.nt_resp)) {
 		if (!(state->request->flags & WBFLAG_BIG_NTLMV2_BLOB) ||
@@ -1961,8 +1930,7 @@ done:
 	if (NT_STATUS_IS_OK(result) && (state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) {
 		if (lp_winbind_offline_logon()) {
 			result = winbindd_update_creds_by_name(contact_domain,
-							 state->mem_ctx, user,
-							 newpass);
+							       user, newpass);
 			/* Again, this happens when we login from gdm or xdm
 			 * and the password expires, *BUT* cached crendentials
 			 * doesn't exist. winbindd_update_creds_by_name()
diff --git a/source3/winbindd/winbindd_pam_auth_crap.c b/source3/winbindd/winbindd_pam_auth_crap.c
index dc2dc3e..d9f0273 100644
--- a/source3/winbindd/winbindd_pam_auth_crap.c
+++ b/source3/winbindd/winbindd_pam_auth_crap.c
@@ -78,6 +78,12 @@ struct tevent_req *winbindd_pam_auth_crap_send(
 		return tevent_req_post(req, ev);
 	}
 
+	fstrcpy(request->data.auth_crap.domain, domain->name);
+
+	if (request->data.auth_crap.workstation[0] == '\0') {
+		fstrcpy(request->data.auth_crap.workstation, global_myname());
+	}
+
 	subreq = wb_domain_request_send(state, winbind_event_context(), domain,
 					request);
 	if (tevent_req_nomem(subreq, req)) {
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index d9b8180..7d36be1 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -90,7 +90,6 @@ NTSTATUS wcache_get_creds(struct winbindd_domain *domain,
 			  const uint8 **cached_nt_pass,
 			  const uint8 **cached_salt);
 NTSTATUS wcache_save_creds(struct winbindd_domain *domain, 
-			   TALLOC_CTX *mem_ctx, 
 			   const struct dom_sid *sid,
 			   const uint8 nt_pass[NT_HASH_LEN]);
 void wcache_invalidate_samlogon(struct winbindd_domain *domain, 
@@ -115,8 +114,7 @@ NTSTATUS wcache_lookup_groupmem(struct winbindd_domain *domain,
 bool lookup_cached_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
 		       char **domain_name, char **name,
 		       enum lsa_SidType *type);
-bool lookup_cached_name(TALLOC_CTX *mem_ctx,
-			const char *domain_name,
+bool lookup_cached_name(const char *domain_name,
 			const char *name,
 			struct dom_sid *sid,
 			enum lsa_SidType *type);
@@ -231,22 +229,14 @@ NTSTATUS winbindd_get_creds(struct winbindd_domain *domain,
 			    const uint8 *cached_nt_pass[NT_HASH_LEN],
 			    const uint8 *cred_salt[NT_HASH_LEN]);
 NTSTATUS winbindd_store_creds(struct winbindd_domain *domain,
-			      TALLOC_CTX *mem_ctx, 
 			      const char *user, 
 			      const char *pass, 
-			      struct netr_SamInfo3 *info3,
-			      const struct dom_sid *user_sid);
+			      struct netr_SamInfo3 *info3);
 NTSTATUS winbindd_update_creds_by_info3(struct winbindd_domain *domain,
-				        TALLOC_CTX *mem_ctx,
 				        const char *user,
 				        const char *pass,
 				        struct netr_SamInfo3 *info3);
-NTSTATUS winbindd_update_creds_by_sid(struct winbindd_domain *domain,
-				      TALLOC_CTX *mem_ctx,
-				      const struct dom_sid *sid,
-				      const char *pass);
 NTSTATUS winbindd_update_creds_by_name(struct winbindd_domain *domain,
-				       TALLOC_CTX *mem_ctx,
 				       const char *user,
 				       const char *pass);
 
@@ -343,8 +333,6 @@ void winbindd_list_trusted_domains(struct winbindd_cli_state *state);
 enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *domain,
 							struct winbindd_cli_state *state);
 void winbindd_show_sequence(struct winbindd_cli_state *state);
-enum winbindd_result winbindd_dual_show_sequence(struct winbindd_domain *domain,
-						 struct winbindd_cli_state *state);
 void winbindd_domain_info(struct winbindd_cli_state *state);
 void winbindd_ping(struct winbindd_cli_state *state);
 void winbindd_info(struct winbindd_cli_state *state);


-- 
Samba Shared Repository


More information about the samba-cvs mailing list