From de5f34f0361e4c1d32b7d0b28e8a9c3179099a91 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 4 Apr 2013 09:53:34 +1100 Subject: [PATCH] s3-smbd: Split make_serverinfo_from_username guest parameters into two parts This handles differently the case where we are the guest (from security=share) and when we are forced to be a different user with force user. We want to maintain only the is_guest flag if were forced to become any other user, we need the rest of the token to change. Andrew Bartlett --- source3/auth/auth_util.c | 3 ++- source3/auth/proto.h | 1 + source3/smbd/service.c | 4 ++-- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 0e1f437..288f461 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -902,6 +902,7 @@ static NTSTATUS make_new_session_info_system(TALLOC_CTX *mem_ctx, NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, const char *username, + bool use_guest_token, bool is_guest, struct auth_serversupplied_info **presult) { @@ -925,7 +926,7 @@ NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, result->nss_token = true; result->guest = is_guest; - if (is_guest) { + if (use_guest_token) { status = make_server_info_guest(mem_ctx, &result); } else { status = create_local_token(result); diff --git a/source3/auth/proto.h b/source3/auth/proto.h index b23d827..3d1fa06 100644 --- a/source3/auth/proto.h +++ b/source3/auth/proto.h @@ -149,6 +149,7 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, struct passwd *pwd); NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx, const char *username, + bool use_guest_token, bool is_guest, struct auth_serversupplied_info **presult); struct auth_serversupplied_info *copy_serverinfo(TALLOC_CTX *mem_ctx, diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 6c8c8d3..a22b0df 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -656,7 +656,7 @@ static NTSTATUS create_connection_session_info(struct smbd_server_connection *sc return NT_STATUS_WRONG_PASSWORD; } - return make_serverinfo_from_username(mem_ctx, user, guest, + return make_serverinfo_from_username(mem_ctx, user, guest, guest, presult); } @@ -690,7 +690,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) } status = make_serverinfo_from_username( - conn, fuser, conn->session_info->guest, + conn, fuser, false, conn->session_info->guest, &forced_serverinfo); if (!NT_STATUS_IS_OK(status)) { return status; -- 1.7.11.7