Attachment 7287 Details for Bug 8734 – git-am fix for 3.6.next

[patch] git-am fix for 3.6.next

0001-s3-winbind-don-t-try-to-do-clever-thing-if-the-usern.patch (text/plain), 1.36 KB, created by Jeremy Allison on 2012-02-02 20:58:35 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Jeremy Allison

Created: 2012-02-02 20:58:35 UTC

Size: 1.36 KB

patch

obsolete

>From 06b77c75a67f6478f1956c597d37dc495061b232 Mon Sep 17 00:00:00 2001
>From: Matthieu Patou <mat@matws.net>
>Date: Mon, 30 Jan 2012 00:05:08 -0800
>Subject: [PATCH] s3-winbind: don't try to do clever thing if the username is
> not found while authenticating through winbind
>
>This could cause that we authenticate a user with a bogus domain to
>winbind's domain if the password supplied for the PAM_AUTH match.
>
>The problem was reported by Jeff Venable (jvenable@juniper.net).
>Patch from Andrew Bartlett (abartlett@samba.org).
>
>Autobuild-User: Matthieu Patou <mat@samba.org>
>Autobuild-Date: Mon Jan 30 18:58:12 CET 2012 on sn-devel-104
>(cherry picked from commit 56d5cb938651b9c67a8400d1adc61a23889a6a29)
>---
> source3/winbindd/winbindd_pam.c |    3 ++-
> 1 files changed, 2 insertions(+), 1 deletions(-)
>
>diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
>index bde16b1..79189ba 100644
>--- a/source3/winbindd/winbindd_pam.c
>+++ b/source3/winbindd/winbindd_pam.c
>@@ -1078,7 +1078,8 @@ static NTSTATUS winbindd_dual_pam_auth_kerberos(struct winbindd_domain *domain,
> 			DEBUG(3, ("Authentication for domain for [%s] -> [%s]\\[%s] failed as %s is not a trusted domain\n",
> 				  state->request->data.auth.user, name_domain, name_user, name_domain));
> 
>-			contact_domain = find_our_domain();
>+			result =  NT_STATUS_NO_SUCH_USER;
>+			goto done;
> 		}
> 	}
> 
>-- 
>1.7.7.3
>

Flags:

jra: review? (mat)

Actions: View

Attachments on bug 8734: 7287