diff options
-rw-r--r-- | source3/include/proto.h | 2 | ||||
-rw-r--r-- | source3/lib/username.c | 13 | ||||
-rw-r--r-- | source3/nsswitch/winbind_nss.c | 20 | ||||
-rw-r--r-- | source3/smbd/password.c | 2 | ||||
-rw-r--r-- | source3/smbd/reply.c | 27 | ||||
-rw-r--r-- | source3/smbd/service.c | 2 |
6 files changed, 38 insertions, 28 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 55e60ae673..626820ae0e 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -290,7 +290,7 @@ char *get_user_home_dir(char *user); BOOL map_username(char *user); struct passwd *Get_Pwnam(char *user,BOOL allow_change); BOOL user_in_list(char *user,char *list); -struct passwd *smb_getpwnam(char *user, char *domain, BOOL allow_change); +struct passwd *smb_getpwnam(char *user, BOOL allow_change); int smb_initgroups(char *user, char *domain, gid_t group); /*The following definitions come from lib/util.c */ diff --git a/source3/lib/username.c b/source3/lib/username.c index 2839ddab3d..2620d74eba 100644 --- a/source3/lib/username.c +++ b/source3/lib/username.c @@ -429,19 +429,18 @@ static struct passwd * uname_string_combinations(char *s,struct passwd * (*fn)(c these wrappers allow appliance mode to work. In appliance mode the username takes the form DOMAIN/user ****************************************************************************/ -struct passwd *smb_getpwnam(char *user, char *domain, BOOL allow_change) +struct passwd *smb_getpwnam(char *user, BOOL allow_change) { struct passwd *pw; - fstring userdom; + char *p; pw = Get_Pwnam(user, allow_change); - if (pw || !domain || !*domain) return pw; - - slprintf(userdom, sizeof(userdom), "%s/%s", domain, user); + if (pw) return pw; - DEBUG(4,("smb_getpwnam trying userdom %s\n", userdom)); + p = strchr(user,'/'); + if (p) return Get_Pwnam(p+1, allow_change); - return Get_Pwnam(userdom, allow_change); + return NULL; } int smb_initgroups(char *user, char *domain, gid_t group) diff --git a/source3/nsswitch/winbind_nss.c b/source3/nsswitch/winbind_nss.c index 5c6227286d..78485aa05e 100644 --- a/source3/nsswitch/winbind_nss.c +++ b/source3/nsswitch/winbind_nss.c @@ -323,7 +323,7 @@ static int fill_grent(struct group *result, /* Rewind "file pointer" to start of ntdom password database */ enum nss_status -_nss_ntdom_setpwent(void) +_nss_winbind_setpwent(void) { return generic_request(WINBINDD_SETPWENT, NULL, NULL); } @@ -331,7 +331,7 @@ _nss_ntdom_setpwent(void) /* Close ntdom password database "file pointer" */ enum nss_status -_nss_ntdom_endpwent(void) +_nss_winbind_endpwent(void) { return generic_request(WINBINDD_ENDPWENT, NULL, NULL); } @@ -339,7 +339,7 @@ _nss_ntdom_endpwent(void) /* Fetch the next password entry from ntdom password database */ enum nss_status -_nss_ntdom_getpwent_r(struct passwd *result, char *buffer, +_nss_winbind_getpwent_r(struct passwd *result, char *buffer, size_t buflen, int *errnop) { enum nss_status ret; @@ -354,7 +354,7 @@ _nss_ntdom_getpwent_r(struct passwd *result, char *buffer, /* Return passwd struct from uid */ enum nss_status -_nss_ntdom_getpwuid_r(uid_t uid, struct passwd *result, char *buffer, +_nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer, size_t buflen, int *errnop) { enum nss_status ret; @@ -372,7 +372,7 @@ _nss_ntdom_getpwuid_r(uid_t uid, struct passwd *result, char *buffer, /* Return passwd struct from username */ enum nss_status -_nss_ntdom_getpwnam_r(const char *name, struct passwd *result, char *buffer, +_nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer, size_t buflen, int *errnop) { enum nss_status ret; @@ -395,7 +395,7 @@ _nss_ntdom_getpwnam_r(const char *name, struct passwd *result, char *buffer, /* Rewind "file pointer" to start of ntdom group database */ enum nss_status -_nss_ntdom_setgrent(void) +_nss_winbind_setgrent(void) { return generic_request(WINBINDD_SETGRENT, NULL, NULL); } @@ -403,7 +403,7 @@ _nss_ntdom_setgrent(void) /* Close "file pointer" for ntdom group database */ enum nss_status -_nss_ntdom_endgrent(void) +_nss_winbind_endgrent(void) { return generic_request(WINBINDD_ENDGRENT, NULL, NULL); } @@ -413,7 +413,7 @@ _nss_ntdom_endgrent(void) /* Get next entry from ntdom group database */ enum nss_status -_nss_ntdom_getgrent_r(struct