summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/db/sysdb.h1
-rw-r--r--src/db/sysdb_ops.c3
-rw-r--r--src/providers/krb5/krb5_auth.c8
-rw-r--r--src/providers/ldap/ldap_auth.c1
-rw-r--r--src/providers/proxy/proxy_auth.c1
-rw-r--r--src/tests/sysdb-tests.c2
-rw-r--r--src/tools/sss_seed.c2
7 files changed, 12 insertions, 6 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 1edf447f..707e1478 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -698,6 +698,7 @@ errno_t sysdb_update_members(struct sysdb_ctx *sysdb,
* in this case a transaction will be automatically started and the
* function will be completely wrapped in it's own sysdb transaction */
int sysdb_cache_password(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *username,
const char *password);
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index b8682608..3da1d74b 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -1945,6 +1945,7 @@ int sysdb_remove_group_member(struct sysdb_ctx *sysdb,
/* =Password-Caching====================================================== */
int sysdb_cache_password(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *username,
const char *password)
{
@@ -1988,7 +1989,7 @@ int sysdb_cache_password(struct sysdb_ctx *sysdb,
if (ret) goto fail;
- ret = sysdb_set_user_attr(sysdb, sysdb->domain,
+ ret = sysdb_set_user_attr(sysdb, domain,
username, attrs, SYSDB_MOD_REP);
if (ret) {
goto fail;
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index 00f5c339..b4955687 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -380,7 +380,9 @@ static errno_t krb5_auth_prepare_ccache_file(struct krb5child_req *kr,
return EOK;
}
-static void krb5_auth_store_creds(struct sysdb_ctx *sysdb, struct pam_data *pd)
+static void krb5_auth_store_creds(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ struct pam_data *pd)
{
const char *password = NULL;
int ret = EOK;
@@ -417,7 +419,7 @@ static void krb5_auth_store_creds(struct sysdb_ctx *sysdb, struct pam_data *pd)
return;
}
- ret = sysdb_cache_password(sysdb, pd->user, password);
+ ret = sysdb_cache_password(sysdb, domain, pd->user, password);
if (ret) {
DEBUG(2, ("Failed to cache password, offline auth may not work."
" (%d)[%s]!?\n", ret, strerror(ret)));
@@ -1090,7 +1092,7 @@ static void krb5_auth_done(struct tevent_req *subreq)
}
if (state->be_ctx->domain->cache_credentials == TRUE) {
- krb5_auth_store_creds(state->sysdb, pd);
+ krb5_auth_store_creds(state->sysdb, state->domain, pd);
}
state->pam_status = PAM_SUCCESS;
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
index cffdf088..aa07fbb8 100644
--- a/src/providers/ldap/ldap_auth.c
+++ b/src/providers/ldap/ldap_auth.c
@@ -1157,6 +1157,7 @@ static void sdap_pam_auth_done(struct tevent_req *req)
ret = sss_authtok_get_password(&state->pd->authtok, &password, NULL);
if (ret == EOK) {
ret = sysdb_cache_password(state->breq->be_ctx->sysdb,
+ state->breq->be_ctx->domain,
state->pd->user, password);
}
diff --git a/src/providers/proxy/proxy_auth.c b/src/providers/proxy/proxy_auth.c
index 3430f38b..d4167c1f 100644
--- a/src/providers/proxy/proxy_auth.c
+++ b/src/providers/proxy/proxy_auth.c
@@ -758,6 +758,7 @@ static void proxy_child_done(struct tevent_req *req)
}
ret = sysdb_cache_password(client_ctx->be_req->be_ctx->sysdb,
+ client_ctx->be_req->be_ctx->domain,
pd->user, password);
/* password caching failures are not fatal errors */
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index e63aa77a..dace3509 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -1551,7 +1551,7 @@ START_TEST (test_sysdb_cache_password)
data->ev = test_ctx->ev;
data->username = talloc_asprintf(data, "testuser%d", _i);
- ret = sysdb_cache_password(test_ctx->sysdb,
+ ret = sysdb_cache_password(test_ctx->sysdb, test_ctx->domain,
data->username, data->username);
fail_unless(ret == EOK, "sysdb_cache_password request failed [%d].", ret);
diff --git a/src/tools/sss_seed.c b/src/tools/sss_seed.c
index 5e4504e0..846a4472 100644
--- a/src/tools/sss_seed.c
+++ b/src/tools/sss_seed.c
@@ -752,7 +752,7 @@ static int seed_cache_user(struct seed_ctx *sctx)
}
}
- ret = sysdb_cache_password(sctx->sysdb, sctx->uctx->name,
+ ret = sysdb_cache_password(sctx->sysdb, sctx->domain, sctx->uctx->name,
sctx->uctx->password);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("Failed to cache password. (%d)[%s]\n",