Fixed off by one bug using StrnCpy instead of strdup().
Jeremy.
Copyright (C) Andrew Tridgell 1992-2001
Copyright (C) John H Terpsta 1999-2001
Copyright (C) Andrew Bartlett 2001
+ Copyright (C) Jeremy Allison 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
/*
* PAM error handler.
*/
-static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
+static BOOL smb_pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
{
if( pam_error != PAM_SUCCESS) {
* echo off means password.
*/
-static int PAM_conv(int num_msg,
+static int smb_pam_conv(int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr)
return PAM_SUCCESS;
}
-static struct pam_conv PAM_conversation = {
- &PAM_conv,
+static struct pam_conv smb_pam_conversation = {
+ &smb_pam_conv,
NULL
};
/*
* PAM Closing out cleanup handler
*/
-static BOOL proc_pam_end(pam_handle_t *pamh)
+static BOOL smb_pam_end(pam_handle_t *pamh)
{
int pam_error;
if( pamh != NULL ) {
pam_error = pam_end(pamh, 0);
- if(pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
+ if(smb_pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
DEBUG(4, ("PAM: PAM_END OK.\n"));
return True;
}
/*
* Start PAM authentication for specified account
*/
-static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
+static BOOL smb_pam_start(pam_handle_t **pamh, char *user, char *rhost)
{
int pam_error;
DEBUG(4,("PAM: Init user: %s\n", user));
- pam_error = pam_start("samba", user, &PAM_conversation, pamh);
- if( !pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
- proc_pam_end(*pamh);
+ pam_error = pam_start("samba", user, &smb_pam_conversation, pamh);
+ if( !smb_pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#ifdef PAM_RHOST
DEBUG(4,("PAM: setting rhost to: %s\n", rhost));
pam_error = pam_set_item(*pamh, PAM_RHOST, rhost);
- if(!pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
- proc_pam_end(*pamh);
+ if(!smb_pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#endif
#ifdef PAM_TTY
DEBUG(4,("PAM: setting tty\n"));
pam_error = pam_set_item(*pamh, PAM_TTY, "samba");
- if (!pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
- proc_pam_end(*pamh);
+ if (!smb_pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#endif
/*
* PAM Authentication Handler
*/
-static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
+static BOOL smb_pam_auth(pam_handle_t *pamh, char *user, char *password)
{
int pam_error;
default:
DEBUG(0, ("PAM: UNKNOWN ERROR while authenticating user %s\n", user));
}
- if(!pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
+ smb_pam_end(pamh);
return False;
}
/* If this point is reached, the user has been authenticated. */
/*
* PAM Account Handler
*/
-static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
+static BOOL smb_pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
{
int pam_error;
default:
DEBUG(0, ("PAM: UNKNOWN ERROR for User: %s\n", user));
}
- if(!pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
+ smb_pam_end(pamh);
return False;
}
default:
DEBUG(0, ("PAM: Error Condition Unknown in pam_setcred function call!"));
}
- if(!pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
+ smb_pam_end(pamh);
return False;
}
/*
* PAM Internal Session Handler
*/
-static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
+static BOOL smb_internal_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
{
int pam_error;
#ifdef PAM_TTY
DEBUG(4,("PAM: tty set to: %s\n", tty));
pam_error = pam_set_item(pamh, PAM_TTY, tty);
- if (!pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
#endif
if (flag) {
pam_error = pam_open_session(pamh, PAM_SILENT);
- if (!pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
} else {
pam_error = pam_close_session(pamh, PAM_SILENT);
- if (!pam_error_handler(pamh, pam_error, "session close failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "session close failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
}
/*
* PAM Externally accessible Session handler
*/
-BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
+BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
{
pam_handle_t *pamh = NULL;
char * user;
- user = malloc(strlen(in_user)+1);
+ user = strdup(in_user);
if ( user == NULL ) {
DEBUG(0, ("PAM: PAM_session Malloc Failed!\n"));
