s3/winbindd: Add new canonicalize_username function

Add a mew canonicalize_username replacement function for
canonicalize_username_fstr which doesn't use fstrings but instead
uses talloc allocated strings

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 9becd891267e733c2966b47004ddabb9091e7e06..bf96566edc23aea461780a32626c2eec7dd4abf8 100644 (file)
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -520,6 +520,33 @@ bool parse_domain_user(const char *domuser,
                       fstring namespace,
                       fstring domain,
                       fstring user);
+/**
+ * Ensure an incoming username from NSS is fully qualified. Replace the
+ * incoming username with DOMAIN <separator> user. Additionally returns
+ * the same values as parse_domain_user() as out params.
+ * Used to ensure all names are fully qualified within winbindd.
+ * Used by the NSS protocols of auth, chauthtok, logoff and ccache_ntlm_auth.
+ * The protocol definitions of auth_crap, chng_pswd_auth_crap
+ * really should be changed to use this instead of doing things
+ * by hand. JRA.
+ *
+ * @param[in] mem_ctx talloc context
+ * @param[in,out] username_inout populated with fully qualified name
+                 with format 'DOMAIN <separator> user' where DOMAIN and
+                 user are determined by the output of parse_domain_user()
+ * @param[out] namespace populated with namespace returned from
+               parse_domain_user()
+ * @param[out] domain populated with domain returned from
+               parse_domain_user()
+ * @param[out] populated with user returned from
+               parse_domain_user()
+ * @return bool indicating success or failure
+ */
+bool canonicalize_username(TALLOC_CTX *mem_ctx,
+                          char **username_inout,
+                          char **namespace,
+                          char **domain,
+                          char **user);
 bool canonicalize_username_fstr(fstring username_inout,
                           fstring namespace,
                           fstring domain,

diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 9a6d9cdaa36c2784e74977b239e78ec0cad78a3f..4988011199902f1122e844f78f90b82a696353d3 100644 (file)
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -1590,6 +1590,67 @@ bool parse_domain_user(const char *domuser,
        return strupper_m(domain);
 }
 
+bool canonicalize_username(TALLOC_CTX *mem_ctx,
+                          char **pusername_inout,
+                          char **pnamespace,
+                          char **pdomain,
+                          char **puser)
+{
+       bool ok;
+       char *namespace = NULL;
+       char *domain = NULL;
+       char *user = NULL;
+       char *username_inout = NULL;
+       fstring f_username_inout;
+       fstring f_namespace;
+       fstring f_domain;
+       fstring f_user;
+
+       fstrcpy(f_username_inout, *pusername_inout);
+       fstrcpy(f_namespace, *pnamespace);
+       fstrcpy(f_domain, *pdomain);
+       fstrcpy(f_user, *puser);
+
+       ok = parse_domain_user(f_username_inout,
+                       f_namespace, f_domain, f_user);
+       if (!ok) {
+               return False;
+       }
+
+       username_inout = talloc_asprintf(mem_ctx, "%s%c%s",
+                f_domain, *lp_winbind_separator(),
+                f_user);
+
+       if (username_inout == NULL) {
+               goto fail;
+       }
+
+       user = talloc_strdup(mem_ctx, f_user);
+       if (user == NULL) {
+               goto fail;
+       }
+       domain = talloc_strdup(mem_ctx, f_domain);
+       if (domain == NULL) {
+               goto fail;
+       }
+       namespace = talloc_strdup(mem_ctx, f_namespace);
+       if (namespace == NULL) {
+               goto fail;
+       }
+       *pnamespace = namespace;
+       *puser = user;
+       *pdomain = domain;
+       *pusername_inout = username_inout;
+       return True;
+fail:
+       TALLOC_FREE(username_inout);
+       TALLOC_FREE(namespace);
+       TALLOC_FREE(domain);
+       TALLOC_FREE(user);
+       return false;
+}
+
+
 /* Ensure an incoming username from NSS is fully qualified. Replace the
    incoming fstring with DOMAIN <separator> user. Returns the same
    values as parse_domain_user() but also replaces the incoming username.