[SCM] Samba Shared Repository - branch master updated

Andreas Schneider asn at samba.org
Fri Mar 25 16:46:03 UTC 2016


The branch, master has been updated
       via  94464ed pam_winbind: Create and use a wbclient context
       via  4c139e2 pam_winbind: Use the correct type to check the pam_parse() return code
      from  fca78dd s3: smbd: DFS - Remove the last lp_posix_pathnames() from the SMB2/3 code paths.

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 94464ed82c93094a972984ac1828f0bcc256f13c
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Mar 24 09:38:56 2016 +0100

    pam_winbind: Create and use a wbclient context
    
    PAM sessions are long running. If we create a pam session a connection
    to winbind is established and only closed by the destructor of the
    libwbclient library. If we create a wbcContext, we will free it in the
    end of the PAM function being called and the socket will be closed. This
    decreases the amount of allocated 'winbindd_cli_state' structures in
    winbind for every logged in user.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>
    
    Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
    Autobuild-Date(master): Fri Mar 25 17:45:24 CET 2016 on sn-devel-144

commit 4c139e23e918c7a378953a3f9fc6ec7c927cf6f5
Author: Andreas Schneider <asn at samba.org>
Date:   Thu Mar 24 09:23:31 2016 +0100

    pam_winbind: Use the correct type to check the pam_parse() return code
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Guenther Deschner <gd at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 nsswitch/pam_winbind.c | 42 ++++++++++++++++++++++++++++++++----------
 nsswitch/pam_winbind.h |  1 +
 2 files changed, 33 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index b83a276..b2e1778 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -540,6 +540,8 @@ static int _pam_winbind_free_context(struct pwb_context *ctx)
 		tiniparser_freedict(ctx->dict);
 	}
 
+	wbcCtxFree(ctx->wbc_ctx);
+
 	return 0;
 }
 
@@ -551,6 +553,7 @@ static int _pam_winbind_init_context(pam_handle_t *pamh,
 				     struct pwb_context **ctx_p)
 {
 	struct pwb_context *r = NULL;
+	int ctrl_code;
 
 #ifdef HAVE_GETTEXT
 	textdomain_init();
@@ -567,8 +570,15 @@ static int _pam_winbind_init_context(pam_handle_t *pamh,
 	r->flags = flags;
 	r->argc = argc;
 	r->argv = argv;
-	r->ctrl = _pam_parse(pamh, flags, argc, argv, type, &r->dict);
-	if (r->ctrl == -1) {
+	ctrl_code = _pam_parse(pamh, flags, argc, argv, type, &r->dict);
+	if (ctrl_code == -1) {
+		TALLOC_FREE(r);
+		return PAM_SYSTEM_ERR;
+	}
+	r->ctrl = ctrl_code;
+
+	r->wbc_ctx = wbcCtxCreate();
+	if (r->wbc_ctx == NULL) {
 		TALLOC_FREE(r);
 		return PAM_SYSTEM_ERR;
 	}
@@ -1100,7 +1110,11 @@ static bool winbind_name_to_sid_string(struct pwb_context *ctx,
 		_pam_log_debug(ctx, LOG_DEBUG,
 			       "no sid given, looking up: %s\n", name);
 
-		wbc_status = wbcLookupName("", name, &sid, &type);
+		wbc_status = wbcCtxLookupName(ctx->wbc_ctx,
+					      "",
+					      name,
+					      &sid,
+					      &type);
 		if (!WBC_ERROR_IS_OK(wbc_status)) {
 			_pam_log(ctx, LOG_INFO,
 				 "could not lookup name: %s\n", name);
@@ -1820,7 +1834,11 @@ static int winbind_auth_request(struct pwb_context *ctx,
 		}
 	}
 