return False;
}
- /* This is freed by PAM */
- StrnCpy(user, in_user, strlen(in_user)+1);
-
- if (!proc_pam_start(&pamh, user, rhost)) {
- proc_pam_end(pamh);
+ if (!smb_pam_start(&pamh, user, rhost)) {
+ smb_pam_end(pamh);
return False;
}
- if (proc_pam_session(pamh, user, tty, flag)) {
- return proc_pam_end(pamh);
+ if (smb_internal_pam_session(pamh, user, tty, flag)) {
+ return smb_pam_end(pamh);
} else {
- proc_pam_end(pamh);
+ smb_pam_end(pamh);
return False;
}
}
/*
* PAM Externally accessible Account handler
*/
-BOOL pam_accountcheck(char * user)
+BOOL smb_pam_accountcheck(char * user)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = NULL;
- if( proc_pam_start(&pamh, user, NULL)) {
- if ( pam_account(pamh, user, NULL, False)) {
- return( proc_pam_end(pamh));
+ if( smb_pam_start(&pamh, user, NULL)) {
+ if ( smb_pam_account(pamh, user, NULL, False)) {
+ return( smb_pam_end(pamh));
}
}
DEBUG(0, ("PAM: Account Validation Failed - Rejecting User!\n"));
/*
* PAM Password Validation Suite
*/
-BOOL pam_passcheck(char * user, char * password)
+BOOL smb_pam_passcheck(char * user, char * password)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = password;
- if( proc_pam_start(&pamh, user, NULL)) {
- if ( pam_auth(pamh, user, password)) {
- if ( pam_account(pamh, user, password, True)) {
- return( proc_pam_end(pamh));
+ if( smb_pam_start(&pamh, user, NULL)) {
+ if ( smb_pam_auth(pamh, user, password)) {
+ if ( smb_pam_account(pamh, user, password, True)) {
+ return( smb_pam_end(pamh));
}
}
}
#else
/* If PAM not used, no PAM restrictions on accounts. */
- BOOL pam_accountcheck(char * user)
+ BOOL smb_pam_accountcheck(char * user)
{
return True;
}
{
#ifdef WITH_PAM
- return (pam_passcheck(this_user, password));
+ return (smb_pam_passcheck(this_user, password));
#endif /* WITH_PAM */
#ifdef WITH_AFS
#################################################
# check for a PAM password database
+with_pam_for_crypt=no
echo $ac_n "checking whether to use PAM password database""... $ac_c" 1>&6
-echo "configure:11179: checking whether to use PAM password database" >&5
+echo "configure:11180: checking whether to use PAM password database" >&5
# Check whether --with-pam or --without-pam was given.
if test "${with_pam+set}" = set; then
withval="$with_pam"
EOF
LIBS="$LIBS -lpam"
+ with_pam_for_crypt=yes
;;
*)
echo "$ac_t""no" 1>&6
fi
+
+###############################################
+# test for where we get crypt() from, but only
+# if not using PAM
+if test $with_pam_for_crypt = no; then
+for ac_func in crypt
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:11212: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+else
+ cat > conftest.$ac_ext <<EOF
+#line 11217 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char $ac_func(); below. */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error. */
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:11240: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=yes"
+else
+ echo "configure: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ rm -rf conftest*
+ eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+ echo "$ac_t""yes" 1>&6
+ ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+ cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+
+else
+ echo "$ac_t""no" 1>&6
+fi
+done
+
+if test x"$ac_cv_func_crypt" = x"no"; then
+ echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6
+echo "configure:11266: checking for crypt in -lcrypt" >&5
+ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-%__p_%'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+else
+ ac_save_LIBS="$LIBS"
+LIBS="-lcrypt $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 11274 "configure"
+#include "confdefs.h"
+/* Override any gcc2 internal prototype to avoid an error. */
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char crypt();
+
+int main() {
+crypt()
+; return 0; }
+EOF
+if { (eval echo configure:11285: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_lib_$ac_lib_var=yes"
+else
+ echo "configure: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ rm -rf conftest*
+ eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+ echo "$ac_t""yes" 1>&6
+ LIBS="$LIBS -lcrypt";
