summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/auth/pampass.c96
-rw-r--r--source3/auth/pass_check.c2
-rwxr-xr-xsource3/configure215
-rw-r--r--source3/include/proto.h6
-rw-r--r--source3/passdb/pampass.c96
-rw-r--r--source3/passdb/pass_check.c2
-rw-r--r--source3/smbd/password.c2
-rw-r--r--source3/smbd/session.c6
8 files changed, 266 insertions, 159 deletions
diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c
index e84a045d49..553ffcd323 100644
--- a/source3/auth/pampass.c
+++ b/source3/auth/pampass.c
@@ -5,6 +5,7 @@
Copyright (C) Andrew Tridgell 1992-2001
Copyright (C) John H Terpsta 1999-2001
Copyright (C) Andrew Bartlett 2001
+ Copyright (C) Jeremy Allison 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -58,7 +59,7 @@ static char *PAM_password;
/*
* PAM error handler.
*/
-static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
+static BOOL smb_pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
{
if( pam_error != PAM_SUCCESS) {
@@ -74,7 +75,7 @@ static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int
* echo off means password.
*/
-static int PAM_conv(int num_msg,
+static int smb_pam_conv(int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr)
@@ -122,21 +123,21 @@ static int PAM_conv(int num_msg,
return PAM_SUCCESS;
}
-static struct pam_conv PAM_conversation = {
- &PAM_conv,
+static struct pam_conv smb_pam_conversation = {
+ &smb_pam_conv,
NULL
};
/*
* PAM Closing out cleanup handler
*/
-static BOOL proc_pam_end(pam_handle_t *pamh)
+static BOOL smb_pam_end(pam_handle_t *pamh)
{
int pam_error;
if( pamh != NULL ) {
pam_error = pam_end(pamh, 0);
- if(pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
+ if(smb_pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
DEBUG(4, ("PAM: PAM_END OK.\n"));
return True;
}
@@ -148,15 +149,15 @@ static BOOL proc_pam_end(pam_handle_t *pamh)
/*
* Start PAM authentication for specified account
*/
-static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
+static BOOL smb_pam_start(pam_handle_t **pamh, char *user, char *rhost)
{
int pam_error;
DEBUG(4,("PAM: Init user: %s\n", user));
- pam_error = pam_start("samba", user, &PAM_conversation, pamh);
- if( !pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
- proc_pam_end(*pamh);
+ pam_error = pam_start("samba", user, &smb_pam_conversation, pamh);
+ if( !smb_pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
@@ -169,16 +170,16 @@ static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
#ifdef PAM_RHOST
DEBUG(4,("PAM: setting rhost to: %s\n", rhost));
pam_error = pam_set_item(*pamh, PAM_RHOST, rhost);
- if(!pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
- proc_pam_end(*pamh);
+ if(!smb_pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#endif
#ifdef PAM_TTY
DEBUG(4,("PAM: setting tty\n"));
pam_error = pam_set_item(*pamh, PAM_TTY, "samba");
- if (!pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
- proc_pam_end(*pamh);
+ if (!smb_pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#endif
@@ -189,7 +190,7 @@ static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
/*
* PAM Authentication Handler
*/
-static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
+static BOOL smb_pam_auth(pam_handle_t *pamh, char *user, char *password)
{
int pam_error;
@@ -225,8 +226,8 @@ static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
default:
DEBUG(0, ("PAM: UNKNOWN ERROR while authenticating user %s\n", user));
}
- if(!pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
+ smb_pam_end(pamh);
return False;
}
/* If this point is reached, the user has been authenticated. */
@@ -236,7 +237,7 @@ static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
/*
* PAM Account Handler
*/
-static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
+static BOOL smb_pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
{
int pam_error;
@@ -264,8 +265,8 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
default:
