Kill of Get_Pwnam_Modify and smb_getpwnam(). The latter assumes some things

that just don't apply any more - now that we always keep username and domain
seperate.  Also, the policy it was trying to permit is now implemented by the
auth code.

Andrew Bartlett
(This used to be commit 760c0740cad948665db4a1d462fbbd99332713ef)

diff --git a/source3/lib/username.c b/source3/lib/username.c
index 5db7f58b1e254dd42346b33270bc84e9f11ce00c..ef11542ab194afa8bd51fa3c3fa774a45caa09e2 100644 (file)
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -273,27 +273,6 @@ done:
        return ret;
 }
 
-/****************************************************************************
- Get_Pwnam wrapper for modification.
-  NOTE: This can potentially modify 'user'! 
-****************************************************************************/
-
-struct passwd *Get_Pwnam_Modify(fstring user)
-{
-       fstring user2;
-       struct passwd *ret;
-
-       fstrcpy(user2, user);
-
-       ret = Get_Pwnam_internals(user, user2);
-       
-       /* If caller wants the modified username, ensure they get it  */
-       fstrcpy(user,user2);
-
-       /* We can safely assume ret is NULL if none of the above succeed */
-       return(ret);  
-}
-
 /****************************************************************************
  Get_Pwnam wrapper without modification.
   NOTE: This with NOT modify 'user'! 
@@ -636,39 +615,3 @@ static struct passwd * uname_string_combinations(char *s,struct passwd * (*fn)(c
        return(NULL);
 }
 
-/****************************************************************************
- These wrappers allow appliance mode to work. In appliance mode the username
- takes the form DOMAIN/user.
-****************************************************************************/
-
-struct passwd *smb_getpwnam(char *user, BOOL allow_change)
-{
-       struct passwd *pw;
-       char *p;
-       char *sep;
-       extern pstring global_myname;
-
-       if (allow_change)
-               pw = Get_Pwnam_Modify(user);
-       else
-               pw = Get_Pwnam(user);
-
-       if (pw)
-               return pw;
-
-       /*
-        * If it is a domain qualified name and it isn't in our password
-        * database but the domain portion matches our local machine name then
-        * lookup just the username portion locally.
-        */
-
-       sep = lp_winbind_separator();
-       p = strchr_m(user,*sep);
-       if (p && strncasecmp(global_myname, user, strlen(global_myname))==0) {
-               if (allow_change)
-                       pw = Get_Pwnam_Modify(p+1);
-               else
-                       pw = Get_Pwnam(p+1);
-       }
-       return NULL;
-}

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 09288ad44dd8d9510700bb8f2bd8603a59d1d95a..785f8d6821141307eb88c482e0f143939485d1c3 100644 (file)
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -160,12 +160,12 @@ static int reply_spnego_kerberos(connection_struct *conn,
        ads_destroy(&ads);
 
        /* the password is good - let them in */
-       pw = smb_getpwnam(user,False);
+       pw = Get_Pwnam(user);
        if (!pw && !strstr(user, lp_winbind_separator())) {
                char *user2;
                /* try it with a winbind domain prefix */
                asprintf(&user2, "%s%s%s", lp_workgroup(), lp_winbind_separator(), user);
-               pw = smb_getpwnam(user2,False);
+               pw = Get_Pwnam(user2);
                if (pw) {
                        free(user);
                        user = user2;