De-coupled the mapping of a Windows to UNIX username from the Get_Pwnam

username case conversion wrapper. It is now (very) explicit where we are mapping between an incoming Windows username, and when we are doing a UNIX password entry lookup, which may change the case of the given username. This makes things *much* clearer (IMHO:-) and will ease the adding of the 'groupname map' parameter, and the addition of the special 'jeremy' mode for Samba where unix users will not be needed. (We must think of a better name for it :-). Jeremy. (This used to be commit fb6ed81844e7cb6049749e43ac9b4adfaf4ca2de)
author: Jeremy Allison <jra@samba.org> 1998-06-10 19:45:13 +0000
committer: Jeremy Allison <jra@samba.org> 1998-06-10 19:45:13 +0000
commit: 72bf410b6e9b85f8fbff7f6175661829bef35f62 (patch)
tree: 11c6f694c2f4b4c3bb2e9325b071215a6d0dfbbf /source3
parent: 1b86bead993051f93ea1570ad404e270b06045d3 (diff)
download: samba-72bf410b6e9b85f8fbff7f6175661829bef35f62.tar.gz
samba-72bf410b6e9b85f8fbff7f6175661829bef35f62.tar.bz2
samba-72bf410b6e9b85f8fbff7f6175661829bef35f62.zip
6 files changed, 125 insertions, 31 deletions
diff --git a/source3/lib/username.c b/source3/lib/username.c
index 6c65d5d8cb..d5ecfe9166 100644
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -22,18 +22,18 @@
 #include "includes.h"
 extern int DEBUGLEVEL;
 
-/* internal functions - modified versions of the ones in password.c */
+/* internal functions */
 static struct passwd *uname_string_combinations(char *s, struct passwd * (*fn) (char *), int N);
 static struct passwd *uname_string_combinations2(char *s, int offset, struct passwd * (*fn) (char *), int N);
 
 /****************************************************************************
-get a users home directory. tries as-is then lower case
+get a users home directory.
 ****************************************************************************/
 char *get_home_dir(char *user)
 {
   static struct passwd *pass;
 
-  pass = Get_Pwnam(user,False);
+  pass = Get_Pwnam(user, False);
 
   if (!pass) return(NULL);
   return(pass->pw_dir);      
@@ -42,26 +42,34 @@ char *get_home_dir(char *user)
 
 /*******************************************************************
 map a username from a dos name to a unix name by looking in the username
-map
+map. Note that this modifies the name in place.
+This is the main function that should be called *once* on
+any incoming or new username - in order to canonicalize the name.
+This is being done to de-couple the case conversions from the user mapping
+function. Previously, the map_username was being called
+every time Get_Pwnam was called.
 ********************************************************************/
 void map_username(char *user)
 {
-  static int depth=0;
   static BOOL initialised=False;
   static fstring last_from,last_to;
   FILE *f;
   char *s;
   char *mapfile = lp_username_map();
-  if (!*mapfile || depth) return;
 
   if (!*user) return;
 
+  if (!*mapfile) {
+    return;
+  }
+
   if (!initialised) {
     *last_from = *last_to = 0;
     initialised = True;
   }
 
-  if (strequal(user,last_to)) return;
+  if (strequal(user,last_to))
+    return;
 
   if (strequal(user,last_from)) {
     DEBUG(3,("Mapped user %s to %s\n",user,last_to));
@@ -77,20 +85,17 @@ void map_username(char *user)
 
   DEBUG(4,("Scanning username map %s\n",mapfile));
 
