From 482a9ef278567a35d3bcad1c2048ee97d86bfb9c Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 5 Oct 2001 00:20:06 +0000 Subject: This is the start of a bit of a rewrite of winbindd's connection handling. I've wrapped up all the decisions about managing, making and closing connections into a connection manager in nsswitch/winbindd_cm.c. It's rather incomplete at the moment - only querying basic user info works at the moment (i.e finger -m DOMAIN/user) and everything else is broken. Jeremy, please take a look and I'll start moving across the rest of winbindd to this new system. (This used to be commit c369cf5af787ed9c642778d21f162716fbf0620e) --- source3/nsswitch/winbindd_pam.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'source3/nsswitch/winbindd_pam.c') diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index 262a9d7a33..406b12c9f6 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -55,7 +55,7 @@ static void parse_domain_user(char *domuser, fstring domain, fstring user) enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) { NTSTATUS result; - fstring name_domain, name_user; + fstring name_domain, name_user, auth_dc; int passlen; unsigned char trust_passwd[16]; time_t last_change_time; @@ -127,12 +127,18 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) return WINBINDD_ERROR; } + if (!cm_get_dc_name(lp_workgroup(), auth_dc)) { + DEBUG(3, ("Could not find dc for workgroup %s\n", + lp_workgroup())); + return WINBINDD_ERROR; + } + /* So domain_client_validate() actually opens a new connection for each authentication performed. This can theoretically be optimised to use an already open IPC$ connection. */ result = domain_client_validate(&user_info, &server_info, - server_state.controller, trust_passwd, + auth_dc, trust_passwd, last_change_time); return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR; @@ -143,7 +149,7 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) { NTSTATUS result; - fstring name_domain, name_user; + fstring name_domain, name_user, auth_dc; unsigned char trust_passwd[16]; time_t last_change_time; auth_usersupplied_info user_info; @@ -198,12 +204,18 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) return WINBINDD_ERROR; } + if (!cm_get_dc_name(lp_workgroup(), auth_dc)) { + DEBUG(3, ("Could not find dc for workgroup %s\n", + lp_workgroup())); + return WINBINDD_ERROR; + } + /* So domain_client_validate() actually opens a new connection for each authentication performed. This can theoretically be optimised to use an already open IPC$ connection. */ result = domain_client_validate(&user_info, &server_info, - server_state.controller, trust_passwd, + auth_dc, trust_passwd, last_change_time); return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR; -- cgit