sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-04 17:47:26 +03:00
Code

Fix winbind client code so that winbind calls are not made if the

Browse Source 
requested name does not have a winbind separator character. This
makes the intent explicit. Tim, contact me if this is not what
you indended.
Jeremy.
This commit is contained in:
Jeremy Allison -
parent 98b9ff2dd8
commit 86b7cf7f85
2 changed files with 43 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
source/nsswitch/wb_client.c
View File

@ -34,11 +34,8 @@ NSS_STATUS winbindd_request(int req_type,
static void parse_domain_user(char *domuser, fstring domain, fstring user)
{
char *p;
char *sep = lp_winbind_separator();
if (!sep) sep = "\\";
p = strchr(domuser,*sep);
if (!p) p = strchr(domuser,'\\');
char *p = strchr(domuser,*lp_winbind_separator());
if (!p) {
fstrcpy(domain,"");
fstrcpy(user, domuser);
@ -63,6 +60,13 @@ BOOL winbind_lookup_name(const char *name, DOM_SID *sid,
if (!sid || !name_type)
return False;
/*
* Don't do the lookup if the name has no separator.
*/
if (!strchr(name, *lp_winbind_separator()))
return False;
/* Send off request */
ZERO_STRUCT(request);
@ -285,13 +289,10 @@ int winbind_initgroups(char *user, gid_t gid)
{
gid_t *tgr, *groups = NULL;
int result;
char *sep;
/* Call normal initgroups if we are a local user */
sep = lp_winbind_separator();
if (!strchr(user, *sep)) {
if (!strchr(user, *lp_winbind_separator())) {
return initgroups(user, gid);
}
@ -362,11 +363,19 @@ int winbind_getgroups(const char *user, int size, gid_t *list)
gid_t *groups = NULL;
int result, i;
/*
* Don't do the lookup if the name has no separator.
*/
if (!strchr(user, *lp_winbind_separator()))
return -1;
/* Fetch list of groups */
result = wb_getgroups(user, &groups);
if (size == 0) goto done;
if (size == 0)
goto done;
if (result > size) {
result = -1;
@ -422,7 +431,7 @@ BOOL winbind_gidtoname(fstring name, gid_t gid)
if (!winbind_lookup_sid(&sid, dom_name, group_name, &name_type))
return False;
if (name_type != SID_NAME_USER)
if (name_type != SID_NAME_DOM_GRP)
return False;
slprintf(name, sizeof(fstring)-1, "%s%s%s", dom_name,
@ -438,9 +447,8 @@ BOOL winbind_nametouid(uid_t *puid, const char *name)
DOM_SID sid;
enum SID_NAME_USE name_type;
if (!winbind_lookup_name(name, &sid, &name_type)) {
if (!winbind_lookup_name(name, &sid, &name_type))
return False;
}
if (name_type != SID_NAME_USER)
return False;
@ -455,9 +463,8 @@ BOOL winbind_nametogid(gid_t *pgid, const char *gname)
DOM_SID g_sid;
enum SID_NAME_USE name_type;
if (!winbind_lookup_name(gname, &g_sid, &name_type)) {
if (!winbind_lookup_name(gname, &g_sid, &name_type))
return False;
}
if (name_type != SID_NAME_DOM_GRP)
return False;

21
source/nsswitch/wbinfo.c
View File

@ -244,6 +244,13 @@ static BOOL wbinfo_lookupname(char *name)
struct winbindd_request request;
struct winbindd_response response;
/*
* Don't do the lookup if the name has no separator.
*/
if (!strchr(name, *lp_winbind_separator()))
return False;
/* Send off request */
ZERO_STRUCT(request);
@ -271,6 +278,13 @@ static BOOL wbinfo_auth(char *username)
NSS_STATUS result;
char *p;
/*
* Don't do the lookup if the name has no separator.
*/
if (!strchr(username, *lp_winbind_separator()))
return False;
/* Send off request */
ZERO_STRUCT(request);
@ -306,6 +320,13 @@ static BOOL wbinfo_auth_crap(char *username)
fstring pass;
char *p;
/*
* Don't do the lookup if the name has no separator.
*/
if (!strchr(username, *lp_winbind_separator()))
return False;
/* Send off request */
ZERO_STRUCT(request);