summaryrefslogtreecommitdiff
path: root/source3/nsswitch
diff options
context:
space:
mode:
Diffstat (limited to 'source3/nsswitch')
-rw-r--r--source3/nsswitch/winbindd_misc.c23
-rw-r--r--source3/nsswitch/winbindd_pam.c4
-rw-r--r--source3/nsswitch/winbindd_sid.c4
3 files changed, 13 insertions, 18 deletions
diff --git a/source3/nsswitch/winbindd_misc.c b/source3/nsswitch/winbindd_misc.c
index d656c3ca4d..6b7ef382dd 100644
--- a/source3/nsswitch/winbindd_misc.c
+++ b/source3/nsswitch/winbindd_misc.c
@@ -26,19 +26,6 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
-/************************************************************************
- Routine to get the trust account password for a domain
-************************************************************************/
-static BOOL _get_trust_account_password(const char *domain, unsigned char *ret_pwd,
- time_t *pass_last_set_time)
-{
- if (!secrets_fetch_trust_account_password(domain, ret_pwd, pass_last_set_time)) {
- return False;
- }
-
- return True;
-}
-
/* Check the machine account password is valid */
enum winbindd_result winbindd_check_machine_acct(struct winbindd_cli_state *state)
@@ -52,8 +39,8 @@ enum winbindd_result winbindd_check_machine_acct(struct winbindd_cli_state *stat
/* Get trust account password */
again:
- if (!_get_trust_account_password(lp_workgroup(), trust_passwd,
- NULL)) {
+ if (!secrets_fetch_trust_account_password(
+ lp_workgroup(), trust_passwd, NULL)) {
result = NT_STATUS_INTERNAL_ERROR;
goto done;
}
@@ -113,7 +100,11 @@ enum winbindd_result winbindd_list_trusted_domains(struct winbindd_cli_state
have changed since we last looked. There may be a sequence
number or something we should use but I haven't found it yet. */
- init_domain_list();
+ if (!init_domain_list()) {
+ DEBUG(1, ("winbindd_list_trusted_domains: could not "
+ "refresh trusted domain list\n"));
+ return WINBINDD_ERROR;
+ }
for(domain = domain_list(); domain; domain = domain->next) {
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index 81c182315f..f3237f08da 100644
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -142,7 +142,7 @@ done:
state->response.data.auth.nt_status = NT_STATUS_V(result);
fstrcpy(state->response.data.auth.nt_status_string, nt_errstr(result));
- fstrcpy(state->response.data.auth.error_string, nt_errstr(result));
+ fstrcpy(state->response.data.auth.error_string, get_friendly_nt_error_msg(result));
state->response.data.auth.pam_error = nt_status_to_pam(result);
DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2, ("Plain-text authentication for user %s returned %s (PAM: %d)\n",
@@ -273,6 +273,8 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state)
#if 0
/* we don't currently do this stuff right */
+ /* Doing an assert in a daemon is going to be a pretty bad
+ idea. - tpot */
if (state->request.data.auth_crap.flags & WINBIND_PAM_NTKEY) {
SMB_ASSERT(sizeof(state->response.data.auth.nt_session_key) == sizeof(info3.user_sess_key));
memcpy(state->response.data.auth.nt_session_key, info3.user_sess_key, sizeof(state->response.data.auth.nt_session_key) /* 16 */);
diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c
index 44f857d6be..6ab2eaa646 100644
--- a/source3/nsswitch/winbindd_sid.c
+++ b/source3/nsswitch/winbindd_sid.c
@@ -72,8 +72,10 @@ enum winbindd_result winbindd_lookupsid(struct winbindd_cli_state *state)
return WINBINDD_OK;
}
-/* Convert a sid to a string */
+/**
+ * Look up the SID for a qualified name.
+ **/
enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state)
{
enum SID_NAME_USE type;