Code duplication is bad. So add an add_signiture() function and just refernce

[ira/wip.git] / source3 / smbd / sesssetup.c

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 0202a247cdc40e020d00b768cc30ed2d18d3739c..291685e9fc6ac3570718182e80644d9b1ef115ab 100644 (file)
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -22,6 +22,21 @@
 
 #include "includes.h"
 
+uint32 global_client_caps = 0;
+
+/****************************************************************************
+ Add the standard 'Samba' signiture to the end of the session setup.
+****************************************************************************/
+static void add_signiture(char *outbuf) 
+{
+       char *p;
+       p = smb_buf(outbuf);
+       p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE);
+       p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE);
+       p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE);
+       set_message_end(outbuf,p);
+}
+
 #if HAVE_KRB5
 /****************************************************************************
 reply to a session setup spnego negotiate packet for kerberos
@@ -33,21 +48,16 @@ static int reply_spnego_kerberos(connection_struct *conn,
 {
        DATA_BLOB ticket;
        krb5_context context;
-       krb5_principal server;
        krb5_auth_context auth_context = NULL;
        krb5_keytab keytab = NULL;
        krb5_data packet;
        krb5_ticket *tkt = NULL;
        int ret;
        char *realm, *client, *p;
-       fstring service;
-       extern pstring global_myname;
        const struct passwd *pw;
        char *user;
-       gid_t gid;
-       uid_t uid;
-       char *full_name;
        int sess_vuid;
+       auth_serversupplied_info *server_info = NULL;
 
        realm = lp_realm();
 
@@ -55,33 +65,30 @@ static int reply_spnego_kerberos(connection_struct *conn,
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
-       /* the service is the wins name lowercase with $ tacked on */
-       fstrcpy(service, global_myname);
-       strlower(service);
-       fstrcat(service, "$");
-
        ret = krb5_init_context(&context);
        if (ret) {
-               return ERROR_NT(NT_STATUS_LOGON_FAILURE);
-       }
-
-       ret = krb5_build_principal(context, &server, strlen(realm),
-                                  realm, service, NULL);
-       if (ret) {
+               DEBUG(1,("krb5_init_context failed (%s)\n", error_message(ret)));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
        packet.length = ticket.length;
        packet.data = (krb5_pointer)ticket.data;
 
+#if 0
+       file_save("/tmp/ticket.dat", ticket.data, ticket.length);
+#endif
+
        if ((ret = krb5_rd_req(context, &auth_context, &packet, 
-                                      server, keytab, NULL, &tkt))) {
-               DEBUG(3,("krb5_rd_req failed with code %08x\n", ret));
+                              NULL, keytab, NULL, &tkt))) {
+               DEBUG(3,("krb5_rd_req failed (%s)\n", 
+                        error_message(ret)));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
        if ((ret = krb5_unparse_name(context, tkt->enc_part2->client,
                                     &client))) {
+               DEBUG(3,("krb5_unparse_name failed (%s)\n", 
+                        error_message(ret)));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
@@ -89,7 +96,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 
        p = strchr_m(client, '@');
        if (!p) {
-               DEBUG(3,("Doesn't look like a valid principle\n"));
+               DEBUG(3,("Doesn't look like a valid principal\n"));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
@@ -107,11 +114,15 @@ static int reply_spnego_kerberos(connection_struct *conn,
                DEBUG(1,("Username %s is invalid on this system\n",user));
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
-       gid = pw->pw_gid;
-       uid = pw->pw_uid;
-       full_name = pw->pw_gecos;
+
+       if (!make_server_info_pw(&server_info,pw)) {
+               DEBUG(1,("make_server_info_from_pw failed!\n"));
+               return ERROR_NT(NT_STATUS_NO_MEMORY);
+       }
        
-       sess_vuid = register_vuid(uid,gid,user,user,realm,False, full_name);
+       sess_vuid = register_vuid(server_info, user);
+
+       free_server_info(&server_info);
 
        if (sess_vuid == -1) {
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
@@ -119,11 +130,7 @@ static int reply_spnego_kerberos(connection_struct *conn,
 
        set_message(outbuf,4,0,True);
        SSVAL(outbuf, smb_vwv3, 0);
-       p = smb_buf(outbuf);
-       p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE);
-       p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE);
-       p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE);
-       set_message_end(outbuf,p);
+       add_signiture(outbuf);
  
