rpms / sssd

Clone
Source Code
GIT

Files

  1.   5ad689119c59ef3f43265b5a841356a4f4755990
  2.   SOURCES
  3.   0192-libwbclient-Change-return-code-for-wbcAuthenticateUs.patch
Blob Blame History Raw 
From b9a2edea74ea04a09301f91fffb6835df72d8760 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Tue, 22 Aug 2017 13:09:18 +0200
Subject: [PATCH 192/192] libwbclient: Change return code for
 wbcAuthenticateUserEx

Samba-4.6 change behaviour of few functions
New version of code make sure session info for user is stored in cache.
It is a performance optimisation to prevent contacting KDC for each
session. More details in samba bug
https://bugzilla.samba.org/show_bug.cgi?id=11259

Old return code WBC_SSSD_NOT_IMPLEMENTED was translated
to NT_STATUS_LOGON_FAILURE which caused many failures.

    [2017/08/21 11:34:15.044321,  5, pid=27742, effective(0, 0), real(0, 0)]
    ../libcli/security/security_token.c:53(security_token_debug)
      Security token: (NULL)
    [2017/08/21 11:34:15.044330,  5, pid=27742, effective(0, 0), real(0, 0)]
    ../source3/auth/token_util.c:640(debug_unix_user_token)
      UNIX token of user 0
      Primary group is 0 and contains 0 supplementary groups
    [2017/08/21 11:34:15.044349,  4, pid=27742, effective(0, 0), real(0, 0)]
    ../source3/smbd/sec_ctx.c:439(pop_sec_ctx)
      pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
    [2017/08/21 11:34:15.044360,  1, pid=27742, effective(0, 0), real(0, 0)]
    ../source3/smbd/sesssetup.c:290(reply_sesssetup_and_X_spnego)
      Failed to generate session_info (user and group token) for session
    setup: NT_STATUS_LOGON_FAILURE

Resolves:
https://pagure.io/SSSD/sssd/issue/3461

Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 725d04cd21016dc6092a9f03cd363bb83d7c054c)
(cherry picked from commit aede6a1f4412f133e4b3fd76944f764d76fc4868)
(cherry picked from commit 260062d946e7cc265e2671f88b1662276431c0bb)
---
 src/sss_client/libwbclient/wbc_pam_sssd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/sss_client/libwbclient/wbc_pam_sssd.c b/src/sss_client/libwbclient/wbc_pam_sssd.c
index 174cf1310fad0243036fe591978cc89700903896..77698f523e6e7aeb37d4db50b469d1604d7ee595 100644
--- a/src/sss_client/libwbclient/wbc_pam_sssd.c
+++ b/src/sss_client/libwbclient/wbc_pam_sssd.c
@@ -49,7 +49,7 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
         *error = NULL;
     }
 
-    WBC_SSSD_NOT_IMPLEMENTED;
+    return WBC_ERR_WINBIND_NOT_AVAILABLE;
 }
 
 /* Trigger a verification of the trust credentials of a specific domain */
-- 
2.9.4

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation