svn commit: samba r21612 - in branches/SAMBA_3_0/source/nsswitch: .
jerry at samba.org
jerry at samba.org
Thu Mar 1 03:10:30 GMT 2007
Author: jerry
Date: 2007-03-01 03:10:29 +0000 (Thu, 01 Mar 2007)
New Revision: 21612
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21612
Log:
Make pam_winbind do the same username fixup on AIX as the WINBINDD
LAM module does to work around a system that does not support
>8 character usernames. Without the change, pam_winbind tries
to authenticate _#uid in the domain.
Modified:
branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2007-03-01 03:07:57 UTC (rev 21611)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2007-03-01 03:10:29 UTC (rev 21612)
@@ -1517,6 +1517,8 @@
dictionary *d = NULL;
char *username_ret = NULL;
char *new_authtok_required = NULL;
+ char *combined_member = NULL;
+ const char *real_username = NULL;
/* parse arguments */
int ctrl = _pam_parse(pamh, flags, argc, argv, &d);
@@ -1535,6 +1537,30 @@
goto out;
}
+#if defined(AIX)
+ /* Decode the user name since AIX does not support logn user
+ names by default. The name is encoded as _#uid. */
+
+ if ( username[0] == '_' ) {
+ uid_t id = atoi( &username[1] );
+ struct passwd *pw = NULL;
+
+ if ( (id!=0) && ((pw = getpwuid( id )) != NULL) ) {
+ real_username = strdup( pw->pw_name );
+ }
+ }
+#endif
+
+ if ( !real_username ) {
+ /* Just making a copy of the username we got from PAM */
+ if ( (real_username = strdup( username )) == NULL ) {
+ _pam_log_debug(pamh, ctrl, LOG_DEBUG,
+ "memory allocation failure when copying username");
+ retval = PAM_SERVICE_ERR;
+ goto out;
+ }
+ }
+
retval = _winbind_read_password(pamh, ctrl, NULL,
"Password: ", NULL,
&password);
@@ -1549,9 +1575,9 @@
#ifdef DEBUG_PASSWORD
_pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s' with password '%s'",
- username, password);
+ real_username, password);
#else
- _pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s'", username);
+ _pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s'", real_username);
#endif
member = get_member_from_config(pamh, argc, argv, ctrl, d);
@@ -1594,6 +1620,10 @@
free(username_ret);
}
+ if ( real_username ) {
+ free( real_username );
+ }
+
if (d) {
iniparser_freedict(d);
}
More information about the samba-cvs
mailing list