summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/nsswitch/wb_client.c20
-rw-r--r--source3/nsswitch/winbindd_ads.c6
-rw-r--r--source3/nsswitch/winbindd_group.c16
-rw-r--r--source3/nsswitch/winbindd_pam.c55
-rw-r--r--source3/nsswitch/winbindd_proto.h2
-rw-r--r--source3/nsswitch/winbindd_sid.c3
-rw-r--r--source3/nsswitch/winbindd_user.c14
-rw-r--r--source3/nsswitch/winbindd_util.c21
8 files changed, 57 insertions, 80 deletions
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index cfb90e2497..10d53bf187 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -32,20 +32,18 @@ NSS_STATUS winbindd_request(int req_type,
/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the
form DOMAIN/user into a domain and a user */
-static void parse_domain_user(const char *domuser, fstring domain, fstring user)
+static BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
{
- char *p = strchr(domuser,*lp_winbind_separator());
+ char *p = strchr(domuser,*lp_winbind_separator());
- if (!p) {
- fstrcpy(domain,"");
- fstrcpy(user, domuser);
- return;
- }
+ if (!p)
+ return False;
- fstrcpy(user, p+1);
- fstrcpy(domain, domuser);
- domain[PTR_DIFF(p, domuser)] = 0;
- strupper(domain);
+ fstrcpy(user, p+1);
+ fstrcpy(domain, domuser);
+ domain[PTR_DIFF(p, domuser)] = 0;
+ strupper(domain);
+ return True;
}
/* Call winbindd to convert a name to a sid */
diff --git a/source3/nsswitch/winbindd_ads.c b/source3/nsswitch/winbindd_ads.c
index 1c498d394d..3ae2f85b46 100644
--- a/source3/nsswitch/winbindd_ads.c
+++ b/source3/nsswitch/winbindd_ads.c
@@ -213,7 +213,8 @@ static NTSTATUS name_to_sid(struct winbindd_domain *domain,
fstring name2, dom2;
/* sigh. Need to fix interface to give us a raw name */
- parse_domain_user(name, dom2, name2);
+ if (!parse_domain_user(name, dom2, name2))
+ return NT_STATUS_UNSUCCESSFUL;
DEBUG(3,("ads: name_to_sid\n"));
@@ -287,7 +288,8 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
fstring dom2, name2;
/* sigh. Need to fix interface to give us a raw name */
- parse_domain_user(user_name, dom2, name2);
+ if (!parse_domain_user(user_name, dom2, name2))
+ return NT_STATUS_UNSUCCESSFUL;
DEBUG(3,("ads: query_user\n"));
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index d800456d9d..b03e506494 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -210,12 +210,7 @@ enum winbindd_result winbindd_getgrnam_from_group(struct winbindd_cli_state *sta
memset(name_group, 0, sizeof(fstring));
tmp = state->request.data.groupname;
- parse_domain_user(tmp, name_domain, name_group);
-
- /* Reject names that don't have a domain - i.e name_domain contains
- the entire name. */
-
- if (strequal(name_group, ""))
+ if (!parse_domain_user(tmp, name_domain, name_group))
return WINBINDD_ERROR;
/* Get info for the domain */
@@ -934,13 +929,8 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state)
/* Parse domain and username */
- parse_domain_user(state->request.data.username, name_domain,
- name_user);
-
- /* Reject names that don't have a domain - i.e name_domain contains
- the entire name. */
-
- if (strequal(name_domain, ""))
+ if (!parse_domain_user(state->request.data.username, name_domain,
+ name_user))
goto done;
/* Get info for the domain */
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index 2ea0692fe9..1227d4cf39 100644
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -47,12 +47,8 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state)
/* Parse domain and username */
- parse_domain_user(state->request.data.auth.user, name_domain,
- name_user);
-
- /* don't allow the null domain */
-
- if (strcmp(name_domain,"") == 0)
+ if (!parse_domain_user(state->request.data.auth.user, name_domain,
+ name_user))
return WINBINDD_ERROR;
passlen = strlen(state->request.data.auth.pass);
@@ -120,8 +116,9 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state)
/* Parse domain and username */
- parse_domain_user(state->request.data.auth_crap.user, name_domain,
- name_user);
+ if (!parse_domain_user(state->request.data.auth_crap.user, name_domain,
+ name_user))
+ return WINBINDD_ERROR;
make_user_info_winbind_crap(
&user_info, name_user,
@@ -170,37 +167,39 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state)
enum winbindd_result winbindd_pam_chauthtok(struct winbindd_cli_state *state)
{
- char *oldpass, *newpass;
- fstring domain, user;
- uchar nt_oldhash[16];
- uchar lm_oldhash[16];
+ char *oldpass, *newpass;
+ fstring domain, user;
+ uchar nt_oldhash[16];
+ uchar lm_oldhash[16];
