char *szAddShareCommand;
char *szChangeShareCommand;
char *szDeleteShareCommand;
+ char *szGuestaccount;
int max_log_size;
int mangled_stack;
int max_xmit;
char *szService;
char *szPath;
char *szUsername;
- char *szGuestaccount;
char **szInvalidUsers;
char **szValidUsers;
char **szAdminUsers;
NULL, /* szService */
NULL, /* szPath */
NULL, /* szUsername */
- NULL, /* szGuestAccount - this is set in init_globals() */
NULL, /* szInvalidUsers */
NULL, /* szValidUsers */
NULL, /* szAdminUsers */
{"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
{"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
{"root", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, 0},
+ {"guest account", P_STRING, P_GLOBAL, &Globals.szGuestaccount, NULL, NULL, FLAG_BASIC},
{"pam password change", P_BOOL, P_GLOBAL, &Globals.bPamPasswordChange, NULL, NULL, 0},
{"passwd program", P_STRING, P_GLOBAL, &Globals.szPasswdProgram, NULL, NULL, 0},
{"user", P_STRING, P_LOCAL, &sDefault.szUsername, NULL, NULL, 0},
{"users", P_STRING, P_LOCAL, &sDefault.szUsername, NULL, NULL, 0},
- {"guest account", P_STRING, P_LOCAL, &sDefault.szGuestaccount, NULL, NULL, FLAG_BASIC | FLAG_SHARE | FLAG_PRINT | FLAG_GLOBAL},
{"invalid users", P_LIST, P_LOCAL, &sDefault.szInvalidUsers, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"valid users", P_LIST, P_LOCAL, &sDefault.szValidUsers, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
{"admin users", P_LIST, P_LOCAL, &sDefault.szAdminUsers, NULL, NULL, FLAG_GLOBAL | FLAG_SHARE},
parm_table[i].ptr)
string_set(parm_table[i].ptr, "");
- string_set(&sDefault.szGuestaccount, GUEST_ACCOUNT);
string_set(&sDefault.fstype, FSTYPE_STRING);
init_printer_values();
string_set(&Globals.szSMBPasswdFile, SMB_PASSWD_FILE);
string_set(&Globals.szPrivateDir, PRIVATE_DIR);
string_set(&Globals.szPassdbModulePath, "");
+
+ string_set(&Globals.szGuestaccount, GUEST_ACCOUNT);
/*
* Allow the default PASSWD_CHAT to be overridden in local.h.
FN_GLOBAL_STRING(lp_adduser_script, &Globals.szAddUserScript)
FN_GLOBAL_STRING(lp_deluser_script, &Globals.szDelUserScript)
+FN_GLOBAL_STRING(lp_guestaccount, &Globals.szGuestaccount)
FN_GLOBAL_STRING(lp_addgroup_script, &Globals.szAddGroupScript)
FN_GLOBAL_STRING(lp_delgroup_script, &Globals.szDelGroupScript)
FN_GLOBAL_STRING(lp_addusertogroup_script, &Globals.szAddUserToGroupScript)
FN_LOCAL_STRING(lp_pathname, szPath)
FN_LOCAL_STRING(lp_dontdescend, szDontdescend)
FN_LOCAL_STRING(lp_username, szUsername)
-FN_LOCAL_STRING(lp_guestaccount, szGuestaccount)
FN_LOCAL_LIST(lp_invalid_users, szInvalidUsers)
FN_LOCAL_LIST(lp_valid_users, szValidUsers)
FN_LOCAL_LIST(lp_admin_users, szAdminUsers)
int nt_pw_len;
int lm_pw_len;
fstring user_name;
- fstring pipe_user_name;
fstring domain;
fstring wks;
* Allow guest access. Patch from Shirish Kalele <kalele@veritas.com>.
*/
- if((strlen(user_name) == 0) &&
- (ntlmssp_resp->hdr_nt_resp.str_str_len==0))
- {
-
- fstrcpy(pipe_user_name, lp_guestaccount(-1));
- DEBUG(100,("Null user in NTLMSSP verification. Using guest = %s\n", pipe_user_name));
-
- } else {
+ if (*user_name) {
/*
* Do the length checking only if user is not NULL.
p->ntlmssp_auth_validated = NT_STATUS_IS_OK(nt_status);
if (!p->ntlmssp_auth_validated) {
- DEBUG(1,("api_pipe_ntlmssp_verify: User %s\\%s from machine %s \
-failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name ));
+ DEBUG(1,("api_pipe_ntlmssp_verify: User [%s]\\[%s] from machine %s \
+failed authentication on named pipe %s.\n", domain, user_name, wks, p->name ));
free_server_info(&server_info);
return False;
}
}
fstrcpy(p->user_name, user_name);
- fstrcpy(p->pipe_user_name, pipe_user_name);
+ fstrcpy(p->pipe_user_name, pdb_get_username(server_info->sam_account));
fstrcpy(p->domain, domain);
fstrcpy(p->wks, wks);
p->pipe_user.gid = *pgid;
/* Set up pipe user group membership. */
- initialise_groups(pipe_user_name, p->pipe_user.uid, p->pipe_user.gid);
+ initialise_groups(p->pipe_user_name, p->pipe_user.uid, p->pipe_user.gid);
get_current_groups( &p->pipe_user.ngroups, &p->pipe_user.groups);
if (server_info->ptok)
return False;
}
- if (!vuser->guest && user_ok(vuser->user.unix_name,snum)) {
+ if ((!vuser->guest && user_ok(vuser->user.unix_name,snum)) ||
+ (vuser->guest && GUEST_OK(snum))) {
fstrcpy(user,vuser->user.unix_name);
- *guest = False;
- DEBUG(3,("authorise_login: ACCEPTED: validated uid ok as non-guest \
-(user=%s)\n", user));
+ *guest = vuser->guest;
+ DEBUG(3,("authorise_login: ACCEPTED: validated based on vuid as %sguest \
+(user=%s)\n", vuser->guest ? "" : "non-", user));
return True;
}
}
/* check for a normal guest connection */
if (!ok && GUEST_OK(snum)) {
fstring guestname;
- StrnCpy(guestname,lp_guestaccount(snum),sizeof(guestname)-1);
+ StrnCpy(guestname,lp_guestaccount(),sizeof(guestname)-1);
if (Get_Pwnam(guestname)) {
fstrcpy(user,guestname);
ok = True;
git.samba.org / ira / wip.git / commitdiff