From 12e6b195864add917a44cc94df49642a8bec5488 Mon Sep 17 00:00:00 2001
From: Martel <126117735+martelrotschy@users.noreply.github.com>
Date: Tue, 25 Apr 2023 17:42:14 -0700
Subject: [PATCH 1/2] Fixed issue with pdbedit in samba-lib.pl

Invalid option for pdbedit that broke due to a recent update of samba-common
---
 samba/samba-lib.pl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/samba/samba-lib.pl b/samba/samba-lib.pl
index 46858602a..873f392a8 100755
--- a/samba/samba-lib.pl
+++ b/samba/samba-lib.pl
@@ -646,7 +646,7 @@ if ($has_pdbedit) {
 	local $out = &backquote_logged(
 		"cd / && $config{'pdbedit'} -a -s $config{'smb_conf'} -t -u ".
 		quotemeta($user->{'name'}).
-		($config{'sync_gid'} ? " -G $config{'sync_gid'}" : "").
+		($config{'sync_gid'} ? " -g $config{'sync_gid'}" : "").
 		" -c '[".join("", @opts)."]' $ws <$temp 2>&1");
 	$? && &error("$config{'pdbedit'} failed : <pre>$out</pre>");
 	}

From 9bcee57c7c7f4474e97a42a3014e139ad3cb54d8 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Tue, 25 Apr 2023 20:47:07 -0700
Subject: [PATCH 2/2] Try lower case username if upper case doesn't exist
 https://github.com/virtualmin/virtualmin-gpl/issues/553

---
 miniserv.pl | 29 ++++++++++++++++++++++-------
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/miniserv.pl b/miniserv.pl
index eeafa9117..1a5fde9b4 100755
--- a/miniserv.pl
+++ b/miniserv.pl
@@ -1205,9 +1205,10 @@ while(1) {
 					# This must be the password .. try it
 					# and send back the results
 					local ($vu, $expired, $nonexist) =
-						&validate_user($conv->{'user'},
-							       $answer,
-							       $conf->{'host'});
+						&validate_user_caseless(
+							$conv->{'user'},
+							$answer,
+							$conf->{'host'});
 					local $ok = $vu ? 1 : 0;
 					print $outfd "2 $conv->{'user'} $ok $expired $notexist\n";
 					&end_pam_conversation($conv);
@@ -1717,8 +1718,8 @@ if (!$validated && !$deny_authentication && !$config{'session'} &&
 	($authuser, $authpass) = split(/:/, &b64decode($1), 2);
 	print DEBUG "handle_request: doing basic auth check authuser=$authuser authpass=$authpass\n";
 	local ($vu, $expired, $nonexist, $wvu) =
-		&validate_user($authuser, $authpass, $host,
-			       $acptip, $port);
+		&validate_user_caseless($authuser, $authpass, $host,
+				        $acptip, $port);
 	print DEBUG "handle_request: vu=$vu expired=$expired nonexist=$nonexist\n";
 	if ($vu && (!$expired || $config{'passwd_mode'} == 1)) {
 		$authuser = $vu;
@@ -1813,8 +1814,8 @@ if ($config{'session'} && !$deny_authentication &&
 			}
 
 		local ($vu, $expired, $nonexist, $wvu) =
-			&validate_user($in{'user'}, $in{'pass'}, $host,
-				       $acptip, $port);
+			&validate_user_caseless($in{'user'}, $in{'pass'}, $host,
+					        $acptip, $port);
 		if ($vu && $wvu) {
 			my $uinfo = &get_user_details($wvu, $vu);
 			if ($uinfo && $uinfo->{'twofactor_provider'}) {
@@ -3579,6 +3580,20 @@ sub urlize {
   return $tmp2;
 }
 
+# validate_user_caseless(username, password, host, remote-ip, webmin-port)
+# Calls validate_user, but also checks the lower case name if the given login
+# is mixed case
+sub validate_user_caseless
+{
+my @args = @_;
+my @rv = &validate_user(@args);
+if (!$rv[0] && $args[0] =~ /[A-Z]/) {
+	$args[0] =~ tr/A-Z/a-z/;
+	@rv = &validate_user(@args);
+	}
+return @rv;
+}
+
 # validate_user(username, password, host, remote-ip, webmin-port)
 # Checks if some username and password are valid. Returns the modified username,
 # the expired / temp pass flag, the non-existence flag, and the underlying