diff options
| author | Simo Sorce <idra@samba.org> | 2008-09-11 09:51:39 -0400 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2008-09-11 09:51:39 -0400 |
| commit | f25863e04cf3264575545701cb257bac8f0aee82 (patch) | |
| tree | 6ae378b205d934582378a6db5ce615ac25d895cb | |
| parent | a2919ddd38939a9a979adc8778fb88a9bb2499f8 (diff) | |
| download | samba-f25863e04cf3264575545701cb257bac8f0aee82.tar.gz samba-f25863e04cf3264575545701cb257bac8f0aee82.tar.xz samba-f25863e04cf3264575545701cb257bac8f0aee82.zip | |
Fix for bug 5571
Make sure that usernames are parsed using the correct separator.
Otherwise group memeberships in winbind may be result broken.
(This used to be commit 20b9c0aa7b4e6d6be5bb6e4e96bd8a1cbb6edd37)
| -rw-r--r-- | source3/winbindd/winbindd_group.c | 2 | ||||
| -rw-r--r-- | source3/winbindd/winbindd_proto.h | 1 | ||||
| -rw-r--r-- | source3/winbindd/winbindd_util.c | 25 |
3 files changed, 27 insertions, 1 deletions
diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c index 21ee8951b5..4d5026d158 100644 --- a/source3/winbindd/winbindd_group.c +++ b/source3/winbindd/winbindd_group.c @@ -607,7 +607,7 @@ static bool fill_grent_mem(struct winbindd_domain *domain, } else { DEBUG(10, ("appending %s at ndx %d\n", names[i], buf_ndx)); - safe_strcpy(&buf[buf_ndx], names[i], len); + parse_add_domuser(&buf[buf_ndx], names[i], &len); buf_ndx += len; buf[buf_ndx] = ','; buf_ndx++; diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index c5b7b07931..e0fc073a0a 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -566,6 +566,7 @@ void free_getent_state(struct getent_state *state); bool parse_domain_user(const char *domuser, fstring domain, fstring user); bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, char **domain, char **user); +void parse_add_domuser(void *buf, char *domuser, int *len); bool canonicalize_username(fstring username_inout, fstring domain, fstring user); void fill_domain_username(fstring name, const char *domain, const char *user, bool can_assume); const char *get_winbind_pipe_dir(void) ; diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c index 83c5053f78..132c96f1ee 100644 --- a/source3/winbindd/winbindd_util.c +++ b/source3/winbindd/winbindd_util.c @@ -1138,6 +1138,31 @@ bool parse_domain_user_talloc(TALLOC_CTX *mem_ctx, const char *domuser, return ((*domain != NULL) && (*user != NULL)); } +/* add a domain user name to a buffer */ +void parse_add_domuser(void *buf, char *domuser, int *len) +{ + fstring domain; + char *p, *user; + + user = domuser; + p = strchr(domuser, *lp_winbind_separator()); + + if (p) { + + fstrcpy(domain, domuser); + domain[PTR_DIFF(p, domuser)] = 0; + p++; + + if (assume_domain(domain)) { + + user = p; + *len -= (PTR_DIFF(p, domuser)); + } + } + + safe_strcpy(buf, user, *len); +} + /* Ensure an incoming username from NSS is fully qualified. Replace the incoming fstring with DOMAIN <separator> user. Returns the same values as parse_domain_user() but also replaces the incoming username. |