Fwd: cvs_head and winbind problems (possible bug)

Andrew Bartlett abartlet at pcug.org.au
Fri Sep 7 21:04:01 GMT 2001 

Tim Potter wrote:
> 
> Andrew Bartlett writes:
> 
> > > OK - I think this is an introduced bug in the authentication.
> > > Following the logic through on an old version of smbd/reply.c the
> > > logic goes something like this:
> 
> > I'll look into it shortly, but fixing it isn't as trivial as it should
> > be due to the abstraction of the new check_password() interface.  I
> > should be able to get a proper solution when I get the next round of
> > authentication stuff merged.  If sombody else wants to propose an easy
> > fix then I'll certainly look over the changes for them.
> 
> OK I've nearly coded up a fix but got distracted on Friday
> afternoon.  The fix is rename the username fields in
> auth_usersupplied_info so there is a unix_username (the unix user
> which the file access happens as) and a smb_username (the
> username that comes in over the wire).  Authentication for
> security={domain,server} happens using the smb_username which is
> the source of the current bug, and authentication for
> security=user happens using the unix_username.  This also
> involves passing both usernames right down the call chain.
> 
> It seems a bit confusing at the moment with request_username and
> smb_username kind of meaning the same thing.
> 
> Tim.

Thanks.  I've got a funny feeling thats how I intended it to work in the
first place :-).

In any case a lot of this stuff will move around a bit as the
authenticaion subsystem starts passing back info - like the
unix_username they got and everything they need for a vuser token.  
With that change I'll internalise all this behind the interface.

I'll have a look at all of this when I've got a little less on my plate.

Andrew Bartlett
-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Samba Team member, Build Farm maintainer        abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list