s3: Lift smbd_server_fd() from pass_check()

diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
index c50ac78ee4c5e7474f94589e36516fa4c97f81ee..87cfdb9dd548752bca1f82c67b00fe41b54ed43f 100644 (file)
--- a/source3/auth/auth_unix.c
+++ b/source3/auth/auth_unix.c
@@ -37,16 +37,23 @@ static NTSTATUS check_unix_security(const struct auth_context *auth_context,
 {
        NTSTATUS nt_status;
        struct passwd *pass = NULL;
+       const char *rhost;
+       char addr[INET6_ADDRSTRLEN];
 
        DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
 
        become_root();
        pass = Get_Pwnam_alloc(talloc_tos(), user_info->mapped.account_name);
 
+       rhost = client_name(smbd_server_fd());
+       if (strequal(rhost,"UNKNOWN"))
+               rhost = client_addr(smbd_server_fd(), addr, sizeof(addr));
+
        /** @todo This call assumes a ASCII password, no charset transformation is 
            done.  We may need to revisit this **/
        nt_status = pass_check(pass,
                                pass ? pass->pw_name : user_info->mapped.account_name,
+                              rhost,
                                user_info->password.plaintext,
                                true);
 

diff --git a/source3/auth/pass_check.c b/source3/auth/pass_check.c
index 80e7da91df4f06fd54d822dbbb5fb02c66559018..c61a10ba1b0c1df38ddabfbbd2dc7d40417a7e80 100644 (file)
--- a/source3/auth/pass_check.c
+++ b/source3/auth/pass_check.c
@@ -660,6 +660,7 @@ return NT_STATUS_OK on correct match, appropriate error otherwise
 
 NTSTATUS pass_check(const struct passwd *pass,
                    const char *user,
+                   const char *rhost,
                    const char *password,
                    bool run_cracker)
 {
@@ -668,13 +669,6 @@ NTSTATUS pass_check(const struct passwd *pass,
 
        NTSTATUS nt_status;
 
-       const char *rhost;
-       char addr[INET6_ADDRSTRLEN];
-
-       rhost = client_name(smbd_server_fd());
-       if (strequal(rhost,"UNKNOWN"))
-               rhost = client_addr(smbd_server_fd(), addr, sizeof(addr));
-
 #ifdef DEBUG_PASSWORD
        DEBUG(100, ("checking user=[%s] pass=[%s]\n", user, password));
 #endif

diff --git a/source3/include/proto.h b/source3/include/proto.h
index e82b1ac486641c9cdaa7fd730be288d178cb56b7..e2d1c94e7bf74315caa87e67bb01b53f1a0586eb 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -232,7 +232,10 @@ bool smb_pam_close_session(char *in_user, char *tty, char *rhost);
 /* The following definitions come from auth/pass_check.c  */
 
 void dfs_unlogin(void);
-NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *password, 
+NTSTATUS pass_check(const struct passwd *pass,
+                   const char *user,
+                   const char *rhost,
+                   const char *password,
                    bool run_cracker);
 
 /* The following definitions come from auth/token_util.c  */

diff --git a/source3/web/cgi.c b/source3/web/cgi.c
index 9c9a36545770e30ef1ab0268ef5f8c7c801df34b..794152cd99ac2d3f050d32992d1c2044cdb71558 100644 (file)
--- a/source3/web/cgi.c
+++ b/source3/web/cgi.c
@@ -339,6 +339,8 @@ static bool cgi_handle_authorization(char *line)
        char *p;
        fstring user, user_pass;
        struct passwd *pass = NULL;
+       const char *rhost;
+       char addr[INET6_ADDRSTRLEN];
 
        if (!strnequal(line,"Basic ", 6)) {
                goto err;
@@ -369,11 +371,15 @@ static bool cgi_handle_authorization(char *line)
 
        pass = getpwnam_alloc(talloc_autofree_context(), user);
 
+       rhost = client_name(1);
+       if (strequal(rhost,"UNKNOWN"))
+               rhost = client_addr(1, addr, sizeof(addr));
+
        /*
         * Validate the password they have given.
         */
 
-       if NT_STATUS_IS_OK(pass_check(pass, user, user_pass, false)) {
+       if NT_STATUS_IS_OK(pass_check(pass, user, rhost, user_pass, false)) {
                if (pass) {
                        /*
                         * Password was ok.