diff options
| author | Gerald Carter <jerry@samba.org> | 2007-03-01 03:10:29 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:18:17 -0500 |
| commit | 2c51e492f9961277c27099e6beaa431db2acc6d1 (patch) | |
| tree | fdd4e5e1b52f657e2f0bf6b1c5540b3087ede869 /source3/nsswitch/pam_winbind.c | |
| parent | 85f769dbb425722c2246b8d98a529aac6849ab7d (diff) | |
| download | samba-2c51e492f9961277c27099e6beaa431db2acc6d1.tar.gz samba-2c51e492f9961277c27099e6beaa431db2acc6d1.tar.bz2 samba-2c51e492f9961277c27099e6beaa431db2acc6d1.zip | |
r21612: Make pam_winbind do the same username fixup on AIX as the WINBINDD
LAM module does to work around a system that does not support
>8 character usernames. Without the change, pam_winbind tries
to authenticate _#uid in the domain.
(This used to be commit 7f0ba72e05acbd958fbf768a04d16c29189dc8f7)
Diffstat (limited to 'source3/nsswitch/pam_winbind.c')
| -rw-r--r-- | source3/nsswitch/pam_winbind.c | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index ac87fcf32e..d21c985fee 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -1517,6 +1517,8 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, dictionary *d = NULL; char *username_ret = NULL; char *new_authtok_required = NULL; + char *combined_member = NULL; + const char *real_username = NULL; /* parse arguments */ int ctrl = _pam_parse(pamh, flags, argc, argv, &d); @@ -1535,6 +1537,30 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, goto out; } +#if defined(AIX) + /* Decode the user name since AIX does not support logn user + names by default. The name is encoded as _#uid. */ + + if ( username[0] == '_' ) { + uid_t id = atoi( &username[1] ); + struct passwd *pw = NULL; + + if ( (id!=0) && ((pw = getpwuid( id )) != NULL) ) { + real_username = strdup( pw->pw_name ); + } + } +#endif + + if ( !real_username ) { + /* Just making a copy of the username we got from PAM */ + if ( (real_username = strdup( username )) == NULL ) { + _pam_log_debug(pamh, ctrl, LOG_DEBUG, + "memory allocation failure when copying username"); + retval = PAM_SERVICE_ERR; + goto out; + } + } + retval = _winbind_read_password(pamh, ctrl, NULL, "Password: ", NULL, &password); @@ -1549,9 +1575,9 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, #ifdef DEBUG_PASSWORD _pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s' with password '%s'", - username, password); + real_username, password); #else - _pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s'", username); + _pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s'", real_username); #endif member = get_member_from_config(pamh, argc, argv, ctrl, d); @@ -1594,6 +1620,10 @@ out: free(username_ret); } + if ( real_username ) { + free( real_username ); + } + if (d) { iniparser_freedict(d); } |