}
size = prs_data_size(&ps);
- state->response.extra_data = memdup(prs_data_p(&ps), size);
+ state->response.extra_data = malloc(size);
if (!state->response.extra_data) {
prs_mem_free(&ps);
return NT_STATUS_NO_MEMORY;
}
+ prs_copy_all_data_out(state->response.extra_data, &ps);
state->response.length += size;
prs_mem_free(&ps);
return NT_STATUS_OK;
DATA_BLOB lm_resp;
DATA_BLOB nt_resp;
- extern pstring global_myname;
-
/* Ensure null termination */
state->request.data.auth.user[sizeof(state->request.data.auth.user)-1]='\0';
DEBUG(3, ("[%5d]: pam auth %s\n", state->pid,
state->request.data.auth.user));
- if (!(mem_ctx = talloc_init_named("winbind pam auth for %s", state->request.data.auth.user))) {
+ if (!(mem_ctx = talloc_init("winbind pam auth for %s", state->request.data.auth.user))) {
DEBUG(0, ("winbindd_pam_auth: could not talloc_init()!\n"));
result = NT_STATUS_NO_MEMORY;
goto done;
result = cli_netlogon_sam_network_logon(cli, mem_ctx,
name_user, name_domain,
- global_myname, chal,
+ global_myname(), chal,
lm_resp, nt_resp,
&info3);
state->response.data.auth.nt_status = NT_STATUS_V(result);
fstrcpy(state->response.data.auth.nt_status_string, nt_errstr(result));
- fstrcpy(state->response.data.auth.error_string, nt_errstr(result));
+ fstrcpy(state->response.data.auth.error_string, get_friendly_nt_error_msg(result));
state->response.data.auth.pam_error = nt_status_to_pam(result);
- DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2, ("Plain-text authenticaion for user %s returned %s (PAM: %d)\n",
+ DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2, ("Plain-text authentication for user %s returned %s (PAM: %d)\n",
state->request.data.auth.user,
state->response.data.auth.nt_status_string,
state->response.data.auth.pam_error));
struct cli_state *cli = NULL;
TALLOC_CTX *mem_ctx = NULL;
char *user = NULL;
- char *domain = NULL;
- char *contact_domain;
- char *workstation;
+ const char *domain = NULL;
+ const char *contact_domain;
+ const char *workstation;
DATA_BLOB lm_resp, nt_resp;
- extern pstring global_myname;
-
/* Ensure null termination */
state->request.data.auth_crap.user[sizeof(state->request.data.auth_crap.user)-1]='\0';
/* Ensure null termination */
state->request.data.auth_crap.domain[sizeof(state->request.data.auth_crap.domain)-1]='\0';
- if (!(mem_ctx = talloc_init_named("winbind pam auth crap for (utf8) %s", state->request.data.auth.user))) {
+ if (!(mem_ctx = talloc_init("winbind pam auth crap for (utf8) %s", state->request.data.auth_crap.user))) {
DEBUG(0, ("winbindd_pam_auth_crap: could not talloc_init()!\n"));
result = NT_STATUS_NO_MEMORY;
goto done;
}
- if (pull_utf8_talloc(mem_ctx, &user, state->request.data.auth_crap.user) < 0) {
+ if (pull_utf8_talloc(mem_ctx, &user, state->request.data.auth_crap.user) == (size_t)-1) {
DEBUG(0, ("winbindd_pam_auth_crap: pull_utf8_talloc failed!\n"));
}
if (*state->request.data.auth_crap.domain) {
- if (pull_utf8_talloc(mem_ctx, &domain, state->request.data.auth_crap.domain) < 0) {
+ char *dom = NULL;
+ if (pull_utf8_talloc(mem_ctx, &dom, state->request.data.auth_crap.domain) == (size_t)-1) {
DEBUG(0, ("winbindd_pam_auth_crap: pull_utf8_talloc failed!\n"));
}
+ domain = dom;
} else if (lp_winbind_use_default_domain()) {
domain = lp_workgroup();
} else {
}
if (*state->request.data.auth_crap.workstation) {
- if (pull_utf8_talloc(mem_ctx, &workstation, state->request.data.auth_crap.workstation) < 0) {
+ char *wrk = NULL;
+ if (pull_utf8_talloc(mem_ctx, &wrk, state->request.data.auth_crap.workstation) == (size_t)-1) {
DEBUG(0, ("winbindd_pam_auth_crap: pull_utf8_talloc failed!\n"));
}
+ workstation = wrk;
} else {
- workstation = global_myname;
+ workstation = global_myname();
}
if (state->request.data.auth_crap.lm_resp_len > sizeof(state->request.data.auth_crap.lm_resp)
#if 0
/* we don't currently do this stuff right */
+ /* Doing an assert in a daemon is going to be a pretty bad
+ idea. - tpot */
if (state->request.data.auth_crap.flags & WINBIND_PAM_NTKEY) {
SMB_ASSERT(sizeof(state->response.data.auth.nt_session_key) == sizeof(info3.user_sess_key));
memcpy(state->response.data.auth.nt_session_key, info3.user_sess_key, sizeof(state->response.data.auth.nt_session_key) /* 16 */);
state->response.data.auth.pam_error = nt_status_to_pam(result);
DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2,
- ("NTLM CRAP authenticaion for user [%s]\\[%s] returned %s (PAM: %d)\n",
+ ("NTLM CRAP authentication for user [%s]\\[%s] returned %s (PAM: %d)\n",
domain,
user,
state->response.data.auth.nt_status_string,
fstrcpy(state->response.data.auth.error_string, nt_errstr(result));
state->response.data.auth.pam_error = nt_status_to_pam(result);
+ DEBUG(NT_STATUS_IS_OK(result) ? 5 : 2,
+ ("Password change for user [%s]\\[%s] returned %s (PAM: %d)\n",
+ domain,
+ user,
+ state->response.data.auth.nt_status_string,
+ state->response.data.auth.pam_error));
+
return NT_STATUS_IS_OK(result) ? WINBINDD_OK : WINBINDD_ERROR;
}