From 31b6b7aecdca9086e4cbbb7ae89fd6d6ca84928d Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 24 Aug 2001 19:09:37 +0000 Subject: Make domain_client_validate return a status code instead of a boolean. (This used to be commit b4e79ab34b7df4687966f4ca81b575dce8503775) --- source3/libsmb/domain_client_validate.c | 22 +++++++++++++--------- source3/nsswitch/winbindd_pam.c | 20 ++++++++++---------- 2 files changed, 23 insertions(+), 19 deletions(-) (limited to 'source3') diff --git a/source3/libsmb/domain_client_validate.c b/source3/libsmb/domain_client_validate.c index de5df84e9b..5c56a815ef 100644 --- a/source3/libsmb/domain_client_validate.c +++ b/source3/libsmb/domain_client_validate.c @@ -280,7 +280,7 @@ uint32 domain_client_validate(const auth_usersupplied_info *user_info, struct cli_state cli; uint32 smb_uid_low; BOOL connected_ok = False; - uint32 nt_status; + uint32 status; /* * Check that the requested domain is not our own machine name. @@ -323,12 +323,16 @@ uint32 domain_client_validate(const auth_usersupplied_info *user_info, ZERO_STRUCT(info3); - if (!cli_nt_login_network(&cli, user_info, smb_uid_low, &ctr, &info3)) { - nt_status = cli_nt_error(&cli); - DEBUG(0,("domain_client_validate: unable to validate password for user %s in domain \ -%s to Domain controller %s. Error was %s.\n", user_info->smb_username.str, user_info->domain.str, remote_machine, cli_errstr(&cli))); + if ((status = cli_nt_login_network(&cli, user_info, smb_uid_low, + &ctr, &info3)) + != NT_STATUS_NOPROBLEMO) { + DEBUG(0,("domain_client_validate: unable to validate password " + "for user %s in domain %s to Domain controller %s. " + "Error was %s.\n", user_info->smb_username.str, + user_info->domain.str, remote_machine, + get_nt_error_msg(status))); } else { - nt_status = NT_STATUS_NOPROBLEMO; + status = NT_STATUS_NOPROBLEMO; } /* @@ -342,11 +346,11 @@ uint32 domain_client_validate(const auth_usersupplied_info *user_info, * send here. JRA. */ - if (nt_status == NT_STATUS_NOPROBLMO) { + if (status == NT_STATUS_NOPROBLMO) { if(cli_nt_logoff(&cli, &ctr) == False) { DEBUG(0,("domain_client_validate: unable to log off user %s in domain \ %s to Domain controller %s. Error was %s.\n", user, domain, remote_machine, cli_errstr(&cli))); - nt_status = NT_STATUS_LOGON_FAILURE; + status = NT_STATUS_LOGON_FAILURE; } } #endif /* 0 */ @@ -358,6 +362,6 @@ uint32 domain_client_validate(const auth_usersupplied_info *user_info, cli_nt_session_close(&cli); cli_ulogoff(&cli); cli_shutdown(&cli); - return nt_status; + return status; } diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index d832cfdc02..6f1872e0a4 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -54,7 +54,7 @@ static void parse_domain_user(char *domuser, fstring domain, fstring user) enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) { - BOOL result; + uint32 result; fstring name_domain, name_user; int passlen; unsigned char trust_passwd[16]; @@ -131,18 +131,18 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) for each authentication performed. This can theoretically be optimised to use an already open IPC$ connection. */ - result = (domain_client_validate(&user_info, &server_info, - server_state.controller, trust_passwd, - last_change_time) == NT_STATUS_NOPROBLEMO); + result = domain_client_validate(&user_info, &server_info, + server_state.controller, trust_passwd, + last_change_time); - return result ? WINBINDD_OK : WINBINDD_ERROR; + return (result == NT_STATUS_NOPROBLEMO) ? WINBINDD_OK : WINBINDD_ERROR; } /* Challenge Response Authentication Protocol */ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) { - BOOL result; + uint32 result; fstring name_domain, name_user; unsigned char trust_passwd[16]; time_t last_change_time; @@ -202,11 +202,11 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) for each authentication performed. This can theoretically be optimised to use an already open IPC$ connection. */ - result = (domain_client_validate(&user_info, &server_info, - server_state.controller, trust_passwd, - last_change_time) == NT_STATUS_NOPROBLEMO); + result = domain_client_validate(&user_info, &server_info, + server_state.controller, trust_passwd, + last_change_time); - return result ? WINBINDD_OK : WINBINDD_ERROR; + return (result == NT_STATUS_NOPROBLEMO) ? WINBINDD_OK : WINBINDD_ERROR; } /* Change a user password */ -- cgit