DEBUG(0, ("PAM: UNKNOWN ERROR for User: %s\n", user));
}
- if(!pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
+ smb_pam_end(pamh);
return False;
}
@@ -303,8 +304,8 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
default:
DEBUG(0, ("PAM: Error Condition Unknown in pam_setcred function call!"));
}
- if(!pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
+ smb_pam_end(pamh);
return False;
}
@@ -316,7 +317,7 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
/*
* PAM Internal Session Handler
*/
-static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
+static BOOL smb_internal_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
{
int pam_error;
@@ -326,22 +327,22 @@ static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL fla
#ifdef PAM_TTY
DEBUG(4,("PAM: tty set to: %s\n", tty));
pam_error = pam_set_item(pamh, PAM_TTY, tty);
- if (!pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
#endif
if (flag) {
pam_error = pam_open_session(pamh, PAM_SILENT);
- if (!pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
} else {
pam_error = pam_close_session(pamh, PAM_SILENT);
- if (!pam_error_handler(pamh, pam_error, "session close failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "session close failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
}
@@ -351,29 +352,26 @@ static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL fla
/*
* PAM Externally accessible Session handler
*/
-BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
+BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
{
pam_handle_t *pamh = NULL;
char * user;
- user = malloc(strlen(in_user)+1);
+ user = strdup(in_user);
if ( user == NULL ) {
DEBUG(0, ("PAM: PAM_session Malloc Failed!\n"));
return False;
}
- /* This is freed by PAM */
- StrnCpy(user, in_user, strlen(in_user)+1);
-
- if (!proc_pam_start(&pamh, user, rhost)) {
- proc_pam_end(pamh);
+ if (!smb_pam_start(&pamh, user, rhost)) {
+ smb_pam_end(pamh);
return False;
}
- if (proc_pam_session(pamh, user, tty, flag)) {
- return proc_pam_end(pamh);
+ if (smb_internal_pam_session(pamh, user, tty, flag)) {
+ return smb_pam_end(pamh);
} else {
- proc_pam_end(pamh);
+ smb_pam_end(pamh);
return False;
}
}
@@ -381,16 +379,16 @@ BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
/*
* PAM Externally accessible Account handler
*/
-BOOL pam_accountcheck(char * user)
+BOOL smb_pam_accountcheck(char * user)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = NULL;
- if( proc_pam_start(&pamh, user, NULL)) {
- if ( pam_account(pamh, user, NULL, False)) {
- return( proc_pam_end(pamh));
+ if( smb_pam_start(&pamh, user, NULL)) {
+ if ( smb_pam_account(pamh, user, NULL, False)) {
+ return( smb_pam_end(pamh));
}
}
DEBUG(0, ("PAM: Account Validation Failed - Rejecting User!\n"));
@@ -400,17 +398,17 @@ BOOL pam_accountcheck(char * user)
/*
* PAM Password Validation Suite
*/
-BOOL pam_passcheck(char * user, char * password)
+BOOL smb_pam_passcheck(char * user, char * password)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = password;
- if( proc_pam_start(&pamh, user, NULL)) {
- if ( pam_auth(pamh, user, password)) {
- if ( pam_account(pamh, user, password, True)) {
- return( proc_pam_end(pamh));
+ if( smb_pam_start(&pamh, user, NULL)) {
+ if ( smb_pam_auth(pamh, user, password)) {
+ if ( smb_pam_account(pamh, user, password, True)) {
+ return( smb_pam_end(pamh));
}
}
}
@@ -421,7 +419,7 @@ BOOL pam_passcheck(char * user, char * password)
#else
/* If PAM not used, no PAM restrictions on accounts. */
- BOOL pam_accountcheck(char * user)
+ BOOL smb_pam_accountcheck(char * user)
{
return True;
}
diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c
index 08961e5099..05f7138c3c 100644
--- a/source3/auth/pass_check.c
+++ b/source3/auth/pass_check.c
@@ -599,7 +599,7 @@ static BOOL password_check(char *password)
{
#ifdef WITH_PAM
- return (pam_passcheck(this_user, password));
+ return (smb_pam_passcheck(this_user, password));