        SSVAL(outbuf,smb_uid,sess_vuid);
        SSVAL(inbuf,smb_uid,sess_vuid);
@@ -184,7 +191,8 @@ static int reply_spnego_negotiate(connection_struct *conn,
        
        for (i=0;OIDs[i];i++) {
                DEBUG(3,("Got OID %s\n", OIDs[i]));
-               if (strcmp(OID_KERBEROS5_OLD, OIDs[i]) == 0) {
+               if (strcmp(OID_KERBEROS5, OIDs[i]) == 0 ||
+                   strcmp(OID_KERBEROS5_OLD, OIDs[i]) == 0) {
                        got_kerberos = True;
                }
                free(OIDs[i]);
@@ -269,14 +277,15 @@ static int reply_spnego_auth(connection_struct *conn, char *inbuf, char *outbuf,
        DATA_BLOB auth;
        char *workgroup, *user, *machine;
        DATA_BLOB lmhash, nthash, sess_key;
+       DATA_BLOB plaintext_password = data_blob(NULL, 0);
+       DATA_BLOB sec_blob;
        uint32 ntlmssp_command, neg_flags;
        NTSTATUS nt_status;
        int sess_vuid;
-       gid_t gid;
-       uid_t uid;
-       char *full_name;
-       char *p;
-       const struct passwd *pw;
+       char chal[8];
+
+       auth_usersupplied_info *user_info = NULL;
+       auth_serversupplied_info *server_info = NULL;
 
        if (!spnego_parse_auth(blob1, &auth)) {
 #if 0
@@ -310,47 +319,83 @@ static int reply_spnego_auth(connection_struct *conn, char *inbuf, char *outbuf,
        file_save("lmhash1.dat", lmhash.data, lmhash.length);
 #endif
 
-       nt_status = pass_check_smb(user, user, 
-                                  workgroup, machine,
-                                  lmhash.data,
-                                  lmhash.length,
-                                  nthash.data,
-                                  nthash.length);
-
-       data_blob_free(&nthash);
+       if (!last_challenge(chal)) {
+               DEBUG(0,("Encrypted login but no challange set!\n"));
+               return ERROR_NT(NT_STATUS_LOGON_FAILURE);
+       }
+       sec_blob = data_blob(chal, 8);
+       if (!sec_blob.data) {
+               return ERROR_NT(NT_STATUS_NO_MEMORY);
+       }
+       
+       if (!make_user_info_map(&user_info, 
+                               user, workgroup, 
+                               machine, sec_blob,
+                               lmhash, nthash,
+                               plaintext_password, 
+                               neg_flags, True)) {
+               return ERROR_NT(NT_STATUS_NO_MEMORY);
+       }
+       
+       nt_status = check_password(user_info, &server_info); 
+       
+       free_user_info(&user_info);
+       
        data_blob_free(&lmhash);
-
+       
+       data_blob_free(&nthash);
+       
        if (!NT_STATUS_IS_OK(nt_status)) {
-               return ERROR_NT(nt_status);
+               return ERROR_NT(nt_status_squash(nt_status));
        }
 
-       /* the password is good - let them in */
-       pw = smb_getpwnam(user,False);
-       if (!pw) {
-               DEBUG(1,("Username %s is invalid on this system\n",user));
+       sess_vuid = register_vuid(server_info, user);
+
+       free_server_info(&server_info);
+  
+       if (sess_vuid == -1) {
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
-       gid = pw->pw_gid;
-       uid = pw->pw_uid;
-       full_name = pw->pw_gecos;
 
-       sess_vuid = register_vuid(uid,gid,user,user,workgroup,False, full_name);
-
-       free(user);
-       free(workgroup);
-       free(machine);
+       set_message(outbuf,4,0,True);
+       SSVAL(outbuf, smb_vwv3, 0);
+       add_signiture(outbuf);
+ 
+       SSVAL(outbuf,smb_uid,sess_vuid);
+       SSVAL(inbuf,smb_uid,sess_vuid);
        
