Fix bug #9100 - winbind doesn't return "Domain Local" groups from own domain.

[samba.git] / source3 / auth / auth_util.c

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 1d25e2220284e3a4ba64df18ccc3490560c3eef5..42e27478d4610383282bce911720cf9861bf3a87 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -468,8 +468,8 @@ NTSTATUS make_user_info_for_reply_enc(auth_usersupplied_info **user_info,
        return make_user_info_map(user_info, smb_name, 
                                  client_domain, 
                                  get_remote_machine_name(), 
-                                 lm_resp.data ? &lm_resp : NULL, 
-                                 nt_resp.data ? &nt_resp : NULL, 
+                                 lm_resp.data && (lm_resp.length > 0) ? &lm_resp : NULL,
+                                 nt_resp.data && (nt_resp.length > 0) ? &nt_resp : NULL,
                                  NULL, NULL, NULL,
                                  True);
 }
@@ -575,7 +575,7 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
                return NT_STATUS_NO_MEMORY;
        }
 
-       if ( !(pwd = getpwnam_alloc(result, username)) ) {
+       if ( !(pwd = Get_Pwnam_alloc(result, username)) ) {
                DEBUG(1, ("User %s in passdb, but getpwnam() fails!\n",
                          pdb_get_username(sampass)));
                TALLOC_FREE(result);
@@ -903,14 +903,14 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
                 * about the mapping of guest sid to lp_guestaccount()
                 * username and will return the unix_pw info for a guest
                 * user. Use it if it's there, else lookup the *uid details
-                * using getpwnam_alloc(). See bug #6291 for details. JRA.
+                * using Get_Pwnam_alloc(). See bug #6291 for details. JRA.
                 */
 
                /* We must always assign the *uid. */
                if (sam_acct->unix_pw == NULL) {
-                       struct passwd *pwd = getpwnam_alloc(sam_acct, *found_username );
+                       struct passwd *pwd = Get_Pwnam_alloc(sam_acct, *found_username );
                        if (!pwd) {
-                               DEBUG(10, ("getpwnam_alloc failed for %s\n",
+                               DEBUG(10, ("Get_Pwnam_alloc failed for %s\n",
                                        *found_username));
                                result = NT_STATUS_NO_SUCH_USER;
                                goto done;
@@ -1326,7 +1326,7 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx,
        struct passwd *pwd;
        NTSTATUS status;
 
-       pwd = getpwnam_alloc(talloc_tos(), username);
+       pwd = Get_Pwnam_alloc(talloc_tos(), username);
        if (pwd == NULL) {
                return NT_STATUS_NO_SUCH_USER;
        }
@@ -1826,7 +1826,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
        nt_status = sid_array_from_info3(result, info3,
                                         &result->sids,
                                         &result->num_sids,
-                                        false, false);
+                                        false);
        if (!NT_STATUS_IS_OK(nt_status)) {
                TALLOC_FREE(result);
                return nt_status;
@@ -2023,7 +2023,7 @@ NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx,
 
        if (!pdb_set_pass_last_set_time(
                    sam_account,
-                   nt_time_to_unix(info->pass_last_set_time),
+                   info->pass_last_set_time,
                    PDB_CHANGED)) {
                TALLOC_FREE(result);
                return NT_STATUS_NO_MEMORY;
@@ -2031,7 +2031,7 @@ NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx,
 
        if (!pdb_set_pass_can_change_time(
                    sam_account,
-                   nt_time_to_unix(info->pass_can_change_time),
+                   info->pass_can_change_time,
                    PDB_CHANGED)) {
                TALLOC_FREE(result);
                return NT_STATUS_NO_MEMORY;
@@ -2039,7 +2039,7 @@ NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX *mem_ctx,
 
        if (!pdb_set_pass_must_change_time(
                    sam_account,
-                   nt_time_to_unix(info->pass_must_change_time),
+                   info->pass_must_change_time,
                    PDB_CHANGED)) {
                TALLOC_FREE(result);
                return NT_STATUS_NO_MEMORY;
@@ -2167,7 +2167,7 @@ bool make_auth_methods(struct auth_context *auth_context, auth_methods **auth_me
  * Verify whether or not given domain is trusted.
  *
  * @param domain_name name of the domain to be verified
- * @return true if domain is one of the trusted once or
+ * @return true if domain is one of the trusted ones or
  *         false if otherwise
  **/
 
@@ -2181,6 +2181,14 @@ bool is_trusted_domain(const char* dom_name)
        if ( lp_server_role() == ROLE_STANDALONE )
                return False;
 
+       if (dom_name == NULL || dom_name[0] == '\0') {
+               return false;
+       }
+
+       if (strequal(dom_name, get_global_sam_name())) {
+               return false;
+       }
+
        /* if we are a DC, then check for a direct trust relationships */
 
        if ( IS_DC ) {