#endif /* WITH_PAM */
#ifdef WITH_AFS
diff --git a/source3/configure b/source3/configure
index 13d45b9380..39747210b0 100755
--- a/source3/configure
+++ b/source3/configure
@@ -11174,8 +11174,9 @@ fi
#################################################
# check for a PAM password database
+with_pam_for_crypt=no
echo $ac_n "checking whether to use PAM password database""... $ac_c" 1>&6
-echo "configure:11179: checking whether to use PAM password database" >&5
+echo "configure:11180: checking whether to use PAM password database" >&5
# Check whether --with-pam or --without-pam was given.
if test "${with_pam+set}" = set; then
withval="$with_pam"
@@ -11187,6 +11188,7 @@ if test "${with_pam+set}" = set; then
EOF
LIBS="$LIBS -lpam"
+ with_pam_for_crypt=yes
;;
*)
echo "$ac_t""no" 1>&6
@@ -11198,10 +11200,119 @@ else
fi
+
+###############################################
+# test for where we get crypt() from, but only
+# if not using PAM
+if test $with_pam_for_crypt = no; then
+for ac_func in crypt
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:11212: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+else
+ cat > conftest.$ac_ext <<EOF
+#line 11217 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func(); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:11240: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=yes"
+else
+ echo "configure: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+ echo "$ac_t""yes" 1>&6
+ ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+ cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+
+else
+ echo "$ac_t""no" 1>&6
+fi
+done
+
+if test x"$ac_cv_func_crypt" = x"no"; then
+ echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6
+echo "configure:11266: checking for crypt in -lcrypt" >&5
+ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-%__p_%'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+else
+ ac_save_LIBS="$LIBS"
+LIBS="-lcrypt $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 11274 "configure"
+#include "confdefs.h"
+/* Override any gcc2 internal prototype to avoid an error. */
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char crypt();
+
+int main() {
+crypt()
+; return 0; }
+EOF
+if { (eval echo configure:11285: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_lib_$ac_lib_var=yes"
+else
+ echo "configure: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ rm -rf conftest*
+ eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+ echo "$ac_t""yes" 1>&6
+ LIBS="$LIBS -lcrypt";
+ cat >> confdefs.h <<\EOF
+#define HAVE_CRYPT 1
+EOF
+
+else
+ echo "$ac_t""no" 1>&6
+fi
+
+fi
+fi
+
+
#################################################
# check for a TDB password database
echo $ac_n "checking whether to use TDB password database""... $ac_c" 1>&6
-echo "configure:11205: checking whether to use TDB password database" >&5
+echo "configure:11316: checking whether to use TDB password database" >&5
# Check whether --with-tdbsam or --without-tdbsam was given.
if test "${with_tdbsam+set}" = set; then
withval="$with_tdbsam"
@@ -11227,7 +11338,7 @@ fi
#################################################
# check for a LDAP password database
echo $ac_n "checking whether to use LDAP password database""... $ac_c" 1>&6
-echo "configure:11231: checking whether to use LDAP password database" >&5
+echo "configure:11342: checking whether to use LDAP password database" >&5
# Check whether --with-ldap or --without-ldap was given.
if test "${with_ldap+set}" = set; then
withval="$with_ldap"
@@ -11253,7 +11364,7 @@ fi
#################################################
# check for a NISPLUS password database
echo $ac_n "checking whether to use NISPLUS password database""... $ac_c" 1>&6
-echo "configure:11257: checking whether to use NISPLUS password database" >&5
+echo "configure:11368: checking whether to use NISPLUS password database" >&5
# Check whether --with-nisplus or --without-nisplus was given.
if test "${with_nisplus+set}" = set; then
withval="$with_nisplus"
@@ -11278,7 +11389,7 @@ fi
#################################################
# check for a NISPLUS_HOME support
echo $ac_n "checking whether to use NISPLUS_HOME""... $ac_c" 1>&6
-echo "configure:11282: checking whether to use NISPLUS_HOME" >&5
+echo "configure:11393: checking whether to use NISPLUS_HOME" >&5
# Check whether --with-nisplus-home or --without-nisplus-home was given.
if test "${with_nisplus_home+set}" = set; then
withval="$with_nisplus_home"
@@ -11303,7 +11414,7 @@ fi
#################################################
# check for the secure socket layer
echo $ac_n "checking whether to use SSL""... $ac_c" 1>&6
-echo "configure:11307: checking whether to use SSL" >&5
+echo "configure:11418: checking whether to use SSL" >&5
# Check whether --with-ssl or --without-ssl was given.
if test "${with_ssl+set}" = set; then
withval="$with_ssl"
