From f25863e04cf3264575545701cb257bac8f0aee82 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Thu, 11 Sep 2008 09:51:39 -0400 Subject: Fix for bug 5571 Make sure that usernames are parsed using the correct separator. Otherwise group memeberships in winbind may be result broken. (This used to be commit 20b9c0aa7b4e6d6be5bb6e4e96bd8a1cbb6edd37) --- source3/winbindd/winbindd_group.c | 2 +- source3/winbindd/winbindd_proto.h | 1 + source3/winbindd/winbindd_util.c | 25 +++++++++++++++++++++++++ 3 files changed, 27 insertions(+), 1 deletion(-) diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 21ee8951b5..4d5026d158 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -607,7 +607,7 @@ static bool fill_grent_mem(struct winbindd_domain *domain, } else { DEBUG(10, ("appending %s at ndx %d\n", names[i], buf_ndx)); - safe_strcpy(&buf[buf_ndx], names[i], len); + parse_add_domuser(&buf[buf_ndx], names[i], &len); buf_ndx += len; buf[buf_ndx] = ','; buf_ndx++; diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index c5b7b07931..e0fc073a0a 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -566,6 +566,7 @@ void free_getent_state(struct getent_state *state); bool parse_domain_user(const char *domuser, fstring domain, fstring user); bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, char **domain, char **user); +void parse_add_domuser(void *buf, char *domuser, int *len); bool canonicalize_username(fstring username_inout, fstring domain, fstring user); void fill_domain_username(fstring name, const char *domain, const char *user, bool can_assume); const char *get_winbind_pipe_dir(void) ; diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index 83c5053f78..132c96f1ee 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -1138,6 +1138,31 @@ bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, return ((*domain != NULL) && (*user != NULL)); } +/* add a domain user name to a buffer */ +void parse_add_domuser(void *buf, char *domuser, int *len) +{ + fstring domain; + char *p, *user; + + user = domuser; + p = strchr(domuser, *lp_winbind_separator()); + + if (p) { + + fstrcpy(domain, domuser); + domain[PTR_DIFF(p, domuser)] = 0; + p++; + + if (assume_domain(domain)) { + + user = p; + *len -= (PTR_DIFF(p, domuser)); + } + } + + safe_strcpy(buf, user, *len); +} + /* Ensure an incoming username from NSS is fully qualified. Replace the incoming fstring with DOMAIN user. Returns the same values as parse_domain_user() but also replaces the incoming username. -- cgit