summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2010-08-18 18:23:49 +0200
committerVolker Lendecke <vl@samba.org>2010-08-22 22:42:21 +0200
commit177e394f93278407557702d9f53bae65fd5fc434 (patch)
tree86e740e30d4bfb10adeae52a78b9bd0002ada984 /source3/auth
parent265f0b7745b811d6ba1575eb277213f707215a3b (diff)
downloadsamba-177e394f93278407557702d9f53bae65fd5fc434.tar.gz
samba-177e394f93278407557702d9f53bae65fd5fc434.tar.bz2
samba-177e394f93278407557702d9f53bae65fd5fc434.zip
s3: Pass the rhost through smb_pam_accountcheck
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth.c5
-rw-r--r--source3/auth/pampass.c6
2 files changed, 7 insertions, 4 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index d92d327721..cabff53180 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -18,6 +18,7 @@
*/
#include "includes.h"
+#include "smbd/globals.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
@@ -284,7 +285,9 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
if (!(*server_info)->guest) {
/* We might not be root if we are an RPC call */
become_root();
- nt_status = smb_pam_accountcheck(unix_username);
+ nt_status = smb_pam_accountcheck(
+ unix_username,
+ smbd_server_conn->client_id.name);
unbecome_root();
if (NT_STATUS_IS_OK(nt_status)) {
diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c
index 50bfec1a0c..69a746747a 100644
--- a/source3/auth/pampass.c
+++ b/source3/auth/pampass.c
@@ -773,7 +773,7 @@ bool smb_pam_close_session(char *user, char *tty, char *rhost)
* PAM Externally accessible Account handler
*/
-NTSTATUS smb_pam_accountcheck(const char * user)
+NTSTATUS smb_pam_accountcheck(const char *user, const char *rhost)
{
NTSTATUS nt_status = NT_STATUS_ACCOUNT_DISABLED;
pam_handle_t *pamh = NULL;
@@ -787,7 +787,7 @@ NTSTATUS smb_pam_accountcheck(const char * user)
if ((pconv = smb_setup_pam_conv(smb_pam_conv, user, NULL, NULL)) == NULL)
return NT_STATUS_NO_MEMORY;
- if (!smb_pam_start(&pamh, user, NULL, pconv))
+ if (!smb_pam_start(&pamh, user, rhost, pconv))
return NT_STATUS_ACCOUNT_DISABLED;
if (!NT_STATUS_IS_OK(nt_status = smb_pam_account(pamh, user)))
@@ -869,7 +869,7 @@ bool smb_pam_passchange(const char * user, const char * oldpassword, const char
#else
/* If PAM not used, no PAM restrictions on accounts. */
-NTSTATUS smb_pam_accountcheck(const char * user)
+NTSTATUS smb_pam_accountcheck(const char *user, const char *rhost)
{
return NT_STATUS_OK;
}