-  depth++;
-
   for (; (s=fgets_slash(NULL,80,f)); free(s)) {
     char *unixname = s;
     char *dosname = strchr(unixname,'=');
-    BOOL break_if_mapped = False;
+    BOOL return_if_mapped = False;
 
     if (!dosname) continue;
     *dosname++ = 0;
 
     while (isspace(*unixname)) unixname++;
-    if ('!' == *unixname)
-    {
-      break_if_mapped = True;
+    if ('!' == *unixname) {
+      return_if_mapped = True;
       unixname++;
       while (*unixname && isspace(*unixname)) unixname++;
     }
@@ -100,30 +105,29 @@ void map_username(char *user)
     {
       int l = strlen(unixname);
       while (l && isspace(unixname[l-1])) {
-	unixname[l-1] = 0;
-	l--;
+        unixname[l-1] = 0;
+        l--;
       }
     }
 
     if (strchr(dosname,'*') || user_in_list(user,dosname)) {
       DEBUG(3,("Mapped user %s to %s\n",user,unixname));
-      StrnCpy(last_from,user,sizeof(last_from)-1);
+      fstrcpy(last_from,user);
       sscanf(unixname,"%s",user);
-      StrnCpy(last_to,user,sizeof(last_to)-1);
-      if(break_if_mapped) { 
+      fstrcpy(last_to,user);
+      if(return_if_mapped) { 
         free(s);
-        break;
+        fclose(f);
+        return;
       }
     }
   }
 
   fclose(f);
-
-  depth--;
 }
 
 /****************************************************************************
-internals of Get_Pwnam wrapper
+Get_Pwnam wrapper
 ****************************************************************************/
 static struct passwd *_Get_Pwnam(char *s)
 {
@@ -151,7 +155,7 @@ static struct passwd *_Get_Pwnam(char *s)
 /****************************************************************************
 a wrapper for getpwnam() that tries with all lower and all upper case 
 if the initial name fails. Also tried with first letter capitalised
-Note that this changes user!
+Note that this can change user!
 ****************************************************************************/
 struct passwd *Get_Pwnam(char *user,BOOL allow_change)
 {
@@ -170,8 +174,6 @@ struct passwd *Get_Pwnam(char *user,BOOL allow_change)
     user = &user2[0];
   }
 
-  map_username(user);
-
   ret = _Get_Pwnam(user);
   if (ret) return(ret);
 
@@ -208,7 +210,6 @@ struct passwd *Get_Pwnam(char *user,BOOL allow_change)
   return(NULL);
 }
 
-
 /****************************************************************************
 check if a user is in a user list
 ****************************************************************************/
diff --git a/source3/lsarpcd/srv_lsa.c b/source3/lsarpcd/srv_lsa.c
index e723b532b1..43f463a8ab 100644
--- a/source3/lsarpcd/srv_lsa.c
+++ b/source3/lsarpcd/srv_lsa.c
@@ -371,7 +371,18 @@ static void api_lsa_lookup_names( int uid, prs_struct *data,
 	/* convert received RIDs to strings, so we can do them. */
 	for (i = 0; i < q_l.num_entries; i++)
 	{
-		char *user_name = unistr2(q_l.lookup_name[i].str.buffer);
+        fstring user_name;
+		fstrcpy(user_name, unistr2(q_l.lookup_name[i].str.buffer));
+        /*
+         * Map to the UNIX username.
+         */
+        map_username(user_name);
+
+        /*
+         * Do any case conversions.
+         */
+        (void)Get_Pwnam(user_name, True);
+
 		if (!pdb_name_to_rid(user_name, &dom_rids[i], &dummy_g_rid))
 		{
 			/* WHOOPS!  we should really do something about this... */
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index e723b532b1..43f463a8ab 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -371,7 +371,18 @@ static void api_lsa_lookup_names( int uid, prs_struct *data,
 	/* convert received RIDs to strings, so we can do them. */
 	for (i = 0; i < q_l.num_entries; i++)
 	{
-		char *user_name = unistr2(q_l.lookup_name[i].str.buffer);
+        fstring user_name;
+		fstrcpy(user_name, unistr2(q_l.lookup_name[i].str.buffer));
+        /*
+         * Map to the UNIX username.
+         */
+        map_username(user_name);
+
+        /*
+         * Do any case conversions.
+         */
+        (void)Get_Pwnam(user_name, True);
+
 		if (!pdb_name_to_rid(user_name, &dom_rids[i], &dummy_g_rid))
 		{
 			/* WHOOPS!  we should really do something about this... */
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 38481cd2d3..8bcf1682bc 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -641,6 +641,16 @@ static void api_net_sam_logon( int uid,
 