+       return chain_reply(inbuf,outbuf,length,bufsize);
+}
+
+
+/****************************************************************************
+reply to a session setup spnego anonymous packet
+****************************************************************************/
+static int reply_spnego_anonymous(connection_struct *conn, char *inbuf, char *outbuf,
+                                 int length, int bufsize)
+{
+       int sess_vuid;
+       auth_usersupplied_info *user_info = NULL;
+       auth_serversupplied_info *server_info = NULL;
+
+       NTSTATUS nt_status;
+
+       DEBUG(3,("Got anonymous request\n"));
+
+       make_user_info_guest(&user_info);
+
+       nt_status = check_password(user_info, &server_info);
+
+       sess_vuid = register_vuid(server_info, lp_guestaccount());
+       free_server_info(&server_info);
+  
        if (sess_vuid == -1) {
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
        set_message(outbuf,4,0,True);
        SSVAL(outbuf, smb_vwv3, 0);
-       p = smb_buf(outbuf);
-       p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE);
-       p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE);
-       p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE);
-       set_message_end(outbuf,p);
+       add_signiture(outbuf);
  
        SSVAL(outbuf,smb_uid,sess_vuid);
        SSVAL(inbuf,smb_uid,sess_vuid);
@@ -367,20 +412,25 @@ static int reply_sesssetup_and_X_spnego(connection_struct *conn, char *inbuf,cha
 {
        uint8 *p;
        DATA_BLOB blob1;
-       extern uint32 global_client_caps;
        int ret;
 
+       DEBUG(3,("Doing spnego session setup\n"));
+
        if (global_client_caps == 0) {
                global_client_caps = IVAL(inbuf,smb_vwv10);
        }
                
-       p = smb_buf(inbuf);
+       p = (uint8 *)smb_buf(inbuf);
+
+       if (SVAL(inbuf, smb_vwv7) == 0) {
+               /* an anonymous request */
+               return reply_spnego_anonymous(conn, inbuf, outbuf, length, bufsize);
+       }
 
        /* pull the spnego blob */
        blob1 = data_blob(p, SVAL(inbuf, smb_vwv7));
-       
+
 #if 0
-       chdir("/home/tridge");
        file_save("negotiate.dat", blob1.data, blob1.length);
 #endif
 
@@ -414,57 +464,74 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
                          int length,int bufsize)
 {
        int sess_vuid;
-       gid_t gid;
-       uid_t uid;
-       char* full_name;
        int   smb_bufsize;    
-       int   smb_apasslen = 0;   
-       pstring smb_apasswd;
-       int   smb_ntpasslen = 0;   
-       pstring smb_ntpasswd;
+       DATA_BLOB lm_resp;
+       DATA_BLOB nt_resp;
+       DATA_BLOB plaintext_password;
        pstring user;
-       pstring orig_user;
+       pstring sub_user; /* Sainitised username for substituion */
        fstring domain;
        fstring native_os;
        fstring native_lanman;
-       BOOL guest=False;
        static BOOL done_sesssetup = False;
        extern BOOL global_encrypted_passwords_negotiated;
-       extern uint32 global_client_caps;
+       extern BOOL global_spnego_negotiated;
        extern int Protocol;
        extern fstring remote_machine;
        extern userdom_struct current_user_info;
        extern int max_send;
+
+       auth_usersupplied_info *user_info = NULL;
+       auth_serversupplied_info *server_info = NULL;
+
+       NTSTATUS nt_status;
+
        BOOL doencrypt = global_encrypted_passwords_negotiated;
+
        START_PROFILE(SMBsesssetupX);
+
+       ZERO_STRUCT(lm_resp);
+       ZERO_STRUCT(nt_resp);
+       ZERO_STRUCT(plaintext_password);
+
+       DEBUG(3,("wct=%d flg2=0x%x\n", CVAL(inbuf, smb_wct), SVAL(inbuf, smb_flg2)));
        
-       if (SVAL(inbuf, smb_flg2) & FLAGS2_EXTENDED_SECURITY) {
-               /* it's a SPNEGO session setup */
+       /* a SPNEGO session setup has 12 command words, whereas a normal
+          NT1 session setup has 13. See the cifs spec. */
+       if (CVAL(inbuf, smb_wct) == 12 &&
+           (SVAL(inbuf, smb_flg2) & FLAGS2_EXTENDED_SECURITY)) {
                return reply_sesssetup_and_X_spnego(conn, inbuf, outbuf, length, bufsize);
        }
 
