-void winbindd_pam_auth(struct winbindd_cli_state *state)
-{
- struct winbindd_domain *domain;
- fstring name_domain, name_user, mapped_user;
- char *mapped = NULL;
- NTSTATUS result;
- NTSTATUS name_map_status = NT_STATUS_UNSUCCESSFUL;
-
- /* Ensure null termination */
- state->request->data.auth.user
- [sizeof(state->request->data.auth.user)-1]='\0';
-
- /* Ensure null termination */
- state->request->data.auth.pass
- [sizeof(state->request->data.auth.pass)-1]='\0';
-
- DEBUG(3, ("[%5lu]: pam auth %s\n", (unsigned long)state->pid,
- state->request->data.auth.user));
-
- if (!check_request_flags(state->request->flags)) {
- result = NT_STATUS_INVALID_PARAMETER_MIX;
- goto done;
- }
-
- /* Parse domain and username */
-
- name_map_status = normalize_name_unmap(state->mem_ctx,
- state->request->data.auth.user,
- &mapped);
-
- /* If the name normalization didnt' actually do anything,
- just use the original name */
-
- if (NT_STATUS_IS_OK(name_map_status)
- ||NT_STATUS_EQUAL(name_map_status, NT_STATUS_FILE_RENAMED)) {
- fstrcpy(mapped_user, mapped);
- } else {
- fstrcpy(mapped_user, state->request->data.auth.user);
- }
-
- if (!canonicalize_username(mapped_user, name_domain, name_user)) {
- result = NT_STATUS_NO_SUCH_USER;
- goto done;
- }
-
- domain = find_auth_domain(state->request->flags, name_domain);
-
- if (domain == NULL) {
- result = NT_STATUS_NO_SUCH_USER;
- goto done;
- }
-
- sendto_domain(state, domain);
- return;
- done:
- set_auth_errors(state->response, result);
- DEBUG(5, ("Plain text authentication for %s returned %s "
- "(PAM: %d)\n",
- state->request->data.auth.user,
- state->response->data.auth.nt_status_string,
- state->response->data.auth.pam_error));
- request_error(state);
-}
-