s3:lib: allow_trailing_dollar should only allow '$'

[idra/samba.git] / nsswitch / pam_winbind.c

diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index 2e6520c1ce076e21995775908c889b1ac29d270f..e651ce0e498796a4c78c2b640c316f8fcad53634 100644 (file)
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -156,7 +156,7 @@ static inline void textdomain_init(void);
 static inline void textdomain_init(void)
 {
        if (!initialized) {
-               bindtextdomain(MODULE_NAME, dyn_LOCALEDIR);
+               bindtextdomain(MODULE_NAME, LOCALEDIR);
                initialized = 1;
        }
        return;
@@ -807,8 +807,7 @@ static int wbc_auth_error_to_pam_error(struct pwb_context *ctx,
        return pam_winbind_request_log(ctx, ret, username, fn);
 }
 
-/* PAM_RADIO_TYPE is linux-only. */
-#ifdef LINUX
+#if defined(HAVE_PAM_RADIO_TYPE)
 static bool _pam_winbind_change_pwd(struct pwb_context *ctx)
 {
        struct pam_message msg, *pmsg;
@@ -846,7 +845,6 @@ static bool _pam_winbind_change_pwd(struct pwb_context *ctx)
 }
 #endif
 
-
 /**
  * send a password expiry message if required
  *
@@ -1139,13 +1137,14 @@ static bool winbind_name_list_to_sid_string_list(struct pwb_context *ctx,
        char *current_name = NULL;
        const char *search_location;
        const char *comma;
+       int len;
 
        if (sid_list_buffer_size > 0) {
                sid_list_buffer[0] = 0;
        }
 
        search_location = name_list;
-       while ((comma = strstr(search_location, ",")) != NULL) {
+       while ((comma = strchr(search_location, ',')) != NULL) {
                current_name = strndup(search_location,
                                       comma - search_location);
                if (NULL == current_name) {
@@ -1194,6 +1193,15 @@ static bool winbind_name_list_to_sid_string_list(struct pwb_context *ctx,
                _make_remark_format(ctx, PAM_TEXT_INFO, _("Cannot convert group %s "
                                "to sid, please contact your administrator to see "
                                "if group %s is valid."), search_location, search_location);
+               /*
+                * The lookup of the last name failed..
+                * It results in require_member_of_sid ends with ','
+                * It is malformated parameter here, overwrite the last ','.
+                */
+               len = strlen(sid_list_buffer);
+               if ((len != 0) && (sid_list_buffer[len - 1] == ',')) {
+                       sid_list_buffer[len - 1] = '\0';
+               }
        }
 
        result = true;
@@ -1424,12 +1432,12 @@ static void _pam_warn_krb5_failure(struct pwb_context *ctx,
 static bool _pam_check_remark_auth_err(struct pwb_context *ctx,
                                       const struct wbcAuthErrorInfo *e,
                                       const char *nt_status_string,
-                                      int *pam_error)
+                                      int *pam_err)
 {
        const char *ntstatus = NULL;
        const char *error_string = NULL;
 
-       if (!e || !pam_error) {
+       if (!e || !pam_err) {
                return false;
        }
 
@@ -1443,18 +1451,18 @@ static bool _pam_check_remark_auth_err(struct pwb_context *ctx,
                error_string = _get_ntstatus_error_string(nt_status_string);
                if (error_string) {
                        _make_remark(ctx, PAM_ERROR_MSG, error_string);
-                       *pam_error = e->pam_error;
+                       *pam_err = e->pam_error;
                        return true;
                }
 
                if (e->display_string) {
-                       _make_remark(ctx, PAM_ERROR_MSG, e->display_string);
-                       *pam_error = e->pam_error;
+                       _make_remark(ctx, PAM_ERROR_MSG, _(e->display_string));
+                       *pam_err = e->pam_error;
                        return true;
                }
 
                _make_remark(ctx, PAM_ERROR_MSG, nt_status_string);
-               *pam_error = e->pam_error;
+               *pam_err = e->pam_error;
 
                return true;
        }
@@ -2414,7 +2422,7 @@ static char* winbind_upn_to_username(struct pwb_context *ctx,
        wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
        struct wbcDomainSid sid;
        enum wbcSidType type;
-       char *domain;
+       char *domain = NULL;
        char *name;
        char *p;