git.samba.org / anoopcs / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 90835ba)
s3:smbd: Fix %U substitutions if it contains a domain name
authorAndreas Schneider <asn@samba.org>
Mon, 17 Aug 2020 12:12:48 +0000 (14:12 +0200)
committerKarolin Seeger <kseeger@samba.org>
Mon, 14 Sep 2020 10:06:18 +0000 (12:06 +0200)
'valid users = DOMAIN\%U' worked with Samba 3.6 and broke in a newer
version.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14467

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
(cherry picked from commit 5de7c91e6d4e98f438157a7675c8582cabdd828d)

selftest/knownfail.d/samba3.substiutions [deleted file] patch | blob | history
source3/smbd/share_access.c patch | blob | history

diff --git a/selftest/knownfail.d/samba3.substiutions b/selftest/knownfail.d/samba3.substiutions
deleted file mode 100644 (file)
index f116d3b..0000000
--- a/selftest/knownfail.d/samba3.substiutions
+++ /dev/null
@@ -1 +0,0 @@
-^samba3.substitutions.Test.login.to.share.with.substitution.for.valid.users
diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
index 0b8f6e48e34f158523767ff4ce8815725b410ecd..57754a0f7663b9e19195af5509177b68d060a932 100644 (file)
--- a/source3/smbd/share_access.c
+++ b/source3/smbd/share_access.c
@@ -79,7 +79,23 @@ static bool token_contains_name(TALLOC_CTX *mem_ctx,
        enum lsa_SidType type;
 
        if (username != NULL) {
-               name = talloc_sub_basic(mem_ctx, username, domain, name);
+               size_t domain_len = strlen(domain);
+
+               /* Check if username starts with domain name */
+               if (domain_len > 0) {
+                       const char *sep = lp_winbind_separator();
+                       int cmp = strncasecmp_m(username, domain, domain_len);
+                       if (cmp == 0 && sep[0] == username[domain_len]) {
+                               /* Move after the winbind separator */
+                               domain_len += 1;
+                       } else {
+                               domain_len = 0;
+                       }
+               }
+               name = talloc_sub_basic(mem_ctx,
+                                       username + domain_len,
+                                       domain,
+                                       name);
        }
        if (sharename != NULL) {
                name = talloc_string_sub(mem_ctx, name, "%S", sharename);
Anoop's Samba autobuild repository