+ cat >> confdefs.h <<\EOF
+#define HAVE_CRYPT 1
+EOF
+
+else
+ echo "$ac_t""no" 1>&6
+fi
+
+fi
+fi
+
+
#################################################
# check for a TDB password database
echo $ac_n "checking whether to use TDB password database""... $ac_c" 1>&6
-echo "configure:11205: checking whether to use TDB password database" >&5
+echo "configure:11316: checking whether to use TDB password database" >&5
# Check whether --with-tdbsam or --without-tdbsam was given.
if test "${with_tdbsam+set}" = set; then
withval="$with_tdbsam"
#################################################
# check for a LDAP password database
echo $ac_n "checking whether to use LDAP password database""... $ac_c" 1>&6
-echo "configure:11231: checking whether to use LDAP password database" >&5
+echo "configure:11342: checking whether to use LDAP password database" >&5
# Check whether --with-ldap or --without-ldap was given.
if test "${with_ldap+set}" = set; then
withval="$with_ldap"
#################################################
# check for a NISPLUS password database
echo $ac_n "checking whether to use NISPLUS password database""... $ac_c" 1>&6
-echo "configure:11257: checking whether to use NISPLUS password database" >&5
+echo "configure:11368: checking whether to use NISPLUS password database" >&5
# Check whether --with-nisplus or --without-nisplus was given.
if test "${with_nisplus+set}" = set; then
withval="$with_nisplus"
#################################################
# check for a NISPLUS_HOME support
echo $ac_n "checking whether to use NISPLUS_HOME""... $ac_c" 1>&6
-echo "configure:11282: checking whether to use NISPLUS_HOME" >&5
+echo "configure:11393: checking whether to use NISPLUS_HOME" >&5
# Check whether --with-nisplus-home or --without-nisplus-home was given.
if test "${with_nisplus_home+set}" = set; then
withval="$with_nisplus_home"
#################################################
# check for the secure socket layer
echo $ac_n "checking whether to use SSL""... $ac_c" 1>&6
-echo "configure:11307: checking whether to use SSL" >&5
+echo "configure:11418: checking whether to use SSL" >&5
# Check whether --with-ssl or --without-ssl was given.
if test "${with_ssl+set}" = set; then
withval="$with_ssl"
#################################################
# check for syslog logging
echo $ac_n "checking whether to use syslog logging""... $ac_c" 1>&6
-echo "configure:11366: checking whether to use syslog logging" >&5
+echo "configure:11477: checking whether to use syslog logging" >&5
# Check whether --with-syslog or --without-syslog was given.
if test "${with_syslog+set}" = set; then
withval="$with_syslog"
#################################################
# check for a shared memory profiling support
echo $ac_n "checking whether to use profiling""... $ac_c" 1>&6
-echo "configure:11391: checking whether to use profiling" >&5
+echo "configure:11502: checking whether to use profiling" >&5
# Check whether --with-profile or --without-profile was given.
if test "${with_profile+set}" = set; then
withval="$with_profile"
#################################################
# check for experimental netatalk resource fork support
echo $ac_n "checking whether to support netatalk""... $ac_c" 1>&6
-echo "configure:11417: checking whether to support netatalk" >&5
+echo "configure:11528: checking whether to support netatalk" >&5
# Check whether --with-netatalk or --without-netatalk was given.
if test "${with_netatalk+set}" = set; then
withval="$with_netatalk"
QUOTAOBJS=smbd/noquotas.o
echo $ac_n "checking whether to support disk-quotas""... $ac_c" 1>&6
-echo "configure:11444: checking whether to support disk-quotas" >&5
+echo "configure:11555: checking whether to support disk-quotas" >&5
# Check whether --with-quotas or --without-quotas was given.
if test "${with_quotas+set}" = set; then
withval="$with_quotas"
# check for experimental utmp accounting
echo $ac_n "checking whether to support utmp accounting""... $ac_c" 1>&6
-echo "configure:11468: checking whether to support utmp accounting" >&5
+echo "configure:11579: checking whether to support utmp accounting" >&5
# Check whether --with-utmp or --without-utmp was given.
if test "${with_utmp+set}" = set; then
withval="$with_utmp"
# check for MS Dfs support
echo $ac_n "checking whether to support Microsoft Dfs""... $ac_c" 1>&6
-echo "configure:11494: checking whether to support Microsoft Dfs" >&5
+echo "configure:11605: checking whether to support Microsoft Dfs" >&5
# Check whether --with-msdfs or --without-msdfs was given.
if test "${with_msdfs+set}" = set; then
withval="$with_msdfs"