@@ -11362,7 +11473,7 @@ fi
#################################################
# check for syslog logging
echo $ac_n "checking whether to use syslog logging""... $ac_c" 1>&6
-echo "configure:11366: checking whether to use syslog logging" >&5
+echo "configure:11477: checking whether to use syslog logging" >&5
# Check whether --with-syslog or --without-syslog was given.
if test "${with_syslog+set}" = set; then
withval="$with_syslog"
@@ -11387,7 +11498,7 @@ fi
#################################################
# check for a shared memory profiling support
echo $ac_n "checking whether to use profiling""... $ac_c" 1>&6
-echo "configure:11391: checking whether to use profiling" >&5
+echo "configure:11502: checking whether to use profiling" >&5
# Check whether --with-profile or --without-profile was given.
if test "${with_profile+set}" = set; then
withval="$with_profile"
@@ -11413,7 +11524,7 @@ fi
#################################################
# check for experimental netatalk resource fork support
echo $ac_n "checking whether to support netatalk""... $ac_c" 1>&6
-echo "configure:11417: checking whether to support netatalk" >&5
+echo "configure:11528: checking whether to support netatalk" >&5
# Check whether --with-netatalk or --without-netatalk was given.
if test "${with_netatalk+set}" = set; then
withval="$with_netatalk"
@@ -11440,7 +11551,7 @@ fi
QUOTAOBJS=smbd/noquotas.o
echo $ac_n "checking whether to support disk-quotas""... $ac_c" 1>&6
-echo "configure:11444: checking whether to support disk-quotas" >&5
+echo "configure:11555: checking whether to support disk-quotas" >&5
# Check whether --with-quotas or --without-quotas was given.
if test "${with_quotas+set}" = set; then
withval="$with_quotas"
@@ -11464,7 +11575,7 @@ fi
# check for experimental utmp accounting
echo $ac_n "checking whether to support utmp accounting""... $ac_c" 1>&6
-echo "configure:11468: checking whether to support utmp accounting" >&5
+echo "configure:11579: checking whether to support utmp accounting" >&5
# Check whether --with-utmp or --without-utmp was given.
if test "${with_utmp+set}" = set; then
withval="$with_utmp"
@@ -11490,7 +11601,7 @@ fi
# check for MS Dfs support
echo $ac_n "checking whether to support Microsoft Dfs""... $ac_c" 1>&6
-echo "configure:11494: checking whether to support Microsoft Dfs" >&5
+echo "configure:11605: checking whether to support Microsoft Dfs" >&5
# Check whether --with-msdfs or --without-msdfs was given.
if test "${with_msdfs+set}" = set; then
withval="$with_msdfs"
@@ -11590,14 +11701,14 @@ fi
#################################################
# these tests are taken from the GNU fileutils package
echo "checking how to get filesystem space usage" 1>&6
-echo "configure:11594: checking how to get filesystem space usage" >&5
+echo "configure:11705: checking how to get filesystem space usage" >&5
space=no
# Test for statvfs64.
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs64 function (SVR4)""... $ac_c" 1>&6
-echo "configure:11601: checking statvfs64 function (SVR4)" >&5
+echo "configure:11712: checking statvfs64 function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs64'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -11605,7 +11716,7 @@ else
fu_cv_sys_stat_statvfs64=cross
else
cat > conftest.$ac_ext <<EOF
-#line 11609 "configure"
+#line 11720 "configure"
#include "confdefs.h"
#if defined(HAVE_UNISTD_H)
@@ -11619,7 +11730,7 @@ else
exit (statvfs64 (".", &fsd));
}
EOF
-if { (eval echo configure:11623: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11734: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statvfs64=yes
else
@@ -11652,12 +11763,12 @@ fi
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs function (SVR4)""... $ac_c" 1>&6
-echo "configure:11656: checking statvfs function (SVR4)" >&5
+echo "configure:11767: checking statvfs function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11661 "configure"
+#line 11772 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statvfs.h>
@@ -11665,7 +11776,7 @@ int main() {
struct statvfs fsd; statvfs (0, &fsd);
; return 0; }
EOF
-if { (eval echo configure:11669: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:11780: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
fu_cv_sys_stat_statvfs=yes
else
@@ -11690,7 +11801,7 @@ fi
if test $space = no; then
# DEC Alpha running OSF/1
echo $ac_n "checking for 3-argument statfs function (DEC OSF/1)""... $ac_c" 1>&6
