Fwd: cvs_head and winbind problems (possible bug)
Tim Potter
tpot at samba.org
Fri Sep 7 19:59:04 GMT 2001
Andrew Bartlett writes:
> > OK - I think this is an introduced bug in the authentication.
> > Following the logic through on an old version of smbd/reply.c the
> > logic goes something like this:
> I'll look into it shortly, but fixing it isn't as trivial as it should
> be due to the abstraction of the new check_password() interface. I
> should be able to get a proper solution when I get the next round of
> authentication stuff merged. If sombody else wants to propose an easy
> fix then I'll certainly look over the changes for them.
OK I've nearly coded up a fix but got distracted on Friday
afternoon. The fix is rename the username fields in
auth_usersupplied_info so there is a unix_username (the unix user
which the file access happens as) and a smb_username (the
username that comes in over the wire). Authentication for
security={domain,server} happens using the smb_username which is
the source of the current bug, and authentication for
security=user happens using the unix_username. This also
involves passing both usernames right down the call chain.
It seems a bit confusing at the moment with request_username and
smb_username kind of meaning the same thing.
Tim.
More information about the samba-technical
mailing list