diff options
| author | Tim Potter <tpot@samba.org> | 2001-05-17 06:08:49 +0000 |
|---|---|---|
| committer | Tim Potter <tpot@samba.org> | 2001-05-17 06:08:49 +0000 |
| commit | 2d27d8c720b705e8ca9575682948c0750c1bb080 (patch) | |
| tree | 279642be0c653bb1215685164b623dba9d96d462 /source3/smbd | |
| parent | 89de0c46ad994bd15217b4eb6c8d3793e35ffb92 (diff) | |
| download | samba-2d27d8c720b705e8ca9575682948c0750c1bb080.tar.gz samba-2d27d8c720b705e8ca9575682948c0750c1bb080.tar.bz2 samba-2d27d8c720b705e8ca9575682948c0750c1bb080.zip | |
Fixes to get pam_auth() functionality working again.
(This used to be commit 083b74c743f0026693fa0fbe665ed08a3ac706b8)
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/password.c | 21 | ||||
| -rw-r--r-- | source3/smbd/reply.c | 2 |
2 files changed, 12 insertions, 11 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 01fc9cdd53..303ed783e9 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -1416,8 +1416,6 @@ static BOOL attempt_connect_to_dc(struct cli_state *pcli, struct in_addr *ip, un return connect_to_domain_password_server(pcli, dc_name, trust_passwd); } - - /*********************************************************************** We have been asked to dynamcially determine the IP addresses of the PDC and BDC's for this DOMAIN, and query them in turn. @@ -1491,17 +1489,16 @@ static BOOL find_connect_pdc(struct cli_state *pcli, unsigned char *trust_passwd return connected_ok; } - - /*********************************************************************** Do the same as security=server, but using NT Domain calls and a session - key from the machine password. + key from the machine password. If the server parameter is specified + use it, otherwise figure out a server from the 'password server' param. ************************************************************************/ BOOL domain_client_validate( char *user, char *domain, char *smb_apasswd, int smb_apasslen, char *smb_ntpasswd, int smb_ntpasslen, - BOOL *user_exists) + BOOL *user_exists, char *server) { unsigned char local_challenge[8]; unsigned char local_lm_response[24]; @@ -1541,7 +1538,7 @@ BOOL domain_client_validate( char *user, char *domain, * Not encrypted - do so. */ - DEBUG(3,("domain_client_validate: User passwords not in encrypted format.\n")); + DEBUG(5,("domain_client_validate: User passwords not in encrypted format.\n")); generate_random_buffer( local_challenge, 8, False); SMBencrypt( (uchar *)smb_apasswd, local_challenge, local_lm_response); SMBNTencrypt((uchar *)smb_ntpasswd, local_challenge, local_nt_response); @@ -1586,9 +1583,13 @@ BOOL domain_client_validate( char *user, char *domain, * PDC/BDC. Contact each in turn and try and authenticate. */ - pserver = lp_passwordserver(); - if (! *pserver) pserver = "*"; - p = pserver; + if (server) { + p = server; + } else { + pserver = lp_passwordserver(); + if (! *pserver) pserver = "*"; + p = pserver; + } while (!connected_ok && next_token(&p,remote_machine,LIST_SEP,sizeof(remote_machine))) { diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 41970c4040..2e4837013e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -616,7 +616,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user ret = domain_client_validate(orig_user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen, - &user_exists); + &user_exists, NULL); if(ret) { /* |