-echo "configure:11694: checking for 3-argument statfs function (DEC OSF/1)" >&5
+echo "configure:11805: checking for 3-argument statfs function (DEC OSF/1)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs3_osf1'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -11698,7 +11809,7 @@ else
fu_cv_sys_stat_statfs3_osf1=no
else
cat > conftest.$ac_ext <<EOF
-#line 11702 "configure"
+#line 11813 "configure"
#include "confdefs.h"
#include <sys/param.h>
@@ -11711,7 +11822,7 @@ else
exit (statfs (".", &fsd, sizeof (struct statfs)));
}
EOF
-if { (eval echo configure:11715: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11826: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs3_osf1=yes
else
@@ -11738,7 +11849,7 @@ fi
if test $space = no; then
# AIX
echo $ac_n "checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)""... $ac_c" 1>&6
-echo "configure:11742: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
+echo "configure:11853: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_bsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -11746,7 +11857,7 @@ else
fu_cv_sys_stat_statfs2_bsize=no
else
cat > conftest.$ac_ext <<EOF
-#line 11750 "configure"
+#line 11861 "configure"
#include "confdefs.h"
#ifdef HAVE_SYS_PARAM_H
@@ -11765,7 +11876,7 @@ else
exit (statfs (".", &fsd));
}
EOF
-if { (eval echo configure:11769: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11880: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_bsize=yes
else
@@ -11792,7 +11903,7 @@ fi
if test $space = no; then
# SVR3
echo $ac_n "checking for four-argument statfs (AIX-3.2.5, SVR3)""... $ac_c" 1>&6
-echo "configure:11796: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
+echo "configure:11907: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs4'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -11800,7 +11911,7 @@ else
fu_cv_sys_stat_statfs4=no
else
cat > conftest.$ac_ext <<EOF
-#line 11804 "configure"
+#line 11915 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statfs.h>
@@ -11810,7 +11921,7 @@ else
exit (statfs (".", &fsd, sizeof fsd, 0));
}
EOF
-if { (eval echo configure:11814: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11925: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs4=yes
else
@@ -11837,7 +11948,7 @@ fi
if test $space = no; then
# 4.4BSD and NetBSD
echo $ac_n "checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)""... $ac_c" 1>&6
-echo "configure:11841: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
+echo "configure:11952: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_fsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -11845,7 +11956,7 @@ else
fu_cv_sys_stat_statfs2_fsize=no
else
cat > conftest.$ac_ext <<EOF
-#line 11849 "configure"
+#line 11960 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
@@ -11861,7 +11972,7 @@ else
exit (statfs (".", &fsd));
}
EOF
-if { (eval echo configure:11865: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11976: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_fsize=yes
else
@@ -11888,7 +11999,7 @@ fi
if test $space = no; then
# Ultrix
echo $ac_n "checking for two-argument statfs with struct fs_data (Ultrix)""... $ac_c" 1>&6
-echo "configure:11892: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
+echo "configure:12003: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_fs_data'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -11896,7 +12007,7 @@ else
fu_cv_sys_stat_fs_data=no
else
cat > conftest.$ac_ext <<EOF
-#line 11900 "configure"
+#line 12011 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
@@ -11916,7 +12027,7 @@ else
exit (statfs (".", &fsd) != 1);
}
EOF
-if { (eval echo configure:11920: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12031: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_fs_data=yes
else
@@ -11949,9 +12060,9 @@ fi
# file support.
#
echo $ac_n "checking if large file support can be enabled""... $ac_c" 1>&6
-echo "configure:11953: checking if large file support can be enabled" >&5
+echo "configure:12064: checking if large file support can be enabled" >&5
cat > conftest.$ac_ext <<EOF
-#line 11955 "configure"
+#line 12066 "configure"
#include "confdefs.h"
#if defined(HAVE_LONGLONG) && (defined(HAVE_OFF64_T) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8)))
@@ -11964,7 +12075,7 @@ int main() {
int i
; return 0; }
EOF
-if { (eval echo configure:11968: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:12079: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
