[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1109-g6afb02c

Fri Aug 21 13:42:01 MDT 2009

The branch, master has been updated
       via  6afb02cb53f47e0fd7e7df3935b067e7e1f8a9de (commit)
      from  9d824dc115c7096ea555b135d58091e8620495d9 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 6afb02cb53f47e0fd7e7df3935b067e7e1f8a9de
Author: Michael Adam <obnox at samba.org>
Date:   Fri Aug 21 13:59:16 2009 +0200

    s3: fix bug #6650, authentication at member servers when winbindd is not running
    
    Authentication of domain users on the member server fails when winbindd
    is not running. This is because the is_trusted_domain() check  behaves
    differently when winbindd is running and when it isn't:
    Since wb_is_trusted_domain() calls wbcDomainInfo(), and this will also
    give a result for our own domain, this succeeds for the member
    server's own domain when winbindd is running. When winbindd is not
    running, is_trusted_domain() checks (and possibly updates) the trustdom
    cache, and this does the lsa_EnumTrustDom() rpc call to the DC which
    does not return its own domain.
    
    In case of winbindd not running, before 3.4, the domain part was _silently_
    mapped to the workgroup in auth_util.c:make_user_info_map(),
    which effectively did nothing in the member case.
    
    But then the parameter "map untrusted to domain" was introduced
    and the mapping was made to the workstation name instead of
    the workgroup name by default unless "map untrusted to domain = yes".
    (Commits
     d8c54fddda2dba3cbc5fc13e93431b152813892e,
     5cd4b7b7c03df6e896186d985b6858a06aa40b3f, and
     fbca26923915a70031f561b198cfe2cc0d9c3aa6)
    This was ok as long as winbindd was running, but with winbindd not running,
    these changes actually uncovered the above logic bug in the check.
    
    So the correct check is to treat the workgroup as trusted / or known
    in the member case. This is most easily achieved by not comparing the
    domain name against get_global_sam_name() which is the host name unless
    for a DC but against my_sam_name() which is the workgroup for a DC and for
    a member, too. (These names are not very intuitive...)
    
    I admit that this is a very long commit message for a one-liner, but this has
    needed some tracking down, and I think the change deserves some justification.
    
    Michael

-----------------------------------------------------------------------

Summary of changes:
 source3/auth/auth_util.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index d53da78..1d25e22 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -221,7 +221,7 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info,
 	 * This also deals with the client passing in a "" domain */
 
 	if (!is_trusted_domain(domain) &&
-	    !strequal(domain, get_global_sam_name()) )
+	    !strequal(domain, my_sam_name()))
 	{
 		if (lp_map_untrusted_to_domain())
 			domain = my_sam_name();


-- 
Samba Shared Repository
