summaryrefslogtreecommitdiff
path: root/source3/nsswitch
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2007-03-16 17:54:10 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:18:39 -0500
commit815fdf23c782e8ace0d71d1fed6f7fe3be200731 (patch)
treef392b843436aa52aaa33d7b753d6617e5ed6a3cd /source3/nsswitch
parentab9a46a35c05869f1aa4bb3c57a987def459791e (diff)
downloadsamba-815fdf23c782e8ace0d71d1fed6f7fe3be200731.tar.gz
samba-815fdf23c782e8ace0d71d1fed6f7fe3be200731.tar.bz2
samba-815fdf23c782e8ace0d71d1fed6f7fe3be200731.zip
r21860: Fixes for "winbind normalize names" functionality:
* Fix getgroups() call called using a normalized name * Fix some more name mappings that could cause for example a user to be unable to unlock the screen as the username would not match in the PAM authenticate call. (This used to be commit 505fc669a1b2c36e1639924b9639c97988056d8d)
Diffstat (limited to 'source3/nsswitch')
-rw-r--r--source3/nsswitch/winbindd.h2
-rw-r--r--source3/nsswitch/winbindd_group.c4
-rw-r--r--source3/nsswitch/winbindd_pam.c4
-rw-r--r--source3/nsswitch/winbindd_rpc.c6
-rw-r--r--source3/nsswitch/winbindd_user.c4
5 files changed, 15 insertions, 5 deletions
diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h
index b9e07a2321..198c655b2d 100644
--- a/source3/nsswitch/winbindd.h
+++ b/source3/nsswitch/winbindd.h
@@ -40,6 +40,8 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
+#define WB_REPLACE_CHAR '_'
+
/* bits for fd_event.flags */
#define EVENT_FD_READ 1
#define EVENT_FD_WRITE 2
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index f47d08ee85..9cf6cc12e0 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -508,7 +508,7 @@ void winbindd_getgrnam(struct winbindd_cli_state *state)
/* Get rid and name type from name */
- ws_name_replace( name_group, '_' );
+ ws_name_replace( name_group, WB_REPLACE_CHAR );
if (!winbindd_lookup_sid_by_name(state->mem_ctx, domain, domain->name,
name_group, &group_sid, &name_type)) {
@@ -1275,6 +1275,8 @@ void winbindd_getgroups(struct winbindd_cli_state *state)
s->state = state;
+ ws_name_return( state->request.data.username, WB_REPLACE_CHAR );
+
if (!parse_domain_user_talloc(state->mem_ctx,
state->request.data.username,
&s->domname, &s->username)) {
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index 2e679c37dc..6fdead5982 100644
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -744,6 +744,8 @@ void winbindd_pam_auth(struct winbindd_cli_state *state)
/* Parse domain and username */
+ ws_name_return( state->request.data.auth.user, WB_REPLACE_CHAR );
+
if (!canonicalize_username(state->request.data.auth.user,
name_domain, name_user)) {
set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER);
@@ -1332,6 +1334,8 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain,
/* Parse domain and username */
+ ws_name_return( state->request.data.auth.user, WB_REPLACE_CHAR );
+
parse_domain_user(state->request.data.auth.user, name_domain, name_user);
if (domain->online == False) {
diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c
index 11d9fe0dbb..3707f0311f 100644
--- a/source3/nsswitch/winbindd_rpc.c
+++ b/source3/nsswitch/winbindd_rpc.c
@@ -262,7 +262,7 @@ NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
return NT_STATUS_NO_MEMORY;
}
- ws_name_return( full_name, '_' );
+ ws_name_return( full_name, WB_REPLACE_CHAR );
DEBUG(3,("name_to_sid [rpc] %s for domain %s\n", full_name?full_name:"", domain_name ));
@@ -317,7 +317,7 @@ NTSTATUS msrpc_sid_to_name(struct winbindd_domain *domain,
*domain_name = domains[0];
*name = names[0];
- ws_name_replace( *name, '_' );
+ ws_name_replace( *name, WB_REPLACE_CHAR );
DEBUG(5,("Mapped sid to [%s]\\[%s]\n", domains[0], *name));
return NT_STATUS_OK;
@@ -369,7 +369,7 @@ NTSTATUS msrpc_rids_to_names(struct winbindd_domain *domain,
ret_names = *names;
for (i=0; i<num_rids; i++) {
if ((*types)[i] != SID_NAME_UNKNOWN) {
- ws_name_replace( ret_names[i], '_' );
+ ws_name_replace( ret_names[i], WB_REPLACE_CHAR );
*domain_name = domains[i];
}
}
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c
index acb81ee871..ce677198ff 100644
--- a/source3/nsswitch/winbindd_user.c
+++ b/source3/nsswitch/winbindd_user.c
@@ -243,7 +243,7 @@ static void getpwsid_queryuser_recv(void *private_data, BOOL success,
strlower_m( username );
s->username = talloc_strdup(s->state->mem_ctx, username);
- ws_name_replace( s->username, '_' );
+ ws_name_replace( s->username, WB_REPLACE_CHAR );
s->fullname = talloc_strdup(s->state->mem_ctx, full_name);
s->homedir = talloc_strdup(s->state->mem_ctx, homedir);
@@ -345,6 +345,8 @@ void winbindd_getpwnam(struct winbindd_cli_state *state)
DEBUG(3, ("[%5lu]: getpwnam %s\n", (unsigned long)state->pid,
state->request.data.username));
+ ws_name_return( state->request.data.username, WB_REPLACE_CHAR );
+
if (!parse_domain_user(state->request.data.username, domname,
username)) {
DEBUG(5, ("Could not parse domain user: %s\n",