user_info->client_domain, user_info->client.account_name, user_info->workstation_name));
DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n",
- user_info->domain, user_info->internal_username, user_info->workstation_name));
+ user_info->domain, user_info->mapped.account_name, user_info->workstation_name));
if (auth_context->challenge.length != 8) {
DEBUG(0, ("check_ntlm_password: Invalid challenge stored for this auth context - cannot continue\n"));
if (NT_STATUS_IS_OK(nt_status)) {
DEBUG((*server_info)->guest ? 5 : 2,
- ("check_ntlm_password: %sauthentication for user [%s] -> [%s] -> [%s] succeeded\n",
- (*server_info)->guest ? "guest " : "",
+ ("check_ntlm_password: %sauthentication for user [%s] -> [%s] -> [%s] succeeded\n",
+ (*server_info)->guest ? "guest " : "",
user_info->client.account_name,
- user_info->internal_username,
+ user_info->mapped.account_name,
unix_username));
}
/* failed authentication; check for guest lapping */
- DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
- user_info->client.account_name, user_info->internal_username,
+ DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
+ user_info->client.account_name, user_info->mapped.account_name,
nt_errstr(nt_status)));
- ZERO_STRUCTP(server_info);
+ ZERO_STRUCTP(server_info);
return nt_status;
}
/* mark this as 'not for me' */
NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
- DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
- if (!(user_info->internal_username
- && *user_info->internal_username)) {
+ if (!(user_info->mapped.account_name
+ && *user_info->mapped.account_name)) {
nt_status = make_server_info_guest(NULL, server_info);
}
fstring user;
long error_num;
- DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
fstrcpy(user, user_info->client.account_name);
return NT_STATUS_INVALID_PARAMETER;
}
- DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
/*
* Check that the requested domain is not our own machine name.
return NT_STATUS_INVALID_PARAMETER;
}
- DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
/*
* Check that the requested domain is not our own machine name or domain name.
struct named_mutex *mutex = NULL;
const char *ncalrpcsock;
- DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
ncalrpcsock = lp_parm_const_string(
GLOBAL_SECTION_SNUM, "auth_netlogond", "socket", NULL);
return NT_STATUS_LOGON_FAILURE;
}
- DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
is_local_name = is_myname(user_info->domain);
is_my_domain = strequal(user_info->domain, lp_workgroup());
NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
bool locally_made_cli = False;
- DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
cli = state->cli;
fstring real_username;
struct passwd *pass;
- if ( (pass = smb_getpwnam( NULL, user_info->internal_username,
+ if ( (pass = smb_getpwnam( NULL, user_info->mapped.account_name,
real_username, True )) != NULL )
{
/* if a real user check pam account restrictions */
NTSTATUS nt_status;
struct passwd *pass = NULL;
- DEBUG(10, ("Check auth for: [%s]\n", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
become_root();
- pass = Get_Pwnam_alloc(talloc_tos(), user_info->internal_username);
+ pass = Get_Pwnam_alloc(talloc_tos(), user_info->mapped.account_name);
/** @todo This call assumes a ASCII password, no charset transformation is
done. We may need to revisit this **/
nt_status = pass_check(pass,
- pass ? pass->pw_name : user_info->internal_username,
+ pass ? pass->pw_name : user_info->mapped.account_name,
(char *)user_info->plaintext_password.data,
user_info->plaintext_password.length-1,
lp_update_encrypted() ?
}
/* Send off request */
- DEBUG(10, ("Check auth for: [%s]", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]", user_info->mapped.account_name));
params.account_name = user_info->client.account_name;
params.domain_name = user_info->domain;
/* Handle plaintext */
if (!user_info->encrypted) {
DEBUG(3,("Checking plaintext password for %s.\n",
- user_info->internal_username));
+ user_info->mapped.account_name));
params.level = WBC_AUTH_USER_LEVEL_PLAIN;
params.password.plaintext = (char *)user_info->plaintext_password.data;
} else {
DEBUG(3,("Checking encrypted password for %s.\n",
- user_info->internal_username));
+ user_info->mapped.account_name));
params.level = WBC_AUTH_USER_LEVEL_RESPONSE;
memcpy(params.password.response.challenge,
return NT_STATUS_INVALID_PARAMETER;
}
- DEBUG(10, ("Check auth for: [%s]", user_info->internal_username));
+ DEBUG(10, ("Check auth for: [%s]", user_info->mapped.account_name));
if (!auth_context) {
DEBUG(3,("Password for user %s cannot be checked because we have no auth_info to get the challenge from.\n",
- user_info->internal_username));
+ user_info->mapped.account_name));
return NT_STATUS_INVALID_PARAMETER;
}
/* get the account information */
become_root();
- ret = pdb_getsampwnam(sampass, user_info->internal_username);
+ ret = pdb_getsampwnam(sampass, user_info->mapped.account_name);
unbecome_root();
if (ret == False) {
DEBUG(3,("check_sam_security: Couldn't find user '%s' in "
- "passdb.\n", user_info->internal_username));
+ "passdb.\n", user_info->mapped.account_name));
TALLOC_FREE(sampass);
return NT_STATUS_NO_SUCH_USER;
}
return NT_STATUS_NO_MEMORY;
}
- (*user_info)->internal_username = SMB_STRDUP(internal_username);
- if ((*user_info)->internal_username == NULL) {
+ (*user_info)->mapped.account_name = SMB_STRDUP(internal_username);
+ if ((*user_info)->mapped.account_name == NULL) {
free_user_info(user_info);
return NT_STATUS_NO_MEMORY;
}
(*user_info)->client.account_name));
}
SAFE_FREE((*user_info)->client.account_name);
- SAFE_FREE((*user_info)->internal_username);
+ SAFE_FREE((*user_info)->mapped.account_name);
SAFE_FREE((*user_info)->client_domain);
SAFE_FREE((*user_info)->domain);
SAFE_FREE((*user_info)->workstation_name);
bool encrypted;
struct {
char *account_name; /* username before mapping */
- } client;
+ } client, mapped;
bool was_mapped; /* Did the username map actually match? */
char *client_domain; /* domain name string */