diff options
author | Gerald Carter <jerry@samba.org> | 2007-03-16 17:54:10 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:18:39 -0500 |
commit | 815fdf23c782e8ace0d71d1fed6f7fe3be200731 (patch) | |
tree | f392b843436aa52aaa33d7b753d6617e5ed6a3cd | |
parent | ab9a46a35c05869f1aa4bb3c57a987def459791e (diff) | |
download | samba-815fdf23c782e8ace0d71d1fed6f7fe3be200731.tar.gz samba-815fdf23c782e8ace0d71d1fed6f7fe3be200731.tar.bz2 samba-815fdf23c782e8ace0d71d1fed6f7fe3be200731.zip |
r21860: Fixes for "winbind normalize names" functionality:
* Fix getgroups() call called using a normalized name
* Fix some more name mappings that could cause for example
a user to be unable to unlock the screen as the username
would not match in the PAM authenticate call.
(This used to be commit 505fc669a1b2c36e1639924b9639c97988056d8d)
-rw-r--r-- | source3/nsswitch/winbindd.h | 2 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_group.c | 4 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_pam.c | 4 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_rpc.c | 6 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_user.c | 4 |
5 files changed, 15 insertions, 5 deletions
diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h index b9e07a2321..198c655b2d 100644 --- a/source3/nsswitch/winbindd.h +++ b/source3/nsswitch/winbindd.h @@ -40,6 +40,8 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND +#define WB_REPLACE_CHAR '_' + /* bits for fd_event.flags */ #define EVENT_FD_READ 1 #define EVENT_FD_WRITE 2 diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index f47d08ee85..9cf6cc12e0 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -508,7 +508,7 @@ void winbindd_getgrnam(struct winbindd_cli_state *state) /* Get rid and name type from name */ - ws_name_replace( name_group, '_' ); + ws_name_replace( name_group, WB_REPLACE_CHAR ); if (!winbindd_lookup_sid_by_name(state->mem_ctx, domain, domain->name, name_group, &group_sid, &name_type)) { @@ -1275,6 +1275,8 @@ void winbindd_getgroups(struct winbindd_cli_state *state) s->state = state; + ws_name_return( state->request.data.username, WB_REPLACE_CHAR ); + if (!parse_domain_user_talloc(state->mem_ctx, state->request.data.username, &s->domname, &s->username)) { diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index 2e679c37dc..6fdead5982 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -744,6 +744,8 @@ void winbindd_pam_auth(struct winbindd_cli_state *state) /* Parse domain and username */ + ws_name_return( state->request.data.auth.user, WB_REPLACE_CHAR ); + if (!canonicalize_username(state->request.data.auth.user, name_domain, name_user)) { set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER); @@ -1332,6 +1334,8 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain, /* Parse domain and username */ + ws_name_return( state->request.data.auth.user, WB_REPLACE_CHAR ); + parse_domain_user(state->request.data.auth.user, name_domain, name_user); if (domain->online == False) { diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c index 11d9fe0dbb..3707f0311f 100644 --- a/source3/nsswitch/winbindd_rpc.c +++ b/source3/nsswitch/winbindd_rpc.c @@ -262,7 +262,7 @@ NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain, return NT_STATUS_NO_MEMORY; } - ws_name_return( full_name, '_' ); + ws_name_return( full_name, WB_REPLACE_CHAR ); DEBUG(3,("name_to_sid [rpc] %s for domain %s\n", full_name?full_name:"", domain_name )); @@ -317,7 +317,7 @@ NTSTATUS msrpc_sid_to_name(struct winbindd_domain *domain, *domain_name = domains[0]; *name = names[0]; - ws_name_replace( *name, '_' ); + ws_name_replace( *name, WB_REPLACE_CHAR ); DEBUG(5,("Mapped sid to [%s]\\[%s]\n", domains[0], *name)); return NT_STATUS_OK; @@ -369,7 +369,7 @@ NTSTATUS msrpc_rids_to_names(struct winbindd_domain *domain, ret_names = *names; for (i=0; i<num_rids; i++) { if ((*types)[i] != SID_NAME_UNKNOWN) { - ws_name_replace( ret_names[i], '_' ); + ws_name_replace( ret_names[i], WB_REPLACE_CHAR ); *domain_name = domains[i]; } } diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c index acb81ee871..ce677198ff 100644 --- a/source3/nsswitch/winbindd_user.c +++ b/source3/nsswitch/winbindd_user.c @@ -243,7 +243,7 @@ static void getpwsid_queryuser_recv(void *private_data, BOOL success, strlower_m( username ); s->username = talloc_strdup(s->state->mem_ctx, username); - ws_name_replace( s->username, '_' ); + ws_name_replace( s->username, WB_REPLACE_CHAR ); s->fullname = talloc_strdup(s->state->mem_ctx, full_name); s->homedir = talloc_strdup(s->state->mem_ctx, homedir); @@ -345,6 +345,8 @@ void winbindd_getpwnam(struct winbindd_cli_state *state) DEBUG(3, ("[%5lu]: getpwnam %s\n", (unsigned long)state->pid, state->request.data.username)); + ws_name_return( state->request.data.username, WB_REPLACE_CHAR ); + if (!parse_domain_user(state->request.data.username, domname, username)) { DEBUG(5, ("Could not parse domain user: %s\n", |