r2779: Some fixes to pam_winbind.c.:

Allow 'require_membership_of' and 'require-membership-of'.

Really use a different struct for the SID->Name lookup.

Andrew Bartlett

source/nsswitch/pam_winbind.c

@@ -218,21 +218,21 @@ static int winbind_auth_request(const char *user, const char *pass, const char *
 		struct winbindd_request sid_request;
 		struct winbindd_response sid_response;
 
-		ZERO_STRUCT(request);
-		ZERO_STRUCT(response);
+		ZERO_STRUCT(sid_request);
+		ZERO_STRUCT(sid_response);
 
 		if (ctrl & WINBIND_DEBUG_ARG)
 			_pam_log(LOG_DEBUG, "no sid given, looking up: %s\n", member);
 
 		/* fortunatly winbindd can handle non-separated names */
-		strcpy(request.data.name.name, member);
+		strcpy(sid_request.data.name.name, member);
 
-		if (pam_winbind_request_log(WINBINDD_LOOKUPNAME, &request, &response, ctrl, user)) {
+		if (pam_winbind_request_log(WINBINDD_LOOKUPNAME, &sid_request, &sid_response, ctrl, user)) {
 			_pam_log(LOG_INFO, "could not lookup name: %s\n", member); 
 			return PAM_AUTH_ERR;
 		}
 
-		member = response.data.sid.sid;
+		member = sid_response.data.sid.sid;
 	}
 
 	strncpy(request.data.auth.require_membership_of_sid, member, 
@@ -490,13 +490,14 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
      /* Retrieve membership-string here */
      for ( i=0; i<argc; i++ ) {
 
-	 if (!strncmp(argv[i], "require_membership_of", strlen("require_membership_of"))) {
+	 if ((strncmp(argv[i], "require_membership_of", strlen("require_membership_of")) == 0) 
+	     || (strncmp(argv[i], "require-membership-of", strlen("require-membership-of")) == 0)) {
 
 	     char *p;
 	     char *parm = strdup(argv[i]);
 
 	     if ( (p = strchr( parm, '=' )) == NULL) {
-	     	_pam_log(LOG_INFO, "no \"=\" delimiter for \"required_membership\" found\n");
+	     	_pam_log(LOG_INFO, "no \"=\" delimiter for \"require_membership_of\" found\n");
 		break;
 	     }