diff options
-rw-r--r-- | source3/nsswitch/pam_winbind.c | 13 | ||||
-rw-r--r-- | source3/nsswitch/pam_winbind.h | 1 |
2 files changed, 12 insertions, 2 deletions
diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index 8109eca4b9..db3a089329 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -264,6 +264,10 @@ static int _pam_parse(const pam_handle_t *pamh, int flags, int argc, const char ctrl |= WINBIND_TRY_FIRST_PASS_ARG; } + if (iniparser_getint(d, "global:warn_pwd_expire", 0)) { + ctrl |= WINBIND_WARN_PWD_EXPIRE; + } + config_from_pam: /* step through arguments */ for (i=argc,v=argv; i-- > 0; ++v) { @@ -1532,10 +1536,15 @@ int get_config_item_int(const pam_handle_t *pamh, const char **argv, int ctrl, dictionary *d, - const char *item) + const char *item, + int config_flag) { int i, parm_opt = -1; + if (!(ctrl & config_flag)) { + goto out; + } + /* let the pam opt take precedence over the pam_winbind.conf option */ for (i = 0; i < argc; i++) { @@ -1597,7 +1606,7 @@ int get_warn_pwd_expire_from_config(const pam_handle_t *pamh, { int ret; ret = get_config_item_int(pamh, argc, argv, ctrl, d, - "warn_pwd_expire"); + "warn_pwd_expire", WINBIND_WARN_PWD_EXPIRE); /* no or broken setting */ if (ret <= 0) { return DEFAULT_DAYS_TO_WARN_BEFORE_PWD_EXPIRES; diff --git a/source3/nsswitch/pam_winbind.h b/source3/nsswitch/pam_winbind.h index 159cb28059..59a2f39584 100644 --- a/source3/nsswitch/pam_winbind.h +++ b/source3/nsswitch/pam_winbind.h @@ -95,6 +95,7 @@ do { \ #define WINBIND_CONFIG_FILE (1<<10) #define WINBIND_SILENT (1<<11) #define WINBIND_DEBUG_STATE (1<<12) +#define WINBIND_WARN_PWD_EXPIRE (1<<13) /* * here is the string to inform the user that the new passwords they |