diff options
author | Tim Potter <tpot@samba.org> | 2001-10-05 00:20:06 +0000 |
---|---|---|
committer | Tim Potter <tpot@samba.org> | 2001-10-05 00:20:06 +0000 |
commit | 482a9ef278567a35d3bcad1c2048ee97d86bfb9c (patch) | |
tree | a4cf752314cb3605aaa9c204c873f8b221df03ff /source3/nsswitch/winbindd_pam.c | |
parent | 18190fc0513d6fa8824fa0b105aeb16dd428106b (diff) | |
download | samba-482a9ef278567a35d3bcad1c2048ee97d86bfb9c.tar.gz samba-482a9ef278567a35d3bcad1c2048ee97d86bfb9c.tar.bz2 samba-482a9ef278567a35d3bcad1c2048ee97d86bfb9c.zip |
This is the start of a bit of a rewrite of winbindd's connection handling.
I've wrapped up all the decisions about managing, making and closing
connections into a connection manager in nsswitch/winbindd_cm.c.
It's rather incomplete at the moment - only querying basic user info works
at the moment (i.e finger -m DOMAIN/user) and everything else is broken.
Jeremy, please take a look and I'll start moving across the rest of
winbindd to this new system.
(This used to be commit c369cf5af787ed9c642778d21f162716fbf0620e)
Diffstat (limited to 'source3/nsswitch/winbindd_pam.c')
-rw-r--r-- | source3/nsswitch/winbindd_pam.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index 262a9d7a33..406b12c9f6 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -55,7 +55,7 @@ static void parse_domain_user(char *domuser, fstring domain, fstring user) enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) { NTSTATUS result; - fstring name_domain, name_user; + fstring name_domain, name_user, auth_dc; int passlen; unsigned char trust_passwd[16]; time_t last_change_time; @@ -127,12 +127,18 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) return WINBINDD_ERROR; } + if (!cm_get_dc_name(lp_workgroup(), auth_dc)) { + DEBUG(3, ("Could not find dc for workgroup %s\n", + lp_workgroup())); + return WINBINDD_ERROR; + } + /* So domain_client_validate() actually opens a new connection for each authentication performed. This can theoretically be optimised to use an already open IPC$ connection. */ result = domain_client_validate(&user_info, &server_info, - server_state.controller, trust_passwd, + auth_dc, trust_passwd, last_change_time); return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR; @@ -143,7 +149,7 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) { NTSTATUS result; - fstring name_domain, name_user; + fstring name_domain, name_user, auth_dc; unsigned char trust_passwd[16]; time_t last_change_time; auth_usersupplied_info user_info; @@ -198,12 +204,18 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) return WINBINDD_ERROR; } + if (!cm_get_dc_name(lp_workgroup(), auth_dc)) { + DEBUG(3, ("Could not find dc for workgroup %s\n", + lp_workgroup())); + return WINBINDD_ERROR; + } + /* So domain_client_validate() actually opens a new connection for each authentication performed. This can theoretically be optimised to use an already open IPC$ connection. */ result = domain_client_validate(&user_info, &server_info, - server_state.controller, trust_passwd, + auth_dc, trust_passwd, last_change_time); return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR; |