From: Samuel Cabrero <scabrero@samba.org>
Date: Fri, 7 Feb 2025 15:10:47 +0000 (+0100)
Subject: winbind:varlink: Always reply with the requested username
X-Git-Tag: tevent-0.17.0~721
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=38e5b3d6a24f9b32b3736ac3dfa224c3c4569a5e;p=thirdparty%2Fsamba.git

winbind:varlink: Always reply with the requested username

The service io.systemd.Multiplexer will drop responses if the username in the
response does not match the requested name. This happens when the requested
username is an UPN and the response is a down-level user name (DOMAIN\user).

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Feb 20 09:05:46 UTC 2025 on atb-devel-224
---

diff --git a/source3/winbindd/winbindd_varlink_getuserrecord.c b/source3/winbindd/winbindd_varlink_getuserrecord.c
index bd2cd1844d2..ea9ece94c81 100644
--- a/source3/winbindd/winbindd_varlink_getuserrecord.c
+++ b/source3/winbindd/winbindd_varlink_getuserrecord.c
@@ -583,6 +583,11 @@ static void user_by_name_getpwnam_done(struct tevent_req *req)
 		goto out;
 	}
 
+	// The systemd multiplexer service expects the returned username to
+	// match the requested one. If we were asked for an UPN like
+	// user1@aforest.ad don't reply with AFOREST\\user1 or the record will
+	// be ignored.
+	fstrcpy(response->data.pw.pw_name, s->fake_req->data.username);
 	user_record_reply(s->call, &response->data.pw, false);
 out:
 	TALLOC_FREE(s);