diff options
author | Jeremy Allison <jra@samba.org> | 2006-10-09 19:20:21 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:15:21 -0500 |
commit | 9421a0a9cd38a39757e805c817c681f2cefe3bf3 (patch) | |
tree | b7e1a62a6b559b8ec07195cf5ae54278f6e95d0c /source3/nsswitch/winbindd_util.c | |
parent | b405a3971474ac28d3984488395894f540bac4e0 (diff) | |
download | samba-9421a0a9cd38a39757e805c817c681f2cefe3bf3.tar.gz samba-9421a0a9cd38a39757e805c817c681f2cefe3bf3.tar.bz2 samba-9421a0a9cd38a39757e805c817c681f2cefe3bf3.zip |
r19207: Properly canonicalize incoming names to the
NSS protocols auth, chauthtok, logoff, ccache_ntlm_auth.
That way we ensure winbindd only deals with fully
qualified names internally. The NSS protocols
auth_crap and chng_pswd_auth_crap should be fixed
to do the same thing.
Jeremy.
(This used to be commit dbd2454d3337f64cddbdaf39e9efd6505e6b2590)
Diffstat (limited to 'source3/nsswitch/winbindd_util.c')
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index a6d6959446..53fa3da536 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -888,6 +888,26 @@ BOOL parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, return ((*domain != NULL) && (*user != NULL)); } +/* Ensure an incoming username from NSS is fully qualified. Replace the + incoming fstring with DOMAIN <separator> user. Returns the same + values as parse_domain_user() but also replaces the incoming username. + Used to ensure all names are fully qualified within winbindd. + Used by the NSS protocols of auth, chauthtok, logoff and ccache_ntlm_auth. + The protocol definitions of auth_crap, chng_pswd_auth_crap + really should be changed to use this instead of doing things + by hand. JRA. */ + +BOOL canonicalize_username(fstring username_inout, fstring domain, fstring user) +{ + if (!parse_domain_user(username_inout, domain, user)) { + return False; + } + slprintf(username_inout, sizeof(fstring) - 1, "%s%c%s", + domain, *lp_winbind_separator(), + user); + return True; +} + /* Fill DOMAIN\\USERNAME entry accounting 'winbind use default domain' and 'winbind separator' options. |