#################################################
# these tests are taken from the GNU fileutils package
echo "checking how to get filesystem space usage" 1>&6
-echo "configure:11594: checking how to get filesystem space usage" >&5
+echo "configure:11705: checking how to get filesystem space usage" >&5
space=no
# Test for statvfs64.
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs64 function (SVR4)""... $ac_c" 1>&6
-echo "configure:11601: checking statvfs64 function (SVR4)" >&5
+echo "configure:11712: checking statvfs64 function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs64'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
fu_cv_sys_stat_statvfs64=cross
else
cat > conftest.$ac_ext <<EOF
-#line 11609 "configure"
+#line 11720 "configure"
#include "confdefs.h"
#if defined(HAVE_UNISTD_H)
exit (statvfs64 (".", &fsd));
}
EOF
-if { (eval echo configure:11623: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11734: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statvfs64=yes
else
if test $space = no; then
# SVR4
echo $ac_n "checking statvfs function (SVR4)""... $ac_c" 1>&6
-echo "configure:11656: checking statvfs function (SVR4)" >&5
+echo "configure:11767: checking statvfs function (SVR4)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statvfs'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11661 "configure"
+#line 11772 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statvfs.h>
struct statvfs fsd; statvfs (0, &fsd);
; return 0; }
EOF
-if { (eval echo configure:11669: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:11780: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
fu_cv_sys_stat_statvfs=yes
else
if test $space = no; then
# DEC Alpha running OSF/1
echo $ac_n "checking for 3-argument statfs function (DEC OSF/1)""... $ac_c" 1>&6
-echo "configure:11694: checking for 3-argument statfs function (DEC OSF/1)" >&5
+echo "configure:11805: checking for 3-argument statfs function (DEC OSF/1)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs3_osf1'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
fu_cv_sys_stat_statfs3_osf1=no
else
cat > conftest.$ac_ext <<EOF
-#line 11702 "configure"
+#line 11813 "configure"
#include "confdefs.h"
#include <sys/param.h>
exit (statfs (".", &fsd, sizeof (struct statfs)));
}
EOF
-if { (eval echo configure:11715: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11826: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs3_osf1=yes
else
if test $space = no; then
# AIX
echo $ac_n "checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)""... $ac_c" 1>&6
-echo "configure:11742: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
+echo "configure:11853: checking for two-argument statfs with statfs.bsize member (AIX, 4.3BSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_bsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
fu_cv_sys_stat_statfs2_bsize=no
else
cat > conftest.$ac_ext <<EOF
-#line 11750 "configure"
+#line 11861 "configure"
#include "confdefs.h"
#ifdef HAVE_SYS_PARAM_H
exit (statfs (".", &fsd));
}
EOF
-if { (eval echo configure:11769: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11880: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_bsize=yes
else
if test $space = no; then
# SVR3
echo $ac_n "checking for four-argument statfs (AIX-3.2.5, SVR3)""... $ac_c" 1>&6
-echo "configure:11796: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
+echo "configure:11907: checking for four-argument statfs (AIX-3.2.5, SVR3)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs4'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
fu_cv_sys_stat_statfs4=no
else
cat > conftest.$ac_ext <<EOF
-#line 11804 "configure"
+#line 11915 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/statfs.h>
exit (statfs (".", &fsd, sizeof fsd, 0));
}
EOF
-if { (eval echo configure:11814: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11925: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs4=yes
else
if test $space = no; then
# 4.4BSD and NetBSD
echo $ac_n "checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)""... $ac_c" 1>&6
-echo "configure:11841: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
+echo "configure:11952: checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_statfs2_fsize'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
fu_cv_sys_stat_statfs2_fsize=no
else
cat > conftest.$ac_ext <<EOF
-#line 11849 "configure"
+#line 11960 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
exit (statfs (".", &fsd));
}
EOF
-if { (eval echo configure:11865: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:11976: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_statfs2_fsize=yes
else
if test $space = no; then
# Ultrix
echo $ac_n "checking for two-argument statfs with struct fs_data (Ultrix)""... $ac_c" 1>&6
-echo "configure:11892: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
+echo "configure:12003: checking for two-argument statfs with struct fs_data (Ultrix)" >&5
if eval "test \"`echo '$''{'fu_cv_sys_stat_fs_data'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
fu_cv_sys_stat_fs_data=no
else
cat > conftest.$ac_ext <<EOF
-#line 11900 "configure"
+#line 12011 "configure"
#include "confdefs.h"
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
exit (statfs (".", &fsd) != 1);
}
EOF
-if { (eval echo configure:11920: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12031: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