samba_cv_HAVE_EXPLICIT_LARGEFILE_SUPPORT=yes
else
@@ -12032,7 +12143,7 @@ fi
# check for ACL support
echo $ac_n "checking whether to support ACLs""... $ac_c" 1>&6
-echo "configure:12036: checking whether to support ACLs" >&5
+echo "configure:12147: checking whether to support ACLs" >&5
# Check whether --with-acl-support or --without-acl-support was given.
if test "${with_acl_support+set}" = set; then
withval="$with_acl_support"
@@ -12070,7 +12181,7 @@ EOF
;;
*)
echo $ac_n "checking for acl_get_file in -lacl""... $ac_c" 1>&6
-echo "configure:12074: checking for acl_get_file in -lacl" >&5
+echo "configure:12185: checking for acl_get_file in -lacl" >&5
ac_lib_var=`echo acl'_'acl_get_file | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -12078,7 +12189,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lacl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 12082 "configure"
+#line 12193 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -12089,7 +12200,7 @@ int main() {
acl_get_file()
; return 0; }
EOF
-if { (eval echo configure:12093: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12204: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -12117,13 +12228,13 @@ else
fi
echo $ac_n "checking for ACL support""... $ac_c" 1>&6
-echo "configure:12121: checking for ACL support" >&5
+echo "configure:12232: checking for ACL support" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_POSIX_ACLS'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 12127 "configure"
+#line 12238 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/acl.h>
@@ -12131,7 +12242,7 @@ int main() {
acl_t acl; int entry_id; acl_entry_t *entry_p; return acl_get_entry( acl, entry_id, entry_p);
; return 0; }
EOF
-if { (eval echo configure:12135: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12246: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
samba_cv_HAVE_POSIX_ACLS=yes
else
@@ -12151,13 +12262,13 @@ echo "$ac_t""$samba_cv_HAVE_POSIX_ACLS" 1>&6
EOF
echo $ac_n "checking for acl_get_perm_np""... $ac_c" 1>&6
-echo "configure:12155: checking for acl_get_perm_np" >&5
+echo "configure:12266: checking for acl_get_perm_np" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_ACL_GET_PERM_NP'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 12161 "configure"
+#line 12272 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/acl.h>
@@ -12165,7 +12276,7 @@ int main() {
acl_permset_t permset_d; acl_perm_t perm; return acl_get_perm_np( permset_d, perm);
; return 0; }
EOF
-if { (eval echo configure:12169: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12280: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
samba_cv_HAVE_ACL_GET_PERM_NP=yes
else
@@ -12186,13 +12297,13 @@ EOF
fi
fi
echo $ac_n "checking for XFS ACL support""... $ac_c" 1>&6
-echo "configure:12190: checking for XFS ACL support" >&5
+echo "configure:12301: checking for XFS ACL support" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_XFS_ACLS'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 12196 "configure"
+#line 12307 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <acl/acl.h>
@@ -12200,7 +12311,7 @@ int main() {
char test_str[13] = SGI_ACL_FILE;
; return 0; }
EOF
-if { (eval echo configure:12204: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:12315: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
samba_cv_HAVE_XFS_ACLS=yes
else
@@ -12245,11 +12356,11 @@ if test "$cross_compiling" = yes; then
:
else
cat > conftest.$ac_ext <<EOF
-#line 12249 "configure"
+#line 12360 "configure"
#include "confdefs.h"
#include "${srcdir-.}/tests/summary.c"
EOF
-if { (eval echo configure:12253: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12364: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
echo "configure OK";
else
diff --git a/source3/include/proto.h b/source3/include/proto.h
index bb5bc6ea32..ae9e8e914f 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1922,9 +1922,9 @@ BOOL pdb_generate_sam_sid(void);
/*The following definitions come from passdb/pampass.c */
-BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost);
-BOOL pam_accountcheck(char * user);
-BOOL pam_passcheck(char * user, char * password);
+BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost);
+BOOL smb_pam_accountcheck(char * user);
+BOOL smb_pam_passcheck(char * user, char * password);
/*The following definitions come from passdb/pass_check.c */
diff --git a/source3/passdb/pampass.c b/source3/passdb/pampass.c
index e84a045d49..553ffcd323 100644
--- a/source3/passdb/pampass.c
+++ b/source3/passdb/pampass.c
@@ -5,6 +5,7 @@
Copyright (C) Andrew Tridgell 1992-2001
Copyright (C) John H Terpsta 1999-2001
Copyright (C) Andrew Bartlett 2001
+ Copyright (C) Jeremy Allison 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@@ -58,7 +59,7 @@ static char *PAM_password;
/*
* PAM error handler.
