summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-12-31 00:31:43 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-12-31 00:31:43 +0000
commit5eee23cc64139ba1d23101c87709e6d5198a6c68 (patch)
tree586f7201be64a2a06dd2d95316eac0f69e1ef968 /source3
parentbcd0e51e280b45e489b1111d730097816dbcaa23 (diff)
downloadsamba-5eee23cc64139ba1d23101c87709e6d5198a6c68.tar.gz
samba-5eee23cc64139ba1d23101c87709e6d5198a6c68.tar.bz2
samba-5eee23cc64139ba1d23101c87709e6d5198a6c68.zip
auth/auth_util.c:
- Fill in the 'backup' idea of a domain, if the DC didn't supply one. This doesn't seem to occour in reality, hence why we missed the typo. lib/charcnv.c: lib/smbldap.c: libads/ldap.c: libsmb/libsmbclient.c: printing/nt_printing.c: - all the callers to pull_utf8_allocate() pass a char ** as the first parammeter, so don't make them all cast it to a void ** nsswitch/winbind_util.c: - Allow for a more 'correct' view of when usernames should be qualified in winbindd. If we are a PDC, or have 'winbind trusted domains only', then for the authentication returns stip the domain portion. - Fix valgrind warning about use of free()ed name when looking up our local domain. lp_workgroup() is maniplated inside a procedure that uses it's former value. Instead, use the fact that our local domain is always the first in the list. Andrew Bartlett (This used to be commit 494781f628683d6e68e8ba21ae54f738727e8c21)
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_util.c2
-rw-r--r--source3/lib/charcnv.c4
-rw-r--r--source3/lib/smbldap.c2
-rw-r--r--source3/libads/ldap.c2
-rw-r--r--source3/libsmb/libsmbclient.c2
-rw-r--r--source3/nsswitch/winbindd_util.c60
-rw-r--r--source3/printing/nt_printing.c4
7 files changed, 54 insertions, 22 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index c474049617..0f945b33cb 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1078,7 +1078,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
if (!(nt_domain = unistr2_tdup(mem_ctx, &(info3->uni_logon_dom)))) {
/* If the server didn't give us one, just use the one we sent them */
- domain = domain;
+ nt_domain = domain;
}
/* try to fill the SAM account.. If getpwnam() fails, then try the
diff --git a/source3/lib/charcnv.c b/source3/lib/charcnv.c
index 6a00402193..1c6058a43e 100644
--- a/source3/lib/charcnv.c
+++ b/source3/lib/charcnv.c
@@ -1011,11 +1011,11 @@ size_t pull_utf8_talloc(TALLOC_CTX *ctx, char **dest, const char *src)
* @returns The number of bytes occupied by the string in the destination
**/
-size_t pull_utf8_allocate(void **dest, const char *src)
+size_t pull_utf8_allocate(char **dest, const char *src)
{
size_t src_len = strlen(src)+1;
*dest = NULL;
- return convert_string_allocate(NULL, CH_UTF8, CH_UNIX, src, src_len, dest);
+ return convert_string_allocate(NULL, CH_UTF8, CH_UNIX, src, src_len, (void **)dest);
}
/**
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index d9d73d943f..e66724a361 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -1371,7 +1371,7 @@ char *smbldap_get_dn(LDAP *ld, LDAPMessage *entry)
DEBUG (5, ("smbldap_get_dn: ldap_get_dn failed\n"));
return NULL;
}
- if (pull_utf8_allocate((void **) &unix_dn, utf8_dn) == (size_t)-1) {
+ if (pull_utf8_allocate(&unix_dn, utf8_dn) == (size_t)-1) {
DEBUG (0, ("smbldap_get_dn: String conversion failure utf8 [%s]\n", utf8_dn));
return NULL;
}
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 99227f6574..ce0341b72c 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -714,7 +714,7 @@ char *ads_get_dn(ADS_STRUCT *ads, void *msg)
return NULL;
}
- if (pull_utf8_allocate((void **) &unix_dn, utf8_dn) == (size_t)-1) {
+ if (pull_utf8_allocate(&unix_dn, utf8_dn) == (size_t)-1) {
DEBUG(0,("ads_get_dn: string conversion failure utf8 [%s]\n",
utf8_dn ));
return NULL;
diff --git a/source3/libsmb/libsmbclient.c b/source3/libsmb/libsmbclient.c
index 21273ec431..37e794478d 100644
--- a/source3/libsmb/libsmbclient.c
+++ b/source3/libsmb/libsmbclient.c
@@ -144,7 +144,7 @@ decode_urlpart(char *segment, size_t sizeof_segment)
free(new_usegment);
/* realloc it with unix charset */
- pull_utf8_allocate((void**)&new_usegment, new_segment);
+ pull_utf8_allocate(&new_usegment, new_segment);
/* this assumes (very safely) that removing %aa sequences
only shortens the string */
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index 1de2bd758f..a0619594b5 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -53,8 +53,9 @@ struct winbindd_domain *domain_list(void)
{
/* Initialise list */
- if (!_domain_list)
- init_domain_list();
+ if (!_domain_list)
+ if (!init_domain_list())
+ return NULL;
return _domain_list;
}
@@ -167,9 +168,9 @@ void rescan_trusted_domains( void )
if ( (now > last_scan) && ((now-last_scan) < WINBINDD_RESCAN_FREQ) )
return;
- /* get the handle for our domain */
+ /* get the handle for our domain (it is always the first in the list) */
- if ( (mydomain = find_domain_from_name(lp_workgroup())) == NULL ) {
+ if ( (mydomain = domain_list()) == NULL ) {
DEBUG(0,("rescan_trusted_domains: Can't find my own domain!\n"));
return;
}
@@ -267,7 +268,7 @@ BOOL init_domain_list(void)
/* Free existing list */
free_domain_list();
- /* Add ourselves as the first entry */
+ /* Add ourselves as the first entry. It *must* be the first entry */
domain = add_trusted_domain( lp_workgroup(), lp_realm(), &cache_methods, NULL);
@@ -292,8 +293,17 @@ BOOL init_domain_list(void)
return True;
}
-/* Given a domain name, return the struct winbindd domain info for it
- if it is actually working. */
+/**
+ * Given a domain name, return the struct winbindd domain info for it
+ *
+ * @note Do *not* pass lp_workgroup() to this function. domain_list
+ * may modify it's value, and free that pointer. Instead, our local
+ * domain may be found by looking at the first entry in domain_list()
+ * directly.
