r4339: - rename auth_guest to auth_anonymous
authorStefan Metzmacher <metze@samba.org>
Thu, 23 Dec 2004 03:00:55 +0000 (03:00 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:07:36 +0000 (13:07 -0500)
- don't use static const strings in the server_info

- fix segfault when auth_sam gets "" as username

metze
(This used to be commit 7fcbd483d4977cf6483f34ddd28e6c0182897ba2)

source4/auth/auth_builtin.c
source4/auth/auth_sam.c
source4/auth/auth_util.c
source4/param/loadparm.c

index 56c465cfae3b73fb394010109baa7d7b865662fc..f3169231e826eaf4cce38984ea0235ba09eb8d06 100644 (file)
 
 #include "includes.h"
 #include "auth/auth.h"
+#include "librpc/gen_ndr/ndr_samr.h"
+#include "librpc/gen_ndr/ndr_security.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_AUTH
 
+/***************************************************************************
+ Make (and fill) a user_info struct for a anonymous login.
+***************************************************************************/
+static NTSTATUS make_server_info_anonymous(TALLOC_CTX *mem_ctx, struct auth_serversupplied_info **server_info)
+{
+       *server_info = talloc_p(mem_ctx, struct auth_serversupplied_info);
+       if (!*server_info) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       (*server_info)->guest = True;
+
+       (*server_info)->user_sid = dom_sid_parse_talloc((*server_info), SID_NT_ANONYMOUS);
+
+       /* is this correct? */
+       (*server_info)->primary_group_sid = dom_sid_parse_talloc((*server_info), SID_BUILTIN_GUESTS);
+
+       (*server_info)->n_domain_groups = 0;
+       (*server_info)->domain_groups = NULL;
+
+       /* annoying, but the Guest really does have a session key, 
+          and it is all zeros! */
+       (*server_info)->user_session_key = data_blob_talloc(*server_info, NULL, 16);
+       (*server_info)->lm_session_key = data_blob_talloc(*server_info, NULL, 16);
+
+       data_blob_clear(&(*server_info)->user_session_key);
+       data_blob_clear(&(*server_info)->lm_session_key);
+
+       (*server_info)->account_name = talloc_strdup((*server_info), "ANONYMOUS LOGON");
+       (*server_info)->domain = talloc_strdup((*server_info), "NT AUTHORITY");
+       (*server_info)->full_name = talloc_strdup((*server_info), "Anonymous Logon");
+       (*server_info)->logon_script = talloc_strdup((*server_info), "");
+       (*server_info)->profile_path = talloc_strdup((*server_info), "");
+       (*server_info)->home_directory = talloc_strdup((*server_info), "");
+       (*server_info)->home_drive = talloc_strdup((*server_info), "");
+
+       (*server_info)->last_logon = 0;
+       (*server_info)->last_logoff = 0;
+       (*server_info)->acct_expiry = 0;
+       (*server_info)->last_password_change = 0;
+       (*server_info)->allow_password_change = 0;
+       (*server_info)->force_password_change = 0;
+
+       (*server_info)->logon_count = 0;
+       (*server_info)->bad_password_count = 0;
+
+       (*server_info)->acct_flags = ACB_NORMAL;
+
+       return NT_STATUS_OK;
+}
+
 /**
- * Return a guest logon for guest users (username = "")
+ * Return a anonymous logon for anonymous users (username = "")
  *
  * Typically used as the first module in the auth chain, this allows
  * guest logons to be dealt with in one place.  Non-guest logons 'fail'
  * and pass onto the next module.
  **/
 
-static NTSTATUS check_guest_security(const struct auth_context *auth_context,
+static NTSTATUS check_anonymous_security(const struct auth_context *auth_context,
                                     void *my_private_data, 
                                     TALLOC_CTX *mem_ctx,
                                     const struct auth_usersupplied_info *user_info, 
@@ -44,8 +97,8 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context,
 
        if (!(user_info->internal_username.str 
              && *user_info->internal_username.str)) {
-               nt_status = make_server_info_guest(discard_const(auth_context), 
-                                                  server_info);
+               nt_status = make_server_info_anonymous(discard_const(auth_context), 
+                                                       server_info);
        }
 
        return nt_status;
@@ -53,15 +106,15 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context,
 
 /* Guest modules initialisation */
 
-static NTSTATUS auth_init_guest(struct auth_context *auth_context, 
+static NTSTATUS auth_init_anonymous(struct auth_context *auth_context, 
                                const char *options, 
                                struct auth_methods **auth_method) 
 {
        if (!make_auth_methods(auth_context, auth_method))
                return NT_STATUS_NO_MEMORY;
 
-       (*auth_method)->auth = check_guest_security;
-       (*auth_method)->name = "guest";
+       (*auth_method)->auth = check_anonymous_security;
+       (*auth_method)->name = "anonymous";
        return NT_STATUS_OK;
 }
 
