r7145: reuse the WINBIND_REQUIRED_MEMBERSHIP constant.

This is just cosmetic but prevents people from thinking that the
pam_winbind "require_membership_of"-option is not yet implemented :)

Guenther
(This used to be commit ef80a49a858d7d81d427c7bac71fdac4fc0d1bd6)

1 files changed, 14 insertions, 12 deletions

diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c
index ffe82b0bd2..8d4f59101c 100644
--- a/source3/nsswitch/pam_winbind.c
+++ b/source3/nsswitch/pam_winbind.c
@@ -487,22 +487,24 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
 #endif
      }
 
-     /* Retrieve membership-string here */
-     for ( i=0; i<argc; i++ ) {
+     if (ctrl & WINBIND_REQUIRED_MEMBERSHIP) {
+	     
+         for ( i=0; i<argc; i++ ) {
 
-	 if ((strncmp(argv[i], "require_membership_of", strlen("require_membership_of")) == 0) 
-	     || (strncmp(argv[i], "require-membership-of", strlen("require-membership-of")) == 0)) {
+	     if ((strncmp(argv[i], "require_membership_of", strlen("require_membership_of")) == 0) ||
+	         (strncmp(argv[i], "require-membership-of", strlen("require-membership-of")) == 0)) {
 
-	     char *p;
-	     char *parm = strdup(argv[i]);
+	        char *p;
+	        char *parm = strdup(argv[i]);
 
-	     if ( (p = strchr( parm, '=' )) == NULL) {
-	     	_pam_log(LOG_INFO, "no \"=\" delimiter for \"require_membership_of\" found\n");
-		break;
-	     }
+	        if ( (p = strchr( parm, '=' )) == NULL) {
+	     	   _pam_log(LOG_INFO, "no \"=\" delimiter for \"require_membership_of\" found\n");
+		   break;
+	        }
 
-	     member = strdup(p+1);
-	 }
+	        member = strdup(p+1);
+	     }
+         }
      }
 
      /* Now use the username to look up password */