fu_cv_sys_stat_fs_data=yes
else
# file support.
#
echo $ac_n "checking if large file support can be enabled""... $ac_c" 1>&6
-echo "configure:11953: checking if large file support can be enabled" >&5
+echo "configure:12064: checking if large file support can be enabled" >&5
cat > conftest.$ac_ext <<EOF
-#line 11955 "configure"
+#line 12066 "configure"
#include "confdefs.h"
#if defined(HAVE_LONGLONG) && (defined(HAVE_OFF64_T) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8)))
int i
; return 0; }
EOF
-if { (eval echo configure:11968: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:12079: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
samba_cv_HAVE_EXPLICIT_LARGEFILE_SUPPORT=yes
else
# check for ACL support
echo $ac_n "checking whether to support ACLs""... $ac_c" 1>&6
-echo "configure:12036: checking whether to support ACLs" >&5
+echo "configure:12147: checking whether to support ACLs" >&5
# Check whether --with-acl-support or --without-acl-support was given.
if test "${with_acl_support+set}" = set; then
withval="$with_acl_support"
;;
*)
echo $ac_n "checking for acl_get_file in -lacl""... $ac_c" 1>&6
-echo "configure:12074: checking for acl_get_file in -lacl" >&5
+echo "configure:12185: checking for acl_get_file in -lacl" >&5
ac_lib_var=`echo acl'_'acl_get_file | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
ac_save_LIBS="$LIBS"
LIBS="-lacl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 12082 "configure"
+#line 12193 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
acl_get_file()
; return 0; }
EOF
-if { (eval echo configure:12093: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12204: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
fi
echo $ac_n "checking for ACL support""... $ac_c" 1>&6
-echo "configure:12121: checking for ACL support" >&5
+echo "configure:12232: checking for ACL support" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_POSIX_ACLS'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 12127 "configure"
+#line 12238 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/acl.h>
acl_t acl; int entry_id; acl_entry_t *entry_p; return acl_get_entry( acl, entry_id, entry_p);
; return 0; }
EOF
-if { (eval echo configure:12135: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12246: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
samba_cv_HAVE_POSIX_ACLS=yes
else
EOF
echo $ac_n "checking for acl_get_perm_np""... $ac_c" 1>&6
-echo "configure:12155: checking for acl_get_perm_np" >&5
+echo "configure:12266: checking for acl_get_perm_np" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_ACL_GET_PERM_NP'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 12161 "configure"
+#line 12272 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/acl.h>
acl_permset_t permset_d; acl_perm_t perm; return acl_get_perm_np( permset_d, perm);
; return 0; }
EOF
-if { (eval echo configure:12169: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12280: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
samba_cv_HAVE_ACL_GET_PERM_NP=yes
else
fi
fi
echo $ac_n "checking for XFS ACL support""... $ac_c" 1>&6
-echo "configure:12190: checking for XFS ACL support" >&5
+echo "configure:12301: checking for XFS ACL support" >&5
if eval "test \"`echo '$''{'samba_cv_HAVE_XFS_ACLS'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 12196 "configure"
+#line 12307 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <acl/acl.h>
char test_str[13] = SGI_ACL_FILE;
; return 0; }
EOF
-if { (eval echo configure:12204: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:12315: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
samba_cv_HAVE_XFS_ACLS=yes
else
:
else
cat > conftest.$ac_ext <<EOF
-#line 12249 "configure"
+#line 12360 "configure"
#include "confdefs.h"
#include "${srcdir-.}/tests/summary.c"
EOF
-if { (eval echo configure:12253: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12364: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
echo "configure OK";
else
/*The following definitions come from passdb/pampass.c */
-BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost);
-BOOL pam_accountcheck(char * user);
-BOOL pam_passcheck(char * user, char * password);
+BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost);
+BOOL smb_pam_accountcheck(char * user);
+BOOL smb_pam_passcheck(char * user, char * password);
/*The following definitions come from passdb/pass_check.c */
Copyright (C) Andrew Tridgell 1992-2001
Copyright (C) John H Terpsta 1999-2001
Copyright (C) Andrew Bartlett 2001
+ Copyright (C) Jeremy Allison 2001
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
/*
* PAM error handler.
