const char *name;
struct samu *sampass = NULL;
void (*oldsig_handler)(int);
+ TALLOC_CTX *frame = talloc_stackframe();
/* Samba initialization. */
load_case_tables_library();
if (on( SMB_DEBUG, ctrl )) {
_log_err(pamh, LOG_DEBUG, "acct: could not identify user" );
}
+ TALLOC_FREE(frame);
return retval;
}
if (on( SMB_DEBUG, ctrl )) {
if (geteuid() != 0) {
_log_err(pamh, LOG_DEBUG, "Cannot access samba password database, not running as root.");
+ TALLOC_FREE(frame);
return PAM_AUTHINFO_UNAVAIL;
}
if (!initialize_password_db(True, NULL)) {
_log_err(pamh, LOG_ALERT, "Cannot access samba password database" );
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return PAM_AUTHINFO_UNAVAIL;
}
if (!(sampass = samu_new( NULL ))) {
CatchSignal(SIGPIPE, oldsig_handler);
/* malloc fail. */
+ TALLOC_FREE(frame);
return nt_status_to_pam(NT_STATUS_NO_MEMORY);
}
if (!pdb_getsampwnam(sampass, name )) {
_log_err(pamh, LOG_DEBUG, "acct: could not identify user");
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return PAM_USER_UNKNOWN;
}
/* check for lookup failure */
if (!strlen(pdb_get_username(sampass)) ) {
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return PAM_USER_UNKNOWN;
}
"please see your system administrator." );
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return PAM_ACCT_EXPIRED;
}
/* TODO: support for expired passwords. */
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return PAM_SUCCESS;
}
pam_set_data( pamh, "smb_setcred_return" \
, (void *) ret_data, NULL ); \
} \
+ TALLOC_FREE(frame); \
return retval; \
} while (0)
const char *name;
void (*oldsig_handler)(int) = NULL;
bool found;
+ TALLOC_CTX *frame = talloc_stackframe();
/* Points to memory managed by the PAM library. Do not free. */
char *p = NULL;
char *msg_str = NULL;
const char *pass = NULL;
int retval;
+ TALLOC_CTX *frame = talloc_stackframe();
/* Get the authtok; if we don't have one, silently fail. */
retval = _pam_get_item( pamh, PAM_AUTHTOK, &pass );
if (retval != PAM_SUCCESS) {
_log_err(pamh, LOG_ALERT
, "pam_get_item returned error to pam_sm_authenticate" );
+ TALLOC_FREE(frame);
return PAM_AUTHTOK_RECOVER_ERR;
} else if (pass == NULL) {
+ TALLOC_FREE(frame);
return PAM_AUTHTOK_RECOVER_ERR;
}
SAFE_FREE(err_str);
SAFE_FREE(msg_str);
+ TALLOC_FREE(frame);
return PAM_IGNORE;
} else {
/* mimick 'update encrypted' as long as the 'no pw req' flag is not set */
SAFE_FREE(err_str);
SAFE_FREE(msg_str);
pass = NULL;
+ TALLOC_FREE(frame);
return PAM_IGNORE;
}
const char *user;
char *pass_old;
char *pass_new;
+ TALLOC_CTX *frame = talloc_stackframe();
/* Samba initialization. */
load_case_tables_library();
if (on( SMB_DEBUG, ctrl )) {
_log_err(pamh, LOG_DEBUG, "password: could not identify user");
}
+ TALLOC_FREE(frame);
return retval;
}
if (on( SMB_DEBUG, ctrl )) {
if (geteuid() != 0) {
_log_err(pamh, LOG_DEBUG, "Cannot access samba password database, not running as root.");
+ TALLOC_FREE(frame);
return PAM_AUTHINFO_UNAVAIL;
}
if (!initialize_password_db(False, NULL)) {
_log_err(pamh, LOG_ALERT, "Cannot access samba password database" );
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return PAM_AUTHINFO_UNAVAIL;
}
/* obtain user record */
if ( !(sampass = samu_new( NULL )) ) {
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return nt_status_to_pam(NT_STATUS_NO_MEMORY);
}
if (!pdb_getsampwnam(sampass,user)) {
_log_err(pamh, LOG_ALERT, "Failed to find entry for user %s.", user);
CatchSignal(SIGPIPE, oldsig_handler);
- return PAM_USER_UNKNOWN;
+ TALLOC_FREE(frame);
+ return PAM_USER_UNKNOWN;
}
if (on( SMB_DEBUG, ctrl )) {
_log_err(pamh, LOG_DEBUG, "Located account for %s", user);
TALLOC_FREE(sampass);
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return PAM_SUCCESS;
}
_log_err(pamh, LOG_CRIT, "password: out of memory");
TALLOC_FREE(sampass);
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return PAM_BUF_ERR;
}
"password - (old) token not obtained");
TALLOC_FREE(sampass);
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return retval;
}
pass_old = NULL;
TALLOC_FREE(sampass);
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return retval;
} else if (flags & PAM_UPDATE_AUTHTOK) {
_log_err(pamh, LOG_NOTICE, "password: user not authenticated");
TALLOC_FREE(sampass);
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return retval;
}
pass_old = NULL; /* tidy up */
TALLOC_FREE(sampass);
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return retval;
}
pass_new = pass_old = NULL; /* tidy up */
TALLOC_FREE(sampass);
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return retval;
}
TALLOC_FREE(sampass);
CatchSignal(SIGPIPE, oldsig_handler);
+ TALLOC_FREE(frame);
return retval;
}