summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--nsswitch/pam_winbind.c37
-rw-r--r--source3/winbindd/winbindd_sid.c5
-rw-r--r--source3/winbindd/winbindd_util.c3
3 files changed, 31 insertions, 14 deletions
diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index e90f1b75ad..f692316fc6 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -11,6 +11,8 @@
*/
#include "pam_winbind.h"
+#define CONST_DISCARD(type,ptr) ((type)(void *)ptr)
+
static int wbc_error_to_pam_error(wbcErr status)
{
@@ -410,49 +412,51 @@ static int _pam_parse(const pam_handle_t *pamh,
config_file = PAM_WINBIND_CONFIG_FILE;
}
- d = iniparser_load(config_file);
+ d = iniparser_load(CONST_DISCARD(char *, config_file));
if (d == NULL) {
goto config_from_pam;
}
- if (iniparser_getboolean(d, "global:debug", false)) {
+ if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:debug"), false)) {
ctrl |= WINBIND_DEBUG_ARG;
}
- if (iniparser_getboolean(d, "global:debug_state", false)) {
+ if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:debug_state"), false)) {
ctrl |= WINBIND_DEBUG_STATE;
}
- if (iniparser_getboolean(d, "global:cached_login", false)) {
+ if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:cached_login"), false)) {
ctrl |= WINBIND_CACHED_LOGIN;
}
- if (iniparser_getboolean(d, "global:krb5_auth", false)) {
+ if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:krb5_auth"), false)) {
ctrl |= WINBIND_KRB5_AUTH;
}
- if (iniparser_getboolean(d, "global:silent", false)) {
+ if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:silent"), false)) {
ctrl |= WINBIND_SILENT;
}
- if (iniparser_getstr(d, "global:krb5_ccache_type") != NULL) {
+ if (iniparser_getstr(d, CONST_DISCARD(char *, "global:krb5_ccache_type")) != NULL) {
ctrl |= WINBIND_KRB5_CCACHE_TYPE;
}
- if ((iniparser_getstr(d, "global:require-membership-of") != NULL) ||
- (iniparser_getstr(d, "global:require_membership_of") != NULL)) {
+ if ((iniparser_getstr(d, CONST_DISCARD(char *, "global:require-membership-of"))
+ != NULL) ||
+ (iniparser_getstr(d, CONST_DISCARD(char *, "global:require_membership_of"))
+ != NULL)) {
ctrl |= WINBIND_REQUIRED_MEMBERSHIP;
}
- if (iniparser_getboolean(d, "global:try_first_pass", false)) {
+ if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:try_first_pass"), false)) {
ctrl |= WINBIND_TRY_FIRST_PASS_ARG;
}
- if (iniparser_getint(d, "global:warn_pwd_expire", 0)) {
+ if (iniparser_getint(d, CONST_DISCARD(char *, "global:warn_pwd_expire"), 0)) {
ctrl |= WINBIND_WARN_PWD_EXPIRE;
}
- if (iniparser_getboolean(d, "global:mkhomedir", false)) {
+ if (iniparser_getboolean(d, CONST_DISCARD(char *, "global:mkhomedir"), false)) {
ctrl |= WINBIND_MKHOMEDIR;
}
@@ -2284,6 +2288,7 @@ static char* winbind_upn_to_username(struct pwb_context *ctx,
enum wbcSidType type;
char *domain;
char *name;
+ char *p;
/* This cannot work when the winbind separator = @ */
@@ -2292,9 +2297,15 @@ static char* winbind_upn_to_username(struct pwb_context *ctx,
return NULL;
}
+ name = talloc_strdup(ctx, upn);
+ if ((p = strchr(name, '@')) != NULL) {
+ *p = 0;
+ domain = talloc_strdup(ctx, p + 1);
+ }
+
/* Convert the UPN to a SID */
- wbc_status = wbcLookupName("", upn, &sid, &type);
+ wbc_status = wbcLookupName(domain, name, &sid, &type);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return NULL;
}
diff --git a/source3/winbindd/winbindd_sid.c b/source3/winbindd/winbindd_sid.c
index c091cd7f53..f8cf7db920 100644
--- a/source3/winbindd/winbindd_sid.c
+++ b/source3/winbindd/winbindd_sid.c
@@ -93,6 +93,11 @@ void winbindd_lookupname(struct winbindd_cli_state *state)
*p = 0;
name_domain = state->request->data.name.name;
name_user = p+1;
+ } else if ((p = strchr(state->request->data.name.name, '@')) != NULL) {
+ /* upn */
+ name_domain = p + 1;
+ *p = 0;
+ name_user = state->request->data.name.name;
} else {
name_domain = state->request->data.name.dom_name;
name_user = state->request->data.name.name;
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 283eee09af..44ae814ae9 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -996,7 +996,8 @@ bool parse_domain_user(const char *domuser, fstring domain, fstring user)
if ( assume_domain(lp_workgroup())) {
fstrcpy(domain, lp_workgroup());
} else if ((p = strchr(domuser, '@')) != NULL) {
- fstrcpy(domain, "");
+ fstrcpy(domain, p + 1);
+ user[PTR_DIFF(p, domuser)] = 0;
} else {
return False;
}