diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-01-05 23:28:50 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2004-01-05 23:28:50 +0000 |
commit | 134af28f827ce80856c288e6d850d4fa7a043dd1 (patch) | |
tree | 0e8ae7b4cbe53f5c37ed4c44c5441d7f8014f52f /source3/nsswitch/winbindd_pam.c | |
parent | 4e1f6feba61aa98bfc552d29acb20efc0f5c2880 (diff) | |
download | samba-134af28f827ce80856c288e6d850d4fa7a043dd1.tar.gz samba-134af28f827ce80856c288e6d850d4fa7a043dd1.tar.bz2 samba-134af28f827ce80856c288e6d850d4fa7a043dd1.zip |
(merge from 3.0)
Try to gain a bit more consistancy in the output of usernames from ntlm_auth:
Instead of returning a name in DOMAIN\user format, we now return it in the
same way that nsswtich does - following the rules of 'winbind use default
domain', in the correct case and with the correct seperator.
This should help sites who are using Squid or the new SASL code I'm working
on, to match back to their unix usernames.
--
Get the DOMAIN\username around the right way (I had username\domain...)
Push the unix username into utf8 for it's trip across the socket.
Andrew Bartlett
(This used to be commit 4c2e1189ff84d254f19b604999d011fdb17e538d)
Diffstat (limited to 'source3/nsswitch/winbindd_pam.c')
-rw-r--r-- | source3/nsswitch/winbindd_pam.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index 9962105787..d58c9dcc38 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -365,6 +365,32 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) if (state->request.flags & WBFLAG_PAM_INFO3_NDR) { result = append_info3_as_ndr(mem_ctx, state, &info3); + } else if (state->request.flags & WBFLAG_PAM_UNIX_NAME) { + /* ntlm_auth should return the unix username, per + 'winbind use default domain' settings and the like */ + + fstring username_out; + const char *nt_username, *nt_domain; + if (!(nt_username = unistr2_tdup(mem_ctx, &(info3.uni_user_name)))) { + /* If the server didn't give us one, just use the one we sent them */ + nt_username = user; + } + + if (!(nt_domain = unistr2_tdup(mem_ctx, &(info3.uni_logon_dom)))) { + /* If the server didn't give us one, just use the one we sent them */ + nt_domain = domain; + } + + fill_domain_username(username_out, nt_domain, nt_username); + + DEBUG(5, ("Setting unix username to [%s]\n", username_out)); + + /* this interface is in UTF8 */ + if (push_utf8_allocate((char **)&state->response.extra_data, username_out) == -1) { + result = NT_STATUS_NO_MEMORY; + goto done; + } + state->response.length += strlen(state->response.extra_data)+1; } if (state->request.flags & WBFLAG_PAM_NTKEY) { |