diff options
author | Volker Lendecke <vl@samba.org> | 2010-04-18 14:14:43 +0200 |
---|---|---|
committer | Volker Lendecke <vl@samba.org> | 2010-04-19 14:27:24 +0200 |
commit | 56b4aa326626128c178c838977ef9e3d564b7bc7 (patch) | |
tree | ded7c89fcd8d6df6abffebe60467dd927e84b1b6 /source3/winbindd/winbindd_pam.c | |
parent | c04ce964e970b6f08fc768e93f5df2c5cbd09746 (diff) | |
download | samba-56b4aa326626128c178c838977ef9e3d564b7bc7.tar.gz samba-56b4aa326626128c178c838977ef9e3d564b7bc7.tar.bz2 samba-56b4aa326626128c178c838977ef9e3d564b7bc7.zip |
s3: Move the in-memory ccache to the parent
None of this blocks, so there is no reason to keep this in
a winbind child process
Diffstat (limited to 'source3/winbindd/winbindd_pam.c')
-rw-r--r-- | source3/winbindd/winbindd_pam.c | 48 |
1 files changed, 7 insertions, 41 deletions
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index d8643a6158..3f350e3fb2 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -522,11 +522,11 @@ static void setup_return_cc_name(struct winbindd_cli_state *state, const char *c #endif -static uid_t get_uid_from_state(struct winbindd_cli_state *state) +uid_t get_uid_from_request(struct winbindd_request *request) { uid_t uid; - uid = state->request->data.auth.uid; + uid = request->data.auth.uid; if (uid < 0) { DEBUG(1,("invalid uid: '%u'\n", (unsigned int)uid)); @@ -535,6 +535,11 @@ static uid_t get_uid_from_state(struct winbindd_cli_state *state) return uid; } +static uid_t get_uid_from_state(struct winbindd_cli_state *state) +{ + return get_uid_from_request(state->request); +} + /********************************************************************** Authenticate a user with a clear text password using Kerberos and fill up ccache if required @@ -1623,30 +1628,12 @@ process_result: if ((state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) { - /* Store in-memory creds for single-signon using ntlm_auth. */ - result = winbindd_add_memory_creds(state->request->data.auth.user, - get_uid_from_state(state), - state->request->data.auth.pass); - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(10,("Failed to store memory creds: %s\n", nt_errstr(result))); - goto done; - } - if (lp_winbind_offline_logon()) { result = winbindd_store_creds(domain, state->mem_ctx, state->request->data.auth.user, state->request->data.auth.pass, info3, NULL); - if (!NT_STATUS_IS_OK(result)) { - - /* Release refcount. */ - winbindd_delete_memory_creds(state->request->data.auth.user); - - DEBUG(10,("Failed to store creds: %s\n", nt_errstr(result))); - goto done; - } } } @@ -2026,26 +2013,6 @@ enum winbindd_result winbindd_dual_pam_chauthtok(struct winbindd_domain *contact done: if (NT_STATUS_IS_OK(result) && (state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) { - - /* Update the single sign-on memory creds. */ - result = winbindd_replace_memory_creds(state->request->data.chauthtok.user, - newpass); - - /* When we login from gdm or xdm and password expires, - * we change password, but there are no memory crendentials - * So, winbindd_replace_memory_creds() returns - * NT_STATUS_OBJECT_NAME_NOT_FOUND. This is not a failure. - * --- BoYang - * */ - if (NT_STATUS_EQUAL(result, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { - result = NT_STATUS_OK; - } - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(10,("Failed to replace memory creds: %s\n", nt_errstr(result))); - goto process_result; - } - if (lp_winbind_offline_logon()) { result = winbindd_update_creds_by_name(contact_domain, state->mem_ctx, user, @@ -2152,7 +2119,6 @@ enum winbindd_result winbindd_dual_pam_logoff(struct winbindd_domain *domain, process_result: - winbindd_delete_memory_creds(state->request->data.logoff.user); set_auth_errors(state->response, result); |