+ *
+ *
+ * @return The domain structure for the named domain, if it is working.
+ */
struct winbindd_domain *find_domain_from_name(const char *domain_name)
{
@@ -303,8 +313,9 @@ struct winbindd_domain *find_domain_from_name(const char *domain_name)
for (domain = domain_list(); domain != NULL; domain = domain->next) {
if (strequal(domain_name, domain->name) ||
- (domain->alt_name[0] && strequal(domain_name, domain->alt_name)))
+ (domain->alt_name[0] && strequal(domain_name, domain->alt_name))) {
return domain;
+ }
}
/* Not found */
@@ -472,6 +483,20 @@ BOOL check_domain_env(char *domain_env, char *domain)
return False;
}
+/* Is this a domain which we may assume no DOMAIN\ prefix? */
+
+static BOOL assume_domain(const char *domain) {
+ if ((lp_winbind_use_default_domain()
+ || lp_winbind_trusted_domains_only()) &&
+ strequal(lp_workgroup(), domain))
+ return True;
+
+ if (strequal(get_global_sam_name(), domain))
+ return True;
+
+ return False;
+}
+
/* Parse a string of the form DOMAIN/user into a domain and a user */
BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
@@ -481,10 +506,13 @@ BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
if ( !p ) {
fstrcpy(user, domuser);
- if ( lp_winbind_use_default_domain() )
+ if ( assume_domain(lp_workgroup())) {
fstrcpy(domain, lp_workgroup());
- else
- fstrcpy( domain, "" );
+ } else if (assume_domain(get_global_sam_name())) {
+ fstrcpy( domain, get_global_sam_name() );
+ } else {
+ fstrcpy( domain, "");
+ }
}
else {
fstrcpy(user, p+1);
@@ -502,13 +530,17 @@ BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
'winbind separator' options.
This means:
- omit DOMAIN when 'winbind use default domain = true' and DOMAIN is
- lp_workgroup
+ lp_workgroup()
+
+ If we are a PDC or BDC, and this is for our domain, do likewise.
+
+ Also, if omit DOMAIN if 'winbind trusted domains only = true', as the
+ username is then unqualified in unix
*/
void fill_domain_username(fstring name, const char *domain, const char *user)
{
- if(lp_winbind_use_default_domain() &&
- !strcmp(lp_workgroup(), domain)) {
+ if (assume_domain(domain)) {
strlcpy(name, user, sizeof(fstring));
} else {
slprintf(name, sizeof(fstring) - 1, "%s%s%s",
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index c28f8e8189..266a2efe1b 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -2661,13 +2661,13 @@ static WERROR publish_it(NT_PRINTER_INFO_LEVEL *printer)
return WERR_SERVER_UNAVAILABLE;
}
/* Now convert to CH_UNIX. */
- if (pull_utf8_allocate((void **) &srv_dn, srv_dn_utf8) == (size_t)-1) {
+ if (pull_utf8_allocate(&srv_dn, srv_dn_utf8) == (size_t)-1) {
ldap_memfree(srv_dn_utf8);
ldap_memfree(srv_cn_utf8);
ads_destroy(&ads);
return WERR_SERVER_UNAVAILABLE;
}
- if (pull_utf8_allocate((void **) &srv_cn_0, srv_cn_utf8[0]) == (size_t)-1) {
+ if (pull_utf8_allocate(&srv_cn_0, srv_cn_utf8[0]) == (size_t)-1) {
ldap_memfree(srv_dn_utf8);
ldap_memfree(srv_cn_utf8);
ads_destroy(&ads);