- DEBUG(3, ("[%5d]: pam chauthtok %s\n", state->pid,
- state->request.data.chauthtok.user));
+ DEBUG(3, ("[%5d]: pam chauthtok %s\n", state->pid,
+ state->request.data.chauthtok.user));
- /* Setup crap */
+ /* Setup crap */
- if (state == NULL) return WINBINDD_ERROR;
+ if (state == NULL)
+ return WINBINDD_ERROR;
- parse_domain_user(state->request.data.chauthtok.user, domain, user);
+ if (!parse_domain_user(state->request.data.chauthtok.user, domain, user))
+ return WINBINDD_ERROR;
- oldpass = state->request.data.chauthtok.oldpass;
- newpass = state->request.data.chauthtok.newpass;
+ oldpass = state->request.data.chauthtok.oldpass;
+ newpass = state->request.data.chauthtok.newpass;
- nt_lm_owf_gen(oldpass, nt_oldhash, lm_oldhash);
+ nt_lm_owf_gen(oldpass, nt_oldhash, lm_oldhash);
- /* Change password */
+ /* Change password */
#if 0
- /* XXX */
+ /* XXX */
- if (!msrpc_sam_ntchange_pwd(server_state.controller, domain, user,
- lm_oldhash, nt_oldhash, newpass)) {
- DEBUG(0, ("password change failed for user %s/%s\n", domain, user));
- return WINBINDD_ERROR;
- }
+ if (!msrpc_sam_ntchange_pwd(server_state.controller, domain, user,
+ lm_oldhash, nt_oldhash, newpass)) {
+ DEBUG(0, ("password change failed for user %s/%s\n", domain, user));
+ return WINBINDD_ERROR;
+ }
#endif
- return WINBINDD_OK;
+ return WINBINDD_OK;
}
diff --git a/source3/nsswitch/winbindd_proto.h b/source3/nsswitch/winbindd_proto.h
index 503f8b4267..4659ad69dd 100644
--- a/source3/nsswitch/winbindd_proto.h
+++ b/source3/nsswitch/winbindd_proto.h
@@ -153,5 +153,5 @@ BOOL winbindd_lookup_groupmem(struct winbindd_domain *domain,
void free_getent_state(struct getent_state *state);
BOOL winbindd_param_init(void);
BOOL check_domain_env(char *domain_env, char *domain);
-void parse_domain_user(const char *domuser, fstring domain, fstring user);
+BOOL parse_domain_user(const char *domuser, fstring domain, fstring user);
#endif /* _PROTO_H_ */
diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c
index 07537b82fa..a6daecff71 100644
--- a/source3/nsswitch/winbindd_sid.c
+++ b/source3/nsswitch/winbindd_sid.c
@@ -74,7 +74,8 @@ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state)
DEBUG(3, ("[%5d]: lookupname %s\n", state->pid,
state->request.data.name));
- parse_domain_user(state->request.data.name, name_domain, name_user);
+ if (!parse_domain_user(state->request.data.name, name_domain, name_user))
+ return WINBINDD_ERROR;
snprintf(name, sizeof(name), "%s\\%s", name_domain, name_user);
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c
index c8d9ce299f..52122a4f29 100644
--- a/source3/nsswitch/winbindd_user.c
+++ b/source3/nsswitch/winbindd_user.c
@@ -65,7 +65,10 @@ static BOOL winbindd_fill_pwent(char *domain_name, char *name,
defaults are /tmp for the home directory and /bin/false for
shell. */
- parse_domain_user(name, name_domain, name_user);
+ if (!parse_domain_user(name, name_domain, name_user)) {
+ DEBUG(1, ("error parsing domain user for %s\n", name_user ));
+ return False;
+ }
/* The substitution of %U and %D in the 'template homedir' is done
by lp_string() calling standard_sub_basic(). */
@@ -113,13 +116,8 @@ enum winbindd_result winbindd_getpwnam_from_user(struct winbindd_cli_state *stat
/* Parse domain and username */
- parse_domain_user(state->request.data.username, name_domain,
- name_user);
-
- /* Reject names that don't have a domain - i.e name_domain contains
- the entire name. */
-
- if (strequal(name_domain, ""))
+ if (!parse_domain_user(state->request.data.username, name_domain,
+ name_user))
return WINBINDD_ERROR;
if ((domain = find_domain_from_name(name_domain)) == NULL) {
diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c
index d91b6cc95f..d49e0b5bc2 100644
--- a/source3/nsswitch/winbindd_util.c
+++ b/source3/nsswitch/winbindd_util.c
@@ -640,27 +640,16 @@ BOOL check_domain_env(char *domain_env, char *domain)
/* Parse a string of the form DOMAIN/user into a domain and a user */
-void parse_domain_user(const char *domuser, fstring domain, fstring user)
+BOOL parse_domain_user(const char *domuser, fstring domain, fstring user)
{
- char *p;
- char *sep = lp_winbind_separator();
+ char *p = strchr(domuser,*lp_winbind_separator());
- if (!sep)
- sep = "\\";
-
- p = strchr(domuser,*sep);
-
- if (!p)
- p = strchr(domuser,'\\');
-
- if (!p) {
- fstrcpy(domain,"");
- fstrcpy(user, domuser);
- return;
- }
+ if (!p)
+ return False;
fstrcpy(user, p+1);
fstrcpy(domain, domuser);
domain[PTR_DIFF(p, domuser)] = 0;
strupper(domain);
+ return True;
}