git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 973645c)
Small auth updates:
authorAndrew Bartlett <abartlet@samba.org>
Fri, 15 Nov 2002 21:23:55 +0000 (21:23 +0000)
committerAndrew Bartlett <abartlet@samba.org>
Fri, 15 Nov 2002 21:23:55 +0000 (21:23 +0000)
 - add static remove unnneded prototype
 - move become_root() to just around pdb calls, so as to make it easier to
remove when we kill off this silly idea
 - Change auth_sam to do 'account before password' rather than 'password before
account'.  This means that we match Win2k in giving 'account disabled' instead
of 'wrong password' if the wrong password to a disabled account is used.

Andrew Bartlett
(This used to be commit e6d2debaf6064c3229f41c06545a1ccb83695a77)

source3/auth/auth_builtin.c patch | blob | history
source3/auth/auth_sam.c patch | blob | history
source3/auth/auth_util.c patch | blob | history
source3/auth/auth_winbind.c patch | blob | history

diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c
index 09b9a36cdfa069d47b9b1811a9ed47d89e326ce7..f55f662a408bb0be2e6411dd8024a1b71ec31b52 100644 (file)
--- a/source3/auth/auth_builtin.c
+++ b/source3/auth/auth_builtin.c
@@ -42,9 +42,7 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context,
 
        if (!(user_info->internal_username.str 
              && *user_info->internal_username.str)) {
 
        if (!(user_info->internal_username.str 
              && *user_info->internal_username.str)) {
-               become_root();
                nt_status = make_server_info_guest(server_info);
                nt_status = make_server_info_guest(server_info);
-               unbecome_root();
        }
 
        return nt_status;
        }
 
        return nt_status;
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 9fa33dccf68c12e161a7e9cd1fbab0a182fed7c8..02f8511d6af53067726069aac6ac51ed59a9fc06 100644 (file)
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -393,6 +393,8 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
                return NT_STATUS_NO_SUCH_USER;
        }
 
                return NT_STATUS_NO_SUCH_USER;
        }
 
+       nt_status = sam_account_ok(mem_ctx, sampass, user_info);
+       
        nt_status = sam_password_ok(auth_context, mem_ctx, sampass, user_info, user_sess_key);
 
        if (!NT_STATUS_IS_OK(nt_status)) {
        nt_status = sam_password_ok(auth_context, mem_ctx, sampass, user_info, user_sess_key);
 
        if (!NT_STATUS_IS_OK(nt_status)) {
@@ -400,8 +402,6 @@ static NTSTATUS check_sam_security(const struct auth_context *auth_context,
                return nt_status;
        }
 
                return nt_status;
        }
 
-       nt_status = sam_account_ok(mem_ctx, sampass, user_info);
-       
        if (!NT_STATUS_IS_OK(nt_status)) {
                pdb_free_sam(&sampass);
                return nt_status;
        if (!NT_STATUS_IS_OK(nt_status)) {
                pdb_free_sam(&sampass);
                return nt_status;
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 98b15f3fb624a34ea2412f8cbd9f0fad9d9babd8..5696b8f2dcc14c3fba9aacf27d5524db3b1b173e 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -821,9 +821,12 @@ NTSTATUS make_server_info_guest(auth_serversupplied_info **server_info)
        sid_copy(&guest_sid, get_global_sam_sid());
        sid_append_rid(&guest_sid, DOMAIN_USER_RID_GUEST);
 
        sid_copy(&guest_sid, get_global_sam_sid());
        sid_append_rid(&guest_sid, DOMAIN_USER_RID_GUEST);
 
+       become_root();
        if (!pdb_getsampwsid(sampass, &guest_sid)) {
        if (!pdb_getsampwsid(sampass, &guest_sid)) {
+               unbecome_root();
                return NT_STATUS_NO_SUCH_USER;
        }
                return NT_STATUS_NO_SUCH_USER;
        }
+       unbecome_root();
 
        nt_status = make_server_info_sam(server_info, sampass);
 
 
        nt_status = make_server_info_sam(server_info, sampass);
 
diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c
index 10788721fdebec9893161765909ffbde349748d5..c6a1727ebeaf90e69c4a4be6c9ac997d56053d5b 100644 (file)
--- a/source3/auth/auth_winbind.c
+++ b/source3/auth/auth_winbind.c
@@ -26,13 +26,7 @@
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_AUTH
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_AUTH
 
-/* Prototypes from common.h */
-
-NSS_STATUS winbindd_request(int req_type, 
-                           struct winbindd_request *request,
-                           struct winbindd_response *response);
-
-NTSTATUS get_info3_from_ndr(TALLOC_CTX *mem_ctx, struct winbindd_response *response, NET_USER_INFO_3 *info3)
+static NTSTATUS get_info3_from_ndr(TALLOC_CTX *mem_ctx, struct winbindd_response *response, NET_USER_INFO_3 *info3)
 {
        uint8 *info3_ndr;
        size_t len = response->length - sizeof(response);
 {
        uint8 *info3_ndr;
        size_t len = response->length - sizeof(response);
Samba Shared Repository