group *result, +_nss_winbind_getgrent_r(struct group *result, char *buffer, size_t buflen, int *errnop) { enum nss_status ret; @@ -428,7 +428,7 @@ _nss_ntdom_getgrent_r(struct group *result, /* Return group struct from group name */ enum nss_status -_nss_ntdom_getgrnam_r(const char *name, +_nss_winbind_getgrnam_r(const char *name, struct group *result, char *buffer, size_t buflen, int *errnop) { @@ -448,7 +448,7 @@ _nss_ntdom_getgrnam_r(const char *name, /* Return group struct from gid */ enum nss_status -_nss_ntdom_getgrgid_r(gid_t gid, +_nss_winbind_getgrgid_r(gid_t gid, struct group *result, char *buffer, size_t buflen, int *errnop) { diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 3953c5b0e3..314b3dd3c7 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -493,7 +493,7 @@ BOOL pass_check_smb(char *user, char *domain, } else { - pass = smb_getpwnam(user,domain,True); + pass = smb_getpwnam(user,True); } if (pass == NULL) diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0d099a7b4c..1fc377f362 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -572,7 +572,7 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user * level security as we never know if it was a failure * due to a bad password, or the user really doesn't exist. */ - if(lp_adduser_script() && !smb_getpwnam(unix_user,domain, True)) { + if(lp_adduser_script() && !smb_getpwnam(unix_user,True)) { smb_create_user(unix_user); } } @@ -608,7 +608,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user * If the admin wants us to try and create a UNIX * user on the fly, do so. */ - if(user_exists && lp_adduser_script() && !smb_getpwnam(unix_user,domain,True)) { + if(user_exists && lp_adduser_script() && !smb_getpwnam(unix_user,True)) { smb_create_user(unix_user); } } else { @@ -618,7 +618,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user * wants us to try and delete that UNIX user on the fly, * do so. */ - if(!user_exists && lp_deluser_script() && smb_getpwnam(unix_user,domain,True)) { + if(!user_exists && lp_deluser_script() && smb_getpwnam(unix_user,True)) { smb_delete_user(unix_user); } } @@ -853,6 +853,17 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstrcpy( orig_user, user); + /* if the username exists as a domain/username pair on the unix system then use + that */ + if (!Get_Pwnam(user, False)) { + pstring user2; + slprintf(user2,sizeof(user2),"%s/%s", domain, user); + if (Get_Pwnam(user2, True)) { + DEBUG(3,("Using unix username %s\n", user2)); + pstrcpy(user, user2); + } + } + /* * Pass the user through the NT -> unix user mapping * function. @@ -863,7 +874,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* * Do any UNIX username case mangling. */ - smb_getpwnam(user, domain, True); + smb_getpwnam(user, True); add_session_user(user); @@ -920,7 +931,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) { - if (smb_getpwnam(user,domain,True)) + if (smb_getpwnam(user,True)) { DEBUG(1,("Rejecting user '%s': bad password\n", user)); return bad_password_error(inbuf,outbuf); @@ -933,14 +944,14 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int */ } - if (*smb_apasswd || !smb_getpwnam(user,domain,True)) + if (*smb_apasswd || !smb_getpwnam(user,True)) pstrcpy(user,lp_guestaccount(-1)); DEBUG(3,("Registered username %s for guest access\n",user)); guest = True; } } - if (!smb_getpwnam(user,domain,True)) { + if (!smb_getpwnam(user,True)) { DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); pstrcpy(user,lp_guestaccount(-1)); guest = True; @@ -975,7 +986,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int user we should become. */ { - const struct passwd *pw = smb_getpwnam(user,domain,False); + const struct passwd *pw = smb_getpwnam(user,False); if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); return bad_password_error(inbuf,outbuf); diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 71d718154d..f713b18562 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -295,7 +295,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int } /* find out some info about the user */ - pass = smb_getpwnam(user,validated_domain(vuid),True); + pass = smb_getpwnam(user,True); if (pass == NULL) { DEBUG(0,( "Couldn't find account %s\n",user)); |