@@ -175,8 +228,8 @@ NTSTATUS auth_builtin_init(void)
        NTSTATUS ret;
        struct auth_operations ops;
 
-       ops.name = "guest";
-       ops.init = auth_init_guest;
+       ops.name = "anonymous";
+       ops.init = auth_init_anonymous;
        ret = auth_register(&ops);
        if (!NT_STATUS_IS_OK(ret)) {
                DEBUG(0,("Failed to register '%s' auth backend!\n",
index 501b5ca080898b42de717b202e7a8037c05ce6b6..236a68fe9dd10440340fc1c825b91e19a948123a 100644 (file)
@@ -500,14 +500,18 @@ static NTSTATUS check_sam_security_internals(const struct auth_context *auth_con
                                             const struct auth_usersupplied_info *user_info, 
                                             struct auth_serversupplied_info **server_info)
 {
-       NTSTATUS nt_status;
-
+       /* mark this as 'not for me' */
+       NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
        const char *username = user_info->internal_username.str;
        struct ldb_message **msgs;
        struct ldb_message **domain_msgs;
        void *sam_ctx;
        DATA_BLOB user_sess_key, lm_sess_key;
 
+       if (!username || !*username) {
+               return nt_status;
+       }
+
        sam_ctx = samdb_connect(mem_ctx);
        if (sam_ctx == NULL) {
                return NT_STATUS_INVALID_SYSTEM_SERVICE;
index 2b6d5324eed1c808560a22a1e4390678d93b4253..9af4410a93a63f0927e27d6e428d0d8e142e31f6 100644 (file)
@@ -430,57 +430,6 @@ NTSTATUS make_server_info(const TALLOC_CTX *mem_ctx,
        return NT_STATUS_OK;
 }
 
-/***************************************************************************
- Make (and fill) a user_info struct for a guest login.
-***************************************************************************/
-NTSTATUS make_server_info_guest(TALLOC_CTX *mem_ctx, struct auth_serversupplied_info **server_info)
-{
-       NTSTATUS nt_status;
-
-       nt_status = make_server_info(mem_ctx, server_info, "");
-
-       if (!NT_STATUS_IS_OK(nt_status)) {
-               return nt_status;
-       }
-       
-       (*server_info)->guest = True;
-
-       (*server_info)->user_sid = dom_sid_parse_talloc((*server_info), SID_NT_ANONYMOUS);
-       (*server_info)->primary_group_sid = dom_sid_parse_talloc((*server_info), SID_BUILTIN_GUESTS);
-       (*server_info)->n_domain_groups = 0;
-       (*server_info)->domain_groups = NULL;
-       
-       /* annoying, but the Guest really does have a session key, 
-          and it is all zeros! */
-       (*server_info)->user_session_key = data_blob_talloc(*server_info, NULL, 16);
-       (*server_info)->lm_session_key = data_blob_talloc(*server_info, NULL, 16);
-
-       data_blob_clear(&(*server_info)->user_session_key);
-       data_blob_clear(&(*server_info)->lm_session_key);
-
-       (*server_info)->account_name = "";
-       (*server_info)->domain = "";
-       (*server_info)->full_name = "Anonymous";
-       (*server_info)->logon_script = "";
-       (*server_info)->profile_path = "";
-       (*server_info)->home_directory = "";
-       (*server_info)->home_drive = "";
-
-       (*server_info)->last_logon = 0;
-       (*server_info)->last_logoff = 0;
-       (*server_info)->acct_expiry = 0;
-       (*server_info)->last_password_change = 0;
-       (*server_info)->allow_password_change = 0;
-       (*server_info)->force_password_change = 0;
-
-       (*server_info)->logon_count = 0;
-       (*server_info)->bad_password_count = 0;
-
-       (*server_info)->acct_flags = ACB_NORMAL;
-
-       return nt_status;
-}
-
 /***************************************************************************
  Make a server_info struct from the info3 returned by a domain logon 
 ***************************************************************************/
index 035ac3422a89a7952c98c9a291c5c312b61c242b..059b7b1cb24772168b82806a389735abe8bf679b 100644 (file)
@@ -924,7 +924,7 @@ static void init_globals(void)
 
        do_parameter("dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg IOXIDResolver IRemoteActivation");
        do_parameter("server services", "smb rpc");
-       do_parameter("auth methods", "guest sam_ignoredomain");
+       do_parameter("auth methods", "anonymous sam_ignoredomain");
        do_parameter("smb passwd file", dyn_SMB_PASSWD_FILE);
        do_parameter("private dir", dyn_PRIVATE_DIR);
        do_parameter_var("sam database", "tdb://%s/sam.ldb", dyn_PRIVATE_DIR);