*/
-static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
+static BOOL smb_pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
{
if( pam_error != PAM_SUCCESS) {
@@ -74,7 +75,7 @@ static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int
* echo off means password.
*/
-static int PAM_conv(int num_msg,
+static int smb_pam_conv(int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr)
@@ -122,21 +123,21 @@ static int PAM_conv(int num_msg,
return PAM_SUCCESS;
}
-static struct pam_conv PAM_conversation = {
- &PAM_conv,
+static struct pam_conv smb_pam_conversation = {
+ &smb_pam_conv,
NULL
};
/*
* PAM Closing out cleanup handler
*/
-static BOOL proc_pam_end(pam_handle_t *pamh)
+static BOOL smb_pam_end(pam_handle_t *pamh)
{
int pam_error;
if( pamh != NULL ) {
pam_error = pam_end(pamh, 0);
- if(pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
+ if(smb_pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
DEBUG(4, ("PAM: PAM_END OK.\n"));
return True;
}
@@ -148,15 +149,15 @@ static BOOL proc_pam_end(pam_handle_t *pamh)
/*
* Start PAM authentication for specified account
*/
-static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
+static BOOL smb_pam_start(pam_handle_t **pamh, char *user, char *rhost)
{
int pam_error;
DEBUG(4,("PAM: Init user: %s\n", user));
- pam_error = pam_start("samba", user, &PAM_conversation, pamh);
- if( !pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
- proc_pam_end(*pamh);
+ pam_error = pam_start("samba", user, &smb_pam_conversation, pamh);
+ if( !smb_pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
@@ -169,16 +170,16 @@ static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
#ifdef PAM_RHOST
DEBUG(4,("PAM: setting rhost to: %s\n", rhost));
pam_error = pam_set_item(*pamh, PAM_RHOST, rhost);
- if(!pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
- proc_pam_end(*pamh);
+ if(!smb_pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#endif
#ifdef PAM_TTY
DEBUG(4,("PAM: setting tty\n"));
pam_error = pam_set_item(*pamh, PAM_TTY, "samba");
- if (!pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
- proc_pam_end(*pamh);
+ if (!smb_pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#endif
@@ -189,7 +190,7 @@ static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
/*
* PAM Authentication Handler
*/
-static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
+static BOOL smb_pam_auth(pam_handle_t *pamh, char *user, char *password)
{
int pam_error;
@@ -225,8 +226,8 @@ static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
default:
DEBUG(0, ("PAM: UNKNOWN ERROR while authenticating user %s\n", user));
}
- if(!pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
+ smb_pam_end(pamh);
return False;
}
/* If this point is reached, the user has been authenticated. */
@@ -236,7 +237,7 @@ static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
/*
* PAM Account Handler
*/
-static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
+static BOOL smb_pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
{
int pam_error;
@@ -264,8 +265,8 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
default:
DEBUG(0, ("PAM: UNKNOWN ERROR for User: %s\n", user));
}
- if(!pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
+ smb_pam_end(pamh);
return False;
}
@@ -303,8 +304,8 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
default:
DEBUG(0, ("PAM: Error Condition Unknown in pam_setcred function call!"));
}
- if(!pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
+ smb_pam_end(pamh);
return False;
}
@@ -316,7 +317,7 @@ static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL p
/*
* PAM Internal Session Handler
*/
-static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
+static BOOL smb_internal_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
{
int pam_error;
@@ -326,22 +327,22 @@ static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL fla
#ifdef PAM_TTY
DEBUG(4,("PAM: tty set to: %s\n", tty));
pam_error = pam_set_item(pamh, PAM_TTY, tty);
- if (!pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
#endif
if (flag) {
pam_error = pam_open_session(pamh, PAM_SILENT);
- if (!pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