*/
-static BOOL pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
+static BOOL smb_pam_error_handler(pam_handle_t *pamh, int pam_error, char *msg, int dbglvl)
{
if( pam_error != PAM_SUCCESS) {
* echo off means password.
*/
-static int PAM_conv(int num_msg,
+static int smb_pam_conv(int num_msg,
const struct pam_message **msg,
struct pam_response **resp,
void *appdata_ptr)
return PAM_SUCCESS;
}
-static struct pam_conv PAM_conversation = {
- &PAM_conv,
+static struct pam_conv smb_pam_conversation = {
+ &smb_pam_conv,
NULL
};
/*
* PAM Closing out cleanup handler
*/
-static BOOL proc_pam_end(pam_handle_t *pamh)
+static BOOL smb_pam_end(pam_handle_t *pamh)
{
int pam_error;
if( pamh != NULL ) {
pam_error = pam_end(pamh, 0);
- if(pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
+ if(smb_pam_error_handler(pamh, pam_error, "End Cleanup Failed", 2) == True) {
DEBUG(4, ("PAM: PAM_END OK.\n"));
return True;
}
/*
* Start PAM authentication for specified account
*/
-static BOOL proc_pam_start(pam_handle_t **pamh, char *user, char *rhost)
+static BOOL smb_pam_start(pam_handle_t **pamh, char *user, char *rhost)
{
int pam_error;
DEBUG(4,("PAM: Init user: %s\n", user));
- pam_error = pam_start("samba", user, &PAM_conversation, pamh);
- if( !pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
- proc_pam_end(*pamh);
+ pam_error = pam_start("samba", user, &smb_pam_conversation, pamh);
+ if( !smb_pam_error_handler(*pamh, pam_error, "Init Failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#ifdef PAM_RHOST
DEBUG(4,("PAM: setting rhost to: %s\n", rhost));
pam_error = pam_set_item(*pamh, PAM_RHOST, rhost);
- if(!pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
- proc_pam_end(*pamh);
+ if(!smb_pam_error_handler(*pamh, pam_error, "set rhost failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#endif
#ifdef PAM_TTY
DEBUG(4,("PAM: setting tty\n"));
pam_error = pam_set_item(*pamh, PAM_TTY, "samba");
- if (!pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
- proc_pam_end(*pamh);
+ if (!smb_pam_error_handler(*pamh, pam_error, "set tty failed", 0)) {
+ smb_pam_end(*pamh);
return False;
}
#endif
/*
* PAM Authentication Handler
*/
-static BOOL pam_auth(pam_handle_t *pamh, char *user, char *password)
+static BOOL smb_pam_auth(pam_handle_t *pamh, char *user, char *password)
{
int pam_error;
default:
DEBUG(0, ("PAM: UNKNOWN ERROR while authenticating user %s\n", user));
}
- if(!pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Authentication Failure", 2)) {
+ smb_pam_end(pamh);
return False;
}
/* If this point is reached, the user has been authenticated. */
/*
* PAM Account Handler
*/
-static BOOL pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
+static BOOL smb_pam_account(pam_handle_t *pamh, char * user, char * password, BOOL pam_auth)
{
int pam_error;
default:
DEBUG(0, ("PAM: UNKNOWN ERROR for User: %s\n", user));
}
- if(!pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Account Check Failed", 2)) {
+ smb_pam_end(pamh);
return False;
}
default:
DEBUG(0, ("PAM: Error Condition Unknown in pam_setcred function call!"));
}
- if(!pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
- proc_pam_end(pamh);
+ if(!smb_pam_error_handler(pamh, pam_error, "Set Credential Failure", 2)) {
+ smb_pam_end(pamh);
return False;
}
/*
* PAM Internal Session Handler
*/
-static BOOL proc_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
+static BOOL smb_internal_pam_session(pam_handle_t *pamh, char *user, char *tty, BOOL flag)
{
int pam_error;
#ifdef PAM_TTY
DEBUG(4,("PAM: tty set to: %s\n", tty));
pam_error = pam_set_item(pamh, PAM_TTY, tty);
