r21612: Make pam_winbind do the same username fixup on AIX as the WINBINDD

author Gerald Carter <jerry@samba.org>

Thu, 1 Mar 2007 03:10:29 +0000 (03:10 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 17:18:17 +0000 (12:18 -0500)
author Gerald Carter <jerry@samba.org>
Thu, 1 Mar 2007 03:10:29 +0000 (03:10 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 17:18:17 +0000 (12:18 -0500)
diff --git a/source/nsswitch/pam_winbind.c b/source/nsswitch/pam_winbind.c

index ac87fcf32eeb8b5a28cea7ae07a31b4e2610a621..d21c985feeef2de39bfbedb5e21f1da05f7195ca 100644 (file)
--- a/source/nsswitch/pam_winbind.c
+++ b/source/nsswitch/pam_winbind.c
@@ -1517,6 +1517,8 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
         dictionary *d = NULL;
         char *username_ret = NULL;
         char *new_authtok_required = NULL;
+       char *combined_member = NULL;
+       const char *real_username = NULL;
  
         /* parse arguments */
         int ctrl = _pam_parse(pamh, flags, argc, argv, &d);
@@ -1535,6 +1537,30 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
                 goto out;
         }
  
+#if defined(AIX)
+       /* Decode the user name since AIX does not support logn user
+          names by default.  The name is encoded as _#uid.  */
+
+       if ( username[0] == '_' ) {
+               uid_t id = atoi( &username[1] );
+               struct passwd *pw = NULL;               
+
+               if ( (id!=0) && ((pw = getpwuid( id )) != NULL) ) {
+                       real_username = strdup( pw->pw_name );
+               }
+       }
+#endif
+
+       if ( !real_username ) {
+               /* Just making a copy of the username we got from PAM */
+               if ( (real_username = strdup( username )) == NULL ) {
+                       _pam_log_debug(pamh, ctrl, LOG_DEBUG, 
+                                      "memory allocation failure when copying username");
+                       retval = PAM_SERVICE_ERR;
+                       goto out;
+               }
+       }       
+
         retval = _winbind_read_password(pamh, ctrl, NULL, 
                                         "Password: ", NULL,
                                         &password);
@@ -1549,9 +1575,9 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
  
  #ifdef DEBUG_PASSWORD
         _pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s' with password '%s'", 
-                      username, password);
+                      real_username, password);
  #else
-       _pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s'", username);
+       _pam_log_debug(pamh, ctrl, LOG_INFO, "Verify user '%s'", real_username);
  #endif
  
         member = get_member_from_config(pamh, argc, argv, ctrl, d);
@@ -1594,6 +1620,10 @@ out:
                 free(username_ret);
         }
  
+       if ( real_username ) {          
+               free( real_username );
+       }       
+                       
         if (d) {
                 iniparser_freedict(d);
         }
author	Gerald Carter <jerry@samba.org>
	Thu, 1 Mar 2007 03:10:29 +0000 (03:10 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 17:18:17 +0000 (12:18 -0500)