-       *smb_apasswd = *smb_ntpasswd = 0;
-       
        smb_bufsize = SVAL(inbuf,smb_vwv2);
-       
+
        if (Protocol < PROTOCOL_NT1) {
-               smb_apasslen = SVAL(inbuf,smb_vwv7);
-               if (smb_apasslen > MAX_PASS_LEN) {
+               uint16 passlen1 = SVAL(inbuf,smb_vwv7);
+               if (passlen1 > MAX_PASS_LEN) {
                        return ERROR_DOS(ERRDOS,ERRbuftoosmall);
                }
 
-               memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen);
-               srvstr_pull(inbuf, user, smb_buf(inbuf)+smb_apasslen, sizeof(user), -1, STR_TERMINATE);
-               
-               if (!doencrypt && (lp_security() != SEC_SERVER)) {
-                       smb_apasslen = strlen(smb_apasswd);
+               if (doencrypt) {
+                       lm_resp = data_blob(smb_buf(inbuf), passlen1);
+               } else {
+                       plaintext_password = data_blob(smb_buf(inbuf), passlen1+1);
+                       if (!plaintext_password.data) {
+                               DEBUG(0,("reply_sesssetup_and_X: malloc failed for plaintext_password!\n"));
+                               return ERROR_NT(NT_STATUS_NO_MEMORY);
+                       } else {
+                               /* Ensure null termination */
+                               plaintext_password.data[passlen1] = 0;
+                       }
                }
+
+               srvstr_pull(inbuf, user, smb_buf(inbuf)+passlen1, sizeof(user), -1, STR_TERMINATE);
+  
        } else {
                uint16 passlen1 = SVAL(inbuf,smb_vwv7);
                uint16 passlen2 = SVAL(inbuf,smb_vwv8);
                enum remote_arch_types ra_type = get_remote_arch();
                char *p = smb_buf(inbuf);    
-               
+
                if(global_client_caps == 0)
                        global_client_caps = IVAL(inbuf,smb_vwv11);
                
@@ -479,16 +546,13 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
                        }
                }
                
-               if (passlen1 != 24 && passlen2 < 24)
-                       doencrypt = False;
-               
                if (passlen1 > MAX_PASS_LEN) {
                        return ERROR_DOS(ERRDOS,ERRbuftoosmall);
                }
-               
+
                passlen1 = MIN(passlen1, MAX_PASS_LEN);
                passlen2 = MIN(passlen2, MAX_PASS_LEN);
-               
+
                if (!doencrypt) {
                        /* both Win95 and WinNT stuff up the password lengths for
                           non-encrypting systems. Uggh. 
@@ -506,48 +570,19 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
                                passlen2 = 0;
                }
                
-               if (lp_restrict_anonymous()) {
-                       /* there seems to be no reason behind the
-                        * differences in MS clients formatting
-                        * various info like the domain, NativeOS, and
-                        * NativeLanMan fields. Win95 in particular
-                        * seems to have an extra null byte between
-                        * the username and the domain, or the
-                        * password length calculation is wrong, which
-                        * throws off the string extraction routines
-                        * below.  This makes the value of domain be
-                        * the empty string, which fails the restrict
-                        * anonymous check further down.  This
-                        * compensates for that, and allows browsing
-                        * to work in mixed NT and win95 environments
-                        * even when restrict anonymous is true. AAB
-                        * */
-                       dump_data(100, p, 0x70);
-                       DEBUG(9, ("passlen1=%d, passlen2=%d\n", passlen1, passlen2));
-                       if (ra_type == RA_WIN95 && !passlen1 && !passlen2 && p[0] == 0 && p[1] == 0) {
-                               DEBUG(0, ("restrict anonymous parameter used in a win95 environment!\n"));
-                               DEBUG(0, ("client is win95 and broken passlen1 offset -- attempting fix\n"));
-                               DEBUG(0, ("if win95 cilents are having difficulty browsing, you will be unable to use restrict anonymous\n"));
-                               passlen1 = 1;
-                       }
-               }
-
                /* Save the lanman2 password and the NT md4 password. */
-               smb_apasslen = passlen1;
-               memcpy(smb_apasswd,p,smb_apasslen);
-
-               smb_ntpasslen = passlen2;
-               memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen);
-
-               if (smb_apasslen != 24 || !doencrypt) {
-                       /* trim the password */
-                       smb_apasslen = strlen(smb_apasswd);
-                       
-                       /* wfwg sometimes uses a space instead of a null */
-                       if (strequal(smb_apasswd," ")) {
-                               smb_apasslen = 0;
-                               *smb_apasswd = 0;
-                       }
+               
+               if ((doencrypt) && (passlen1 != 0) && (passlen1 != 24)) {
+                       doencrypt = False;
+               }
+               
+               if (doencrypt) {
+                       lm_resp = data_blob(p, passlen1);
+                       nt_resp = data_blob(p+passlen1, passlen2);
+               } else {
+                       plaintext_password = data_blob(p, passlen1+1);
+                       /* Ensure null termination */
+                       plaintext_password.data[passlen1] = 0;
                }
                