-	wbc_status = wbcLogonUser(&logon, &info, &error, &policy);
+	wbc_status = wbcCtxLogonUser(ctx->wbc_ctx,
+				     &logon,
+				     &info,
+				     &error,
+				     &policy);
 	ret = wbc_auth_error_to_pam_error(ctx, error, wbc_status,
 					  user, "wbcLogonUser");
 	wbcFreeMemory(logon.blobs);
@@ -1967,7 +1985,11 @@ static int winbind_chauthtok_request(struct pwb_context *ctx,
 	params.new_password.plaintext	= newpass;
 	params.flags			= flags;
 
-	wbc_status = wbcChangeUserPasswordEx(&params, &error, &reject_reason, &policy);
+	wbc_status = wbcCtxChangeUserPasswordEx(ctx->wbc_ctx,
+						&params,
+						&error,
+						&reject_reason,
+						&policy);
 	ret = wbc_auth_error_to_pam_error(ctx, error, wbc_status,
 					  user, "wbcChangeUserPasswordEx");
 
@@ -2071,7 +2093,7 @@ static int valid_user(struct pwb_context *ctx,
 		return 1;
 	}
 
-	wbc_status = wbcGetpwnam(user, &wb_pwd);
+	wbc_status = wbcCtxGetpwnam(ctx->wbc_ctx, user, &wb_pwd);
 	wbcFreeMemory(wb_pwd);
 	if (!WBC_ERROR_IS_OK(wbc_status)) {
 		_pam_log(ctx, LOG_DEBUG, "valid_user: wbcGetpwnam gave %s\n",
@@ -2401,7 +2423,7 @@ static char winbind_get_separator(struct pwb_context *ctx)
 	wbcErr wbc_status;
 	static struct wbcInterfaceDetails *details = NULL;
 
-	wbc_status = wbcInterfaceDetails(&details);
+	wbc_status = wbcCtxInterfaceDetails(ctx->wbc_ctx, &details);
 	if (!WBC_ERROR_IS_OK(wbc_status)) {
 		_pam_log(ctx, LOG_ERR,
 			 "Could not retrieve winbind interface details: %s",
@@ -2456,14 +2478,14 @@ static char* winbind_upn_to_username(struct pwb_context *ctx,
 
 	/* Convert the UPN to a SID */
 
-	wbc_status = wbcLookupName(domain, name, &sid, &type);
+	wbc_status = wbcCtxLookupName(ctx->wbc_ctx, domain, name, &sid, &type);
 	if (!WBC_ERROR_IS_OK(wbc_status)) {
 		return NULL;
 	}
 
 	/* Convert the the SID back to the sAMAccountName */
 
-	wbc_status = wbcLookupSid(&sid, &domain, &name, &type);
+	wbc_status = wbcCtxLookupSid(ctx->wbc_ctx, &sid, &domain, &name, &type);
 	if (!WBC_ERROR_IS_OK(wbc_status)) {
 		return NULL;
 	}
@@ -2568,7 +2590,7 @@ static int _pam_delete_cred(pam_handle_t *pamh, int flags,
 			goto out;
 		}
 
-		wbc_status = wbcLogoffUserEx(&logoff, &error);
+		wbc_status = wbcCtxLogoffUserEx(ctx->wbc_ctx, &logoff, &error);
 		retval = wbc_auth_error_to_pam_error(ctx, error, wbc_status,
 						     user, "wbcLogoffUser");
 		wbcFreeMemory(error);
diff --git a/nsswitch/pam_winbind.h b/nsswitch/pam_winbind.h
index 13542b2..6b65c46 100644
--- a/nsswitch/pam_winbind.h
+++ b/nsswitch/pam_winbind.h
@@ -213,6 +213,7 @@ struct pwb_context {
 	const char **argv;
 	struct tiniparser_dictionary *dict;
 	uint32_t ctrl;
+	struct wbcContext *wbc_ctx;
 };
 
 #ifndef TALLOC_FREE


-- 
Samba Shared Repository



More information about the samba-cvs mailing list