} else {
pam_error = pam_close_session(pamh, PAM_SILENT);
- if (!pam_error_handler(pamh, pam_error, "session close failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "session close failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
}
@@ -351,29 +352,26 @@ static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL fla
/*
* PAM Externally accessible Session handler
*/
-BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
+BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
{
pam_handle_t *pamh = NULL;
char * user;
- user = malloc(strlen(in_user)+1);
+ user = strdup(in_user);
if ( user == NULL ) {
DEBUG(0, ("PAM: PAM_session Malloc Failed!\n"));
return False;
}
- /* This is freed by PAM */
- StrnCpy(user, in_user, strlen(in_user)+1);
-
- if (!proc_pam_start(&pamh, user, rhost)) {
- proc_pam_end(pamh);
+ if (!smb_pam_start(&pamh, user, rhost)) {
+ smb_pam_end(pamh);
return False;
}
- if (proc_pam_session(pamh, user, tty, flag)) {
- return proc_pam_end(pamh);
+ if (smb_internal_pam_session(pamh, user, tty, flag)) {
+ return smb_pam_end(pamh);
} else {
- proc_pam_end(pamh);
+ smb_pam_end(pamh);
return False;
}
}
@@ -381,16 +379,16 @@ BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
/*
* PAM Externally accessible Account handler
*/
-BOOL pam_accountcheck(char * user)
+BOOL smb_pam_accountcheck(char * user)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = NULL;
- if( proc_pam_start(&pamh, user, NULL)) {
- if ( pam_account(pamh, user, NULL, False)) {
- return( proc_pam_end(pamh));
+ if( smb_pam_start(&pamh, user, NULL)) {
+ if ( smb_pam_account(pamh, user, NULL, False)) {
+ return( smb_pam_end(pamh));
}
}
DEBUG(0, ("PAM: Account Validation Failed - Rejecting User!\n"));
@@ -400,17 +398,17 @@ BOOL pam_accountcheck(char * user)
/*
* PAM Password Validation Suite
*/
-BOOL pam_passcheck(char * user, char * password)
+BOOL smb_pam_passcheck(char * user, char * password)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = password;
- if( proc_pam_start(&pamh, user, NULL)) {
- if ( pam_auth(pamh, user, password)) {
- if ( pam_account(pamh, user, password, True)) {
- return( proc_pam_end(pamh));
+ if( smb_pam_start(&pamh, user, NULL)) {
+ if ( smb_pam_auth(pamh, user, password)) {
+ if ( smb_pam_account(pamh, user, password, True)) {
+ return( smb_pam_end(pamh));
}
}
}
@@ -421,7 +419,7 @@ BOOL pam_passcheck(char * user, char * password)
#else
/* If PAM not used, no PAM restrictions on accounts. */
- BOOL pam_accountcheck(char * user)
+ BOOL smb_pam_accountcheck(char * user)
{
return True;
}
diff --git a/source3/passdb/pass_check.c b/source3/passdb/pass_check.c
index 08961e5099..05f7138c3c 100644
--- a/source3/passdb/pass_check.c
+++ b/source3/passdb/pass_check.c
@@ -599,7 +599,7 @@ static BOOL password_check(char *password)
{
#ifdef WITH_PAM
- return (pam_passcheck(this_user, password));
+ return (smb_pam_passcheck(this_user, password));
#endif /* WITH_PAM */
#ifdef WITH_AFS
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 698c6a1356..ba882f2bf2 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -632,7 +632,7 @@ BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd)
*/
if (ret)
- return pam_accountcheck(user);
+ return smb_pam_accountcheck(user);
}
return pass_check(user, password, pwlen, pwd,
diff --git a/source3/smbd/session.c b/source3/smbd/session.c
index fb13019812..2f86832b4a 100644
--- a/source3/smbd/session.c
+++ b/source3/smbd/session.c
@@ -111,8 +111,8 @@ BOOL session_claim(uint16 vuid)
}
#if WITH_PAM
- if (!pam_session(True, sessionid.username, sessionid.id_str, sessionid.hostname)) {
- DEBUG(1,("pam_session rejected the session for %s [%s]\n",
+ if (!smb_pam_session(True, sessionid.username, sessionid.id_str, sessionid.hostname)) {
+ DEBUG(1,("smb_pam_session rejected the session for %s [%s]\n",
sessionid.username, sessionid.id_str));
tdb_delete(tdb, key);
return False;
@@ -167,7 +167,7 @@ void session_yield(uint16 vuid)
#endif
#if WITH_PAM
- pam_session(False, sessionid.username, sessionid.id_str, sessionid.hostname);
+ smb_pam_session(False, sessionid.username, sessionid.id_str, sessionid.hostname);
#endif
tdb_delete(tdb, key);