                p += passlen1 + passlen2;
@@ -570,163 +605,103 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }
 
-       if (lp_security() == SEC_SHARE) {
-               /* in share level we should ignore any passwords */
-               smb_ntpasslen = 0;
-               smb_apasslen = 0;
-               guest = True;
-       }
-
+       DEBUG(3,("sesssetupX:name=[%s]\\[%s]@[%s]\n", domain, user, remote_machine));
 
-       DEBUG(3,("sesssetupX:name=[%s]\\[%s]@[%s]\n",user, domain, remote_machine));
-       
-       if (done_sesssetup && lp_restrict_anonymous()) {
-               /* tests show that even if browsing is done over
-                * already validated connections without a username
-                * and password the domain is still provided, which it
-                * wouldn't be if it was a purely anonymous
-                * connection.  So, in order to restrict anonymous, we
-                * only deny connections that have no session
-                * information.  If a domain has been provided, then
-                * it's not a purely anonymous connection. AAB */
-               if (!*user && !*smb_apasswd && !*domain) {
-                       DEBUG(0, ("restrict anonymous is True and anonymous connection attempted. Denying access.\n"));
-                       END_PROFILE(SMBsesssetupX);
-                       return ERROR_DOS(ERRDOS,ERRnoaccess);
+       if (*user) {
+               if (global_spnego_negotiated) {
+                       DEBUG(0,("reply_sesssetup_and_X:  Rejecting attempt at 'normal' session setup after negotiating spnego.\n"));
+                       return ERROR_NT(NT_STATUS_UNSUCCESSFUL);
                }
        }
 
-       /* If no username is sent use the guest account */
-       if (!*user) {
-               pstrcpy(user,lp_guestaccount(-1));
-               guest = True;
+       if (*user) {
+               pstrcpy(sub_user, user);
+       } else {
+               pstrcpy(sub_user, lp_guestaccount());
        }
-       
-       pstrcpy(current_user_info.smb_name,user);
-       
+
+       pstrcpy(current_user_info.smb_name,sub_user);
+
        reload_services(True);
        
-       /*
-        * Save the username before mapping. We will use
-        * the original username sent to us for security=server
-        * and security=domain checking.
-        */
+       if (lp_security() == SEC_SHARE) {
+               /* in share level we should ignore any passwords */
+
+               data_blob_free(&lm_resp);
+               data_blob_free(&nt_resp);
+               data_blob_clear_free(&plaintext_password);
+
+               map_username(sub_user);
+               add_session_user(sub_user);
+               /* Then force it to null for the benfit of the code below */
+               *user = 0;
+       }
        
-       pstrcpy( orig_user, user);
+       if (!make_user_info_for_reply(&user_info, 
+                                     user, domain, 
+                                     lm_resp, nt_resp,
+                                     plaintext_password, doencrypt)) {
+               return ERROR_NT(NT_STATUS_NO_MEMORY);
+       }
        
-       /*
-        * Always try the "DOMAIN\user" lookup first, as this is the most
-        * specific case. If this fails then try the simple "user" lookup.
-        * But don't do this for guests, as this is always a local user.
-        */
+       nt_status = check_password(user_info, &server_info); 
        
-       if (!guest) {
-               pstring dom_user;
-               
-               /* Work out who's who */
-               
-               slprintf(dom_user, sizeof(dom_user) - 1,"%s%s%s",
-                        domain, lp_winbind_separator(), user);
-               
-               if (sys_getpwnam(dom_user) != NULL) {
-                       pstrcpy(user, dom_user);
-                       DEBUG(3,("Using unix username %s\n", dom_user));
-               }
-               
-               /*
-                * Pass the user through the NT -> unix user mapping
-                * function.
-                */
-               
-               (void)map_username(user);
-               
-               /*
-                * Do any UNIX username case mangling.
-                */
-               smb_getpwnam(user, True);
-       }
+       free_user_info(&user_info);
        
