Make sure we have serversupplied_info->sanitized_username everywhere

(This used to be commit 88423a17b966652eba4085e88f7ddb5c86b463dd)

1 files changed, 53 insertions, 10 deletions

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index e07d687d35..790b2f0624 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -485,6 +485,14 @@ static auth_serversupplied_info *make_server_info(TALLOC_CTX *mem_ctx)
 	return result;
 }
 
+static char *sanitize_username(TALLOC_CTX *mem_ctx, const char *username)
+{
+	fstring tmp;
+
+	alpha_strcpy(tmp, username, ". _-$", sizeof(tmp));
+	return talloc_strdup(mem_ctx, tmp);
+}
+
 /***************************************************************************
  Make (and fill) a user_info struct from a struct samu
 ***************************************************************************/
@@ -523,6 +531,13 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
 	
 	TALLOC_FREE(pwd);
 
+	result->sanitized_username = sanitize_username(result,
+						       result->unix_name);
+	if (result->sanitized_username == NULL) {
+		TALLOC_FREE(result);
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	status = pdb_enum_group_memberships(result, sampass,
 					    &result->sids, &gids,
 					    &result->num_sids);
@@ -983,7 +998,6 @@ bool user_in_group(const char *username, const char *groupname)
 	return user_in_group_sid(username, &group_sid);
 }
 
-
 /***************************************************************************
  Make (and fill) a server_info struct from a 'struct passwd' by conversion
  to a struct samu
@@ -1018,7 +1032,17 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info,
 	}
 
 	result->sam_account = sampass;
+
 	result->unix_name = talloc_strdup(result, unix_username);
+	result->sanitized_username = sanitize_username(result, unix_username);
+
+	if ((result->unix_name == NULL)
+	    || (result->sanitized_username == NULL)) {
+		TALLOC_FREE(sampass);
+		TALLOC_FREE(result);
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	result->uid = pwd->pw_uid;
 	result->gid = pwd->pw_gid;
 
@@ -1162,22 +1186,25 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx,
 				       struct auth_serversupplied_info **presult)
 {
 	struct auth_serversupplied_info *result;
+	struct passwd *pwd;
 	NTSTATUS status;
 
-	result = make_server_info(mem_ctx);
-	if (result == NULL) {
-		return NT_STATUS_NO_MEMORY;
+	pwd = getpwnam_alloc(talloc_tos(), username);
+	if (pwd == NULL) {
+		return NT_STATUS_NO_SUCH_USER;
 	}
 
-	result->nss_token = true;
-	result->guest = is_guest;
+	status = make_server_info_pw(&result, pwd->pw_name, pwd);
 
-	result->unix_name = talloc_strdup(result, username);
-	if (result->unix_name == NULL) {
-		TALLOC_FREE(result);
-		return NT_STATUS_NO_MEMORY;
+	TALLOC_FREE(pwd);
+
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
 	}
 
+	result->nss_token = true;
+	result->guest = is_guest;
+
 	status = create_local_token(result);
 
 	if (!NT_STATUS_IS_OK(status)) {
@@ -1624,6 +1651,13 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
 	result->sam_account = sam_account;
 	result->unix_name = talloc_strdup(result, found_username);
 
+	result->sanitized_username = sanitize_username(result,
+						       result->unix_name);
+	if (result->sanitized_username == NULL) {
+		TALLOC_FREE(result);
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	/* Fill in the unix info we found on the way */
 
 	result->uid = uid;
@@ -1859,8 +1893,17 @@ NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx,
 	result->sam_account = sam_account;
 	result->unix_name = talloc_strdup(result, found_username);
 
+	result->sanitized_username = sanitize_username(result,
+						       result->unix_name);
 	result->login_server = talloc_strdup(result, info->logon_server);
 
+	if ((result->unix_name == NULL)
+	    || (result->sanitized_username == NULL)
+	    || (result->login_server == NULL)) {
+		TALLOC_FREE(result);
+		return NT_STATUS_NO_MEMORY;
+	}
+
 	/* Fill in the unix info we found on the way */
 
 	result->uid = uid;