r14496: Add WBFLAG_PAM_GET_PWD_POLICY bit to only callout for domain password

author Günther Deschner <gd@samba.org>

Thu, 16 Mar 2006 23:54:05 +0000 (23:54 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 16:15:34 +0000 (11:15 -0500)
author Günther Deschner <gd@samba.org>
Thu, 16 Mar 2006 23:54:05 +0000 (23:54 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 16:15:34 +0000 (11:15 -0500)
diff --git a/source/nsswitch/pam_winbind.c b/source/nsswitch/pam_winbind.c

index df5fc11d3e97ece2be24a75d444629333599b08f..b09e974d074c160e373677c6ccb71d9e8f1b7e16 100644 (file)
--- a/source/nsswitch/pam_winbind.c
+++ b/source/nsswitch/pam_winbind.c
@@ -321,7 +321,7 @@ static int winbind_auth_request(pam_handle_t * pamh,
         request.data.auth.krb5_cc_type[0] = '\0';
         request.data.auth.uid = -1;
         
-       request.flags = WBFLAG_PAM_INFO3_TEXT;
+       request.flags = WBFLAG_PAM_INFO3_TEXT | WBFLAG_PAM_GET_PWD_POLICY;
  
         if (ctrl & WINBIND_KRB5_AUTH) {
  
diff --git a/source/nsswitch/winbindd_nss.h b/source/nsswitch/winbindd_nss.h

index b01053d63c1cb3339f1159071a51474fd54f24da..c5ca507bda6ed77be3edec3b6047aad85a59bbec 100644 (file)
--- a/source/nsswitch/winbindd_nss.h
+++ b/source/nsswitch/winbindd_nss.h
@@ -179,6 +179,7 @@ typedef struct winbindd_gr {
  #define WBFLAG_PAM_KRB5                        0x1000
  #define WBFLAG_PAM_FALLBACK_AFTER_KRB5 0x2000
  #define WBFLAG_PAM_CACHED_LOGIN                0x4000
+#define WBFLAG_PAM_GET_PWD_POLICY      0x8000
  
  #define WINBINDD_MAX_EXTRA_DATA (128*1024)
  
diff --git a/source/nsswitch/winbindd_pam.c b/source/nsswitch/winbindd_pam.c

index 9cd2dd9c0ccedac3574a0c6103fc4c0621e02524..12455db8f63fda25c6ed1c4de2e06bee0e979dc5 100644 (file)
--- a/source/nsswitch/winbindd_pam.c
+++ b/source/nsswitch/winbindd_pam.c
@@ -1210,11 +1210,14 @@ process_result:
  
                 }
  
-               result = fillup_password_policy(domain, state);
+               /* this is required to provide password expiry warning */ 
+               if (state->request.flags & WBFLAG_PAM_GET_PWD_POLICY) {
+                       result = fillup_password_policy(domain, state);
  
-               if (!NT_STATUS_IS_OK(result)) {
-                       DEBUG(10,("Failed to get password policies: %s\n", nt_errstr(result)));
-                       goto done;
+                       if (!NT_STATUS_IS_OK(result)) {
+                               DEBUG(10,("Failed to get password policies: %s\n", nt_errstr(result)));
+                               goto done;
+                       }
                 }
         
         }
author	Günther Deschner <gd@samba.org>
	Thu, 16 Mar 2006 23:54:05 +0000 (23:54 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 16:15:34 +0000 (11:15 -0500)
source/nsswitch/pam_winbind.c		patch \| blob \| history
source/nsswitch/winbindd_nss.h		patch \| blob \| history
source/nsswitch/winbindd_pam.c		patch \| blob \| history