     DEBUG(3,("User:[%s]\n", samlogon_user));
 
+    /*
+     * Convert to a UNIX username.
+     */
+    map_username(samlogon_user);
+
+    /*
+     * Do any case conversions.
+     */
+    (void)Get_Pwnam(samlogon_user, True);
+
     become_root(True);
     smb_pass = getsmbpwnam(samlogon_user);
     unbecome_root(True);
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index a9e0bec3ed..f92e376575 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -1633,6 +1633,18 @@ static BOOL api_SetUserPassword(int cnum,uint16 vuid, char *param,char *data,
   DEBUG(3,("Set password for <%s>\n",user));
 
   /*
+   * Pass the user through the NT -> unix user mapping
+   * function.
+   */
+
+  map_username(user);
+
+  /*
+   * Do any UNIX username case mangling.
+   */
+  (void)Get_Pwnam( user, True);
+
+  /*
    * Attempt the plaintext password change first.
    * Older versions of Windows seem to do this.
    */
@@ -1706,6 +1718,20 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat
   fstrcpy(user,p);
   p = skip_string(p,1);
 
+  DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user));
+
+  /*
+   * Pass the user through the NT -> unix user mapping
+   * function.
+   */
+
+  map_username(user);
+
+  /*
+   * Do any UNIX username case mangling.
+   */
+  (void)Get_Pwnam( user, True);
+
   if(check_oem_password( user, (unsigned char *)data, &sampw, 
                          new_passwd, (int)sizeof(new_passwd)) == False) {
     return True;
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 5ed30a7e8f..c9b0c6852d 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -232,6 +232,18 @@ int reply_tcon(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
 
   parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev);
 
+  /*
+   * Pass the user through the NT -> unix user mapping
+   * function.
+   */
+   
+  map_username(user);
+
+  /*
+   * Do any UNIX username case mangling.
+   */
+  (void)Get_Pwnam( user, True);
+
   connection_num = make_connection(service,user,password,pwlen,dev,vuid);
   
   if (connection_num < 0)
@@ -300,6 +312,18 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize)
     DEBUG(4,("Got device type %s\n",devicename));
   }
 
+  /*
+   * Pass the user through the NT -> unix user mapping
+   * function.
+   */
+   
+  map_username(user);
+
+  /*
+   * Do any UNIX username case mangling.
+   */
+  (void)Get_Pwnam( user, True);
+
   connection_num = make_connection(service,user,password,passlen,devicename,vuid);
   
   if (connection_num < 0)
@@ -599,11 +623,22 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
 
   reload_services(True);
 
+  /*
+   * Pass the user through the NT -> unix user mapping
+   * function.
+   */
+   
+  map_username(user);
+
+  /*
+   * Do any UNIX username case mangling.
+   */
+  (void)Get_Pwnam( user, True);
+
   add_session_user(user);
 
-  /* Check if the given username was the guest user with no password.
-     We need to do this check after add_session_user() as that
-     call can potentially change the username (via map_user).
+  /*
+   * Check if the given username was the guest user with no password.
    */
 
   if(!guest && strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0))
author	Jeremy Allison <jra@samba.org>	1998-06-10 19:45:13 +0000
committer	Jeremy Allison <jra@samba.org>	1998-06-10 19:45:13 +0000
commit	72bf410b6e9b85f8fbff7f6175661829bef35f62 (patch)
tree	11c6f694c2f4b4c3bb2e9325b071215a6d0dfbbf /source3
parent	1b86bead993051f93ea1570ad404e270b06045d3 (diff)
download	samba-72bf410b6e9b85f8fbff7f6175661829bef35f62.tar.gz samba-72bf410b6e9b85f8fbff7f6175661829bef35f62.tar.bz2 samba-72bf410b6e9b85f8fbff7f6175661829bef35f62.zip