diff options
Diffstat (limited to 'source3/winbindd/winbindd_pam.c')
| -rw-r--r-- | source3/winbindd/winbindd_pam.c | 48 |
1 files changed, 7 insertions, 41 deletions
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index d8643a6158..3f350e3fb2 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -522,11 +522,11 @@ static void setup_return_cc_name(struct winbindd_cli_state *state, const char *c #endif -static uid_t get_uid_from_state(struct winbindd_cli_state *state) +uid_t get_uid_from_request(struct winbindd_request *request) { uid_t uid; - uid = state->request->data.auth.uid; + uid = request->data.auth.uid; if (uid < 0) { DEBUG(1,("invalid uid: '%u'\n", (unsigned int)uid)); @@ -535,6 +535,11 @@ static uid_t get_uid_from_state(struct winbindd_cli_state *state) return uid; } +static uid_t get_uid_from_state(struct winbindd_cli_state *state) +{ + return get_uid_from_request(state->request); +} + /********************************************************************** Authenticate a user with a clear text password using Kerberos and fill up ccache if required @@ -1623,30 +1628,12 @@ process_result: if ((state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) { - /* Store in-memory creds for single-signon using ntlm_auth. */ - result = winbindd_add_memory_creds(state->request->data.auth.user, - get_uid_from_state(state), - state->request->data.auth.pass); - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(10,("Failed to store memory creds: %s\n", nt_errstr(result))); - goto done; - } - if (lp_winbind_offline_logon()) { result = winbindd_store_creds(domain, state->mem_ctx, state->request->data.auth.user, state->request->data.auth.pass, info3, NULL); - if (!NT_STATUS_IS_OK(result)) { - - /* Release refcount. */ - winbindd_delete_memory_creds(state->request->data.auth.user); - - DEBUG(10,("Failed to store creds: %s\n", nt_errstr(result))); - goto done; - } } } @@ -2026,26 +2013,6 @@ enum winbindd_result winbindd_dual_pam_chauthtok(struct winbindd_domain *contact done: if (NT_STATUS_IS_OK(result) && (state->request->flags & WBFLAG_PAM_CACHED_LOGIN)) { - - /* Update the single sign-on memory creds. */ - result = winbindd_replace_memory_creds(state->request->data.chauthtok.user, - newpass); - - /* When we login from gdm or xdm and password expires, - * we change password, but there are no memory crendentials - * So, winbindd_replace_memory_creds() returns - * NT_STATUS_OBJECT_NAME_NOT_FOUND. This is not a failure. - * --- BoYang - * */ - if (NT_STATUS_EQUAL(result, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { - result = NT_STATUS_OK; - } - - if (!NT_STATUS_IS_OK(result)) { - DEBUG(10,("Failed to replace memory creds: %s\n", nt_errstr(result))); - goto process_result; - } - if (lp_winbind_offline_logon()) { result = winbindd_update_creds_by_name(contact_domain, state->mem_ctx, user, @@ -2152,7 +2119,6 @@ enum winbindd_result winbindd_dual_pam_logoff(struct winbindd_domain *domain, process_result: - winbindd_delete_memory_creds(state->request->data.logoff.user); set_auth_errors(state->response, result); |