- if (!pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "set tty failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
#endif
if (flag) {
pam_error = pam_open_session(pamh, PAM_SILENT);
- if (!pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "session setup failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
} else {
pam_error = pam_close_session(pamh, PAM_SILENT);
- if (!pam_error_handler(pamh, pam_error, "session close failed", 0)) {
- proc_pam_end(pamh);
+ if (!smb_pam_error_handler(pamh, pam_error, "session close failed", 0)) {
+ smb_pam_end(pamh);
return False;
}
}
/*
* PAM Externally accessible Session handler
*/
-BOOL pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
+BOOL smb_pam_session(BOOL flag, const char *in_user, char *tty, char *rhost)
{
pam_handle_t *pamh = NULL;
char * user;
- user = malloc(strlen(in_user)+1);
+ user = strdup(in_user);
if ( user == NULL ) {
DEBUG(0, ("PAM: PAM_session Malloc Failed!\n"));
return False;
}
- /* This is freed by PAM */
- StrnCpy(user, in_user, strlen(in_user)+1);
-
- if (!proc_pam_start(&pamh, user, rhost)) {
- proc_pam_end(pamh);
+ if (!smb_pam_start(&pamh, user, rhost)) {
+ smb_pam_end(pamh);
return False;
}
- if (proc_pam_session(pamh, user, tty, flag)) {
- return proc_pam_end(pamh);
+ if (smb_internal_pam_session(pamh, user, tty, flag)) {
+ return smb_pam_end(pamh);
} else {
- proc_pam_end(pamh);
+ smb_pam_end(pamh);
return False;
}
}
/*
* PAM Externally accessible Account handler
*/
-BOOL pam_accountcheck(char * user)
+BOOL smb_pam_accountcheck(char * user)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = NULL;
- if( proc_pam_start(&pamh, user, NULL)) {
- if ( pam_account(pamh, user, NULL, False)) {
- return( proc_pam_end(pamh));
+ if( smb_pam_start(&pamh, user, NULL)) {
+ if ( smb_pam_account(pamh, user, NULL, False)) {
+ return( smb_pam_end(pamh));
}
}
DEBUG(0, ("PAM: Account Validation Failed - Rejecting User!\n"));
/*
* PAM Password Validation Suite
*/
-BOOL pam_passcheck(char * user, char * password)
+BOOL smb_pam_passcheck(char * user, char * password)
{
pam_handle_t *pamh = NULL;
PAM_username = user;
PAM_password = password;
- if( proc_pam_start(&pamh, user, NULL)) {
- if ( pam_auth(pamh, user, password)) {
- if ( pam_account(pamh, user, password, True)) {
- return( proc_pam_end(pamh));
+ if( smb_pam_start(&pamh, user, NULL)) {
+ if ( smb_pam_auth(pamh, user, password)) {
+ if ( smb_pam_account(pamh, user, password, True)) {
+ return( smb_pam_end(pamh));
}
}
}
#else
/* If PAM not used, no PAM restrictions on accounts. */
- BOOL pam_accountcheck(char * user)
+ BOOL smb_pam_accountcheck(char * user)
{
return True;
}
{
#ifdef WITH_PAM
- return (pam_passcheck(this_user, password));
+ return (smb_pam_passcheck(this_user, password));
#endif /* WITH_PAM */
#ifdef WITH_AFS
*/
if (ret)
- return pam_accountcheck(user);
+ return smb_pam_accountcheck(user);
}
return pass_check(user, password, pwlen, pwd,
}
#if WITH_PAM
- if (!pam_session(True, sessionid.username, sessionid.id_str, sessionid.hostname)) {
- DEBUG(1,("pam_session rejected the session for %s [%s]\n",
+ if (!smb_pam_session(True, sessionid.username, sessionid.id_str, sessionid.hostname)) {
+ DEBUG(1,("smb_pam_session rejected the session for %s [%s]\n",
sessionid.username, sessionid.id_str));
tdb_delete(tdb, key);
return False;
#endif
#if WITH_PAM
- pam_session(False, sessionid.username, sessionid.id_str, sessionid.hostname);
+ smb_pam_session(False, sessionid.username, sessionid.id_str, sessionid.hostname);
#endif
tdb_delete(tdb, key);
git.samba.org / samba.git / commitdiff