Fwd: cvs_head and winbind problems (possible bug)

Tim Potter tpot at samba.org
Fri Sep 7 19:59:04 GMT 2001

Andrew Bartlett writes:

> > OK - I think this is an introduced bug in the authentication.
> > Following the logic through on an old version of smbd/reply.c the
> > logic goes something like this:

> I'll look into it shortly, but fixing it isn't as trivial as it should
> be due to the abstraction of the new check_password() interface.  I
> should be able to get a proper solution when I get the next round of
> authentication stuff merged.  If sombody else wants to propose an easy
> fix then I'll certainly look over the changes for them.

OK I've nearly coded up a fix but got distracted on Friday
afternoon.  The fix is rename the username fields in
auth_usersupplied_info so there is a unix_username (the unix user
which the file access happens as) and a smb_username (the
username that comes in over the wire).  Authentication for
security={domain,server} happens using the smb_username which is
the source of the current bug, and authentication for
security=user happens using the unix_username.  This also
involves passing both usernames right down the call chain.

It seems a bit confusing at the moment with request_username and
smb_username kind of meaning the same thing.


More information about the samba-technical mailing list