if (cred->principal_obtained < cred->username_obtained
|| cred->principal_obtained < MAX(cred->domain_obtained, cred->realm_obtained)) {
+ const char *effective_username = NULL;
+ const char *effective_realm = NULL;
+ enum credentials_obtained effective_obtained;
+
+ effective_username = cli_credentials_get_username(cred);
+ if (effective_username == NULL || strlen(effective_username) == 0) {
+ *obtained = cred->username_obtained;
+ return NULL;
+ }
+
if (cred->domain_obtained > cred->realm_obtained) {
- *obtained = MIN(cred->domain_obtained, cred->username_obtained);
- return talloc_asprintf(mem_ctx, "%s@%s",
- cli_credentials_get_username(cred),
- cli_credentials_get_domain(cred));
+ effective_realm = cli_credentials_get_domain(cred);
+ effective_obtained = MIN(cred->domain_obtained,
+ cred->username_obtained);
} else {
- *obtained = MIN(cred->realm_obtained, cred->username_obtained);
+ effective_realm = cli_credentials_get_realm(cred);
+ effective_obtained = MIN(cred->realm_obtained,
+ cred->username_obtained);
+ }
+
+ if (effective_realm == NULL || strlen(effective_realm) == 0) {
+ effective_realm = cli_credentials_get_domain(cred);
+ effective_obtained = MIN(cred->domain_obtained,
+ cred->username_obtained);
+ }
+
+ if (effective_realm != NULL && strlen(effective_realm) != 0) {
+ *obtained = effective_obtained;
return talloc_asprintf(mem_ctx, "%s@%s",
- cli_credentials_get_username(cred),
- cli_credentials_get_realm(cred));
+ effective_username,
+ effective_realm);
}
}
*obtained = cred->principal_obtained;
struct loadparm_context *lp_ctx)
{
const char *sep = NULL;
+ const char *realm = lpcfg_realm(lp_ctx);
cli_credentials_set_username(cred, "", CRED_UNINITIALISED);
if (lpcfg_parm_is_cmdline(lp_ctx, "workgroup")) {
} else {
cli_credentials_set_workstation(cred, lpcfg_netbios_name(lp_ctx), CRED_UNINITIALISED);
}
+ if (realm != NULL && strlen(realm) == 0) {
+ realm = NULL;
+ }
if (lpcfg_parm_is_cmdline(lp_ctx, "realm")) {
- cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_SPECIFIED);
+ cli_credentials_set_realm(cred, realm, CRED_SPECIFIED);
} else {
- cli_credentials_set_realm(cred, lpcfg_realm(lp_ctx), CRED_UNINITIALISED);
+ cli_credentials_set_realm(cred, realm, CRED_UNINITIALISED);
}
sep = lpcfg_winbind_separator(lp_ctx);
def test_set_domain(self):
self.creds.set_domain("ABMAS")
self.assertEqual("ABMAS", self.creds.get_domain())
+ self.assertEqual(self.creds.get_principal(), None)
def test_set_realm(self):
self.creds.set_realm("myrealm")
self.assertEqual("MYREALM", self.creds.get_realm())
+ self.assertEqual(self.creds.get_principal(), None)
def test_parse_string_anon(self):
self.creds.parse_string("%")
creds.guess(lp)
self.assertEqual(creds.get_username(), "env_user")
self.assertEqual(creds.get_domain(), lp.get("workgroup").upper())
- self.assertEqual(creds.get_realm(), lp.get("realm").upper())
+ self.assertEqual(creds.get_realm(), None)
+ self.assertEqual(creds.get_principal(), "env_user@%s" % creds.get_domain())
self.assertEqual(creds.is_anonymous(), False)
self.assertEqual(creds.authentication_requested(), False)
self.assertEqual(creds.get_username(), "")
self.assertEqual(creds.get_domain(), "")
self.assertEqual(creds.get_realm(), None)
+ self.assertEqual(creds.get_principal(), None)
self.assertEqual(creds.is_anonymous(), True)
self.assertEqual(creds.authentication_requested(), False)
creds.parse_string("user")
self.assertEqual(creds.get_username(), "user")
self.assertEqual(creds.get_domain(), lp.get("workgroup").upper())
- self.assertEqual(creds.get_realm(), lp.get("realm").upper())
+ self.assertEqual(creds.get_realm(), None)
+ self.assertEqual(creds.get_principal(), "user@%s" % lp.get("workgroup").upper())
self.assertEqual(creds.is_anonymous(), False)
self.assertEqual(creds.authentication_requested(), True)
creds.parse_string("domain\user")
self.assertEqual(creds.get_username(), "user")
self.assertEqual(creds.get_domain(), "DOMAIN")
- self.assertEqual(creds.get_realm(), lp.get("realm").upper())
+ self.assertEqual(creds.get_realm(), None)
+ self.assertEqual(creds.get_principal(), "user@DOMAIN")
self.assertEqual(creds.is_anonymous(), False)
self.assertEqual(creds.authentication_requested(), True)
self.assertEqual(creds.get_username(), "env_user")
self.assertEqual(creds.get_domain(), lp.get("workgroup").upper())
self.assertEqual(creds.get_realm(), "SAMBA.ORG")
+ self.assertEqual(creds.get_principal(), "user@samba.org")
self.assertEqual(creds.is_anonymous(), False)
self.assertEqual(creds.authentication_requested(), True)
self.assertEqual(creds.get_username(), "user")
self.assertEqual(creds.get_password(), "pass")
self.assertEqual(creds.get_domain(), lp.get("workgroup"))
- self.assertEqual(creds.get_realm(), lp.get("realm"))
+ self.assertEqual(creds.get_realm(), None)
+ self.assertEqual(creds.get_principal(), "user@%s" % lp.get("workgroup"))
self.assertEqual(creds.is_anonymous(), False)
self.assertEqual(creds.authentication_requested(), True)
self.assertEqual(creds.get_username(), "user")
self.assertEqual(creds.get_domain(), "DOMAIN")
self.assertEqual(creds.get_password(), "pass")
- self.assertEqual(creds.get_realm(), lp.get("realm"))
+ self.assertEqual(creds.get_realm(), None)
+ self.assertEqual(creds.get_principal(), "user@DOMAIN")
self.assertEqual(creds.is_anonymous(), False)
self.assertEqual(creds.authentication_requested(), True)