From 815fdf23c782e8ace0d71d1fed6f7fe3be200731 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 16 Mar 2007 17:54:10 +0000
Subject: r21860: Fixes for "winbind normalize names" functionality:

* Fix getgroups() call called using a normalized name
* Fix some more name mappings that could cause for example
  a user to be unable to unlock the screen as the username
  would not match in the PAM authenticate call.
(This used to be commit 505fc669a1b2c36e1639924b9639c97988056d8d)
---
 source3/nsswitch/winbindd.h       | 2 ++
 source3/nsswitch/winbindd_group.c | 4 +++-
 source3/nsswitch/winbindd_pam.c   | 4 ++++
 source3/nsswitch/winbindd_rpc.c   | 6 +++---
 source3/nsswitch/winbindd_user.c  | 4 +++-
 5 files changed, 15 insertions(+), 5 deletions(-)

(limited to 'source3/nsswitch')

diff --git a/source3/nsswitch/winbindd.h b/source3/nsswitch/winbindd.h
index b9e07a2321..198c655b2d 100644
--- a/source3/nsswitch/winbindd.h
+++ b/source3/nsswitch/winbindd.h
@@ -40,6 +40,8 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_WINBIND
 
+#define WB_REPLACE_CHAR		'_'
+
 /* bits for fd_event.flags */
 #define EVENT_FD_READ 1
 #define EVENT_FD_WRITE 2
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index f47d08ee85..9cf6cc12e0 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -508,7 +508,7 @@ void winbindd_getgrnam(struct winbindd_cli_state *state)
 
 	/* Get rid and name type from name */
 
-	ws_name_replace( name_group, '_' );
+	ws_name_replace( name_group, WB_REPLACE_CHAR );
         
 	if (!winbindd_lookup_sid_by_name(state->mem_ctx, domain, domain->name,
 					 name_group, &group_sid, &name_type)) {
@@ -1275,6 +1275,8 @@ void winbindd_getgroups(struct winbindd_cli_state *state)
 
 	s->state = state;
 
+	ws_name_return( state->request.data.username, WB_REPLACE_CHAR );
+
 	if (!parse_domain_user_talloc(state->mem_ctx,
 				      state->request.data.username,
 				      &s->domname, &s->username)) {
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c
index 2e679c37dc..6fdead5982 100644
--- a/source3/nsswitch/winbindd_pam.c
+++ b/source3/nsswitch/winbindd_pam.c
@@ -744,6 +744,8 @@ void winbindd_pam_auth(struct winbindd_cli_state *state)
 
 	/* Parse domain and username */
 	
+	ws_name_return( state->request.data.auth.user, WB_REPLACE_CHAR );
+
 	if (!canonicalize_username(state->request.data.auth.user,
 			       name_domain, name_user)) {
 		set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER);
@@ -1332,6 +1334,8 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain,
 
 	/* Parse domain and username */
 	
+	ws_name_return( state->request.data.auth.user, WB_REPLACE_CHAR );
+
 	parse_domain_user(state->request.data.auth.user, name_domain, name_user);
 
 	if (domain->online == False) {
diff --git a/source3/nsswitch/winbindd_rpc.c b/source3/nsswitch/winbindd_rpc.c
index 11d9fe0dbb..3707f0311f 100644
--- a/source3/nsswitch/winbindd_rpc.c
+++ b/source3/nsswitch/winbindd_rpc.c
@@ -262,7 +262,7 @@ NTSTATUS msrpc_name_to_sid(struct winbindd_domain *domain,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	ws_name_return( full_name, '_' );
+	ws_name_return( full_name, WB_REPLACE_CHAR );
 
 	DEBUG(3,("name_to_sid [rpc] %s for domain %s\n", full_name?full_name:"", domain_name ));
 
@@ -317,7 +317,7 @@ NTSTATUS msrpc_sid_to_name(struct winbindd_domain *domain,
 	*domain_name = domains[0];
 	*name = names[0];
 
-	ws_name_replace( *name, '_' );	
+	ws_name_replace( *name, WB_REPLACE_CHAR );	
 		
 	DEBUG(5,("Mapped sid to [%s]\\[%s]\n", domains[0], *name));
 	return NT_STATUS_OK;
@@ -369,7 +369,7 @@ NTSTATUS msrpc_rids_to_names(struct winbindd_domain *domain,
 	ret_names = *names;
 	for (i=0; i<num_rids; i++) {
 		if ((*types)[i] != SID_NAME_UNKNOWN) {
-			ws_name_replace( ret_names[i], '_' );
+			ws_name_replace( ret_names[i], WB_REPLACE_CHAR );
 			*domain_name = domains[i];
 		}
 	}
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c
index acb81ee871..ce677198ff 100644
--- a/source3/nsswitch/winbindd_user.c
+++ b/source3/nsswitch/winbindd_user.c
@@ -243,7 +243,7 @@ static void getpwsid_queryuser_recv(void *private_data, BOOL success,
 	strlower_m( username );
 	s->username = talloc_strdup(s->state->mem_ctx, username);
 
-	ws_name_replace( s->username, '_' );
+	ws_name_replace( s->username, WB_REPLACE_CHAR );
 	 
 	s->fullname = talloc_strdup(s->state->mem_ctx, full_name);
 	s->homedir = talloc_strdup(s->state->mem_ctx, homedir);
@@ -345,6 +345,8 @@ void winbindd_getpwnam(struct winbindd_cli_state *state)
 	DEBUG(3, ("[%5lu]: getpwnam %s\n", (unsigned long)state->pid,
 		  state->request.data.username));
 
+	ws_name_return( state->request.data.username, WB_REPLACE_CHAR );
+
 	if (!parse_domain_user(state->request.data.username, domname,
 			       username)) {
 		DEBUG(5, ("Could not parse domain user: %s\n",
-- 
cgit