-       add_session_user(user);
+       data_blob_free(&lm_resp);
+       data_blob_free(&nt_resp);
+       data_blob_clear_free(&plaintext_password);
        
-       if (!guest) {
-               NTSTATUS nt_status;
-               nt_status = pass_check_smb(orig_user, user, 
-                                          domain, remote_machine,
-                                          (unsigned char *)smb_apasswd, 
-                                          smb_apasslen, 
-                                          (unsigned char *)smb_ntpasswd,
-                                          smb_ntpasslen);
-         
-               if NT_STATUS_IS_OK(nt_status) {
-
-               } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) {
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               if NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) {
                        if ((lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) || 
-                           (lp_map_to_guest() ==  MAP_TO_GUEST_ON_BAD_PASSWORD)) {
+                           (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) {
+                               
                                DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain));
-                               pstrcpy(user,lp_guestaccount(-1));
-                               guest = True;
-                       } else {
-                               /* Match WinXP and don't give the game away */
-                               return ERROR_NT(NT_STATUS_LOGON_FAILURE);
+                               make_server_info_guest(&server_info);
+                               nt_status = NT_STATUS_OK;
                        }
-               } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) {
-                       if (lp_map_to_guest() ==  MAP_TO_GUEST_ON_BAD_PASSWORD) {
-                               pstrcpy(user,lp_guestaccount(-1));
+
+               } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) {                        
+                       if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD) {                                
                                DEBUG(3,("Registered username %s for guest access\n",user));
-                               guest = True;
-                       } else {
-                               /* Match WinXP and don't give the game away */
-                               return ERROR_NT(NT_STATUS_LOGON_FAILURE);
+                               make_server_info_guest(&server_info);
+                               nt_status = NT_STATUS_OK;
                        }
-               } else {
-                       return ERROR_NT(nt_status);
                }
        }
        
-       if (!strequal(user,lp_guestaccount(-1)) &&
-           lp_servicenumber(user) < 0) {
-               add_home_service(user,get_user_home_dir(user));
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               return ERROR_NT(nt_status_squash(nt_status));
        }
-
-
+       
        /* it's ok - setup a reply */
        if (Protocol < PROTOCOL_NT1) {
                set_message(outbuf,3,0,True);
        } else {
-               char *p;
                set_message(outbuf,3,0,True);
-               p = smb_buf(outbuf);
-               p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE);
-               p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE);
-               p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE);
-               set_message_end(outbuf,p);
+               add_signiture(outbuf);
                /* perhaps grab OS version here?? */
        }
        
-       /* Set the correct uid in the outgoing and incoming packets
-          We will use this on future requests to determine which
-          user we should become.
-       */
-       {
-               const struct passwd *pw = smb_getpwnam(user,False);
-               if (!pw) {
-                       DEBUG(1,("Username %s is invalid on this system\n",user));
-                       END_PROFILE(SMBsesssetupX);
-                       return ERROR_NT(NT_STATUS_LOGON_FAILURE);
+       if (server_info->guest) {
+               SSVAL(outbuf,smb_vwv2,1);
+       } else {
+               const char *home_dir = pdb_get_homedir(server_info->sam_account);
+               const char *username = pdb_get_username(server_info->sam_account);
+               if ((home_dir && *home_dir)
+                   && (lp_servicenumber(username) < 0)) {
+                       add_home_service(username, home_dir);     
                }
-               gid = pw->pw_gid;
-               uid = pw->pw_uid;
-               full_name = pw->pw_gecos;
        }
-       
-       if (guest)
-               SSVAL(outbuf,smb_vwv2,1);
-       
+
        /* register the name and uid as being validated, so further connections
           to a uid can get through without a password, on the same VC */
-       
-       sess_vuid = register_vuid(uid,gid,user,orig_user,domain,guest, full_name);
-       
+
+       sess_vuid = register_vuid(server_info, sub_user);
+
+       free_server_info(&server_info);
+  
        if (sess_vuid == -1) {
                return ERROR_NT(NT_STATUS_LOGON_FAILURE);
        }