summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-05-27 14:19:57 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:57:00 -0500
commitcc6df2e9cf5b31f83cf88d21457b32712d90f04b (patch)
treeb5073d729aba8fcb648067ae4a0c248b6efcc6b1
parentaf52df2f1fde76b518bf946e396bc29869aa6964 (diff)
downloadsamba-cc6df2e9cf5b31f83cf88d21457b32712d90f04b.tar.gz
samba-cc6df2e9cf5b31f83cf88d21457b32712d90f04b.tar.bz2
samba-cc6df2e9cf5b31f83cf88d21457b32712d90f04b.zip
r7024: reverting mistaken commit
(This used to be commit c70c5c4ee9b14fbdb174f542607aceebe0e88470)
-rw-r--r--source3/auth/auth.c18
-rw-r--r--source3/include/smb.h1
-rw-r--r--source3/param/loadparm.c1
-rw-r--r--source3/smbd/sesssetup.c17
4 files changed, 8 insertions, 29 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index e38279a140..b777e97cc9 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -215,7 +215,6 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
if (!user_info || !auth_context || !server_info)
return NT_STATUS_LOGON_FAILURE;
-
DEBUG(3, ("check_ntlm_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n",
user_info->client_domain.str, user_info->smb_name.str, user_info->wksta_name.str));
@@ -306,19 +305,12 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context,
unix_username));
}
}
+
if (!NT_STATUS_IS_OK(nt_status)) {
- if (lp_map_to_guest() == MAP_TO_GUEST_ON_VALID_DOMAIN_USER ){
- /*user_info->smb_name.str = lp_guestaccount();*/
- become_root();
- nt_status = smb_pam_accountcheck(lp_guestaccount());
- unbecome_root();
- make_server_info_guest(server_info);
- }else{
- DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
- user_info->smb_name.str, user_info->internal_username.str,
- nt_errstr(nt_status)));
- ZERO_STRUCTP(server_info);
- }
+ DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n",
+ user_info->smb_name.str, user_info->internal_username.str,
+ nt_errstr(nt_status)));
+ ZERO_STRUCTP(server_info);
}
return nt_status;
}
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 4161c6c788..35ae5723b0 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1654,7 +1654,6 @@ struct unix_error_map {
#include "client.h"
*/
-#define MAP_TO_GUEST_ON_VALID_DOMAIN_USER 3
/*
* Size of new password account encoding string. This is enough space to
* hold 11 ACB characters, plus the surrounding [] and a terminating null.
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index c90d214be6..ac6dbb4d4a 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -754,7 +754,6 @@ static const struct enum_list enum_smb_signing_vals[] = {
are rejected, unless the username does not exist, in which case it
is treated as a guest login
- {MAP_TO_GUEST_ON_VALID_DOMAIN_USER, "Non-UNIX Valid Domain User"},
"Bad Password" means session setups with an invalid password
are treated as a guest login
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 0209dc2597..9fbf0b1d51 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -125,7 +125,6 @@ static NTSTATUS check_guest_password(auth_serversupplied_info **server_info)
return nt_status;
}
-
if (!make_user_info_guest(&user_info)) {
(auth_context->free)(&auth_context);
return NT_STATUS_NO_MEMORY;
@@ -147,7 +146,6 @@ static int reply_spnego_kerberos(connection_struct *conn,
int length, int bufsize,
DATA_BLOB *secblob)
{
- int map_domainuser_to_guest = 0;
DATA_BLOB ticket;
char *client, *p, *domain;
fstring netbios_domain_name;
@@ -247,19 +245,14 @@ static int reply_spnego_kerberos(connection_struct *conn,
}
asprintf(&user, "%s%c%s", domain, *lp_winbind_separator(), client);
+
/* lookup the passwd struct, create a new user if necessary */
- if (lp_map_to_guest() == MAP_TO_GUEST_ON_VALID_DOMAIN_USER ){
- map_domainuser_to_guest == 1;
- fstrcpy(user,lp_guestaccount());
- pw = smb_getpwnam( user, real_username, True );
- } else {
map_username( user );
pw = smb_getpwnam( user, real_username, True );
if (!pw) {
- }
DEBUG(1,("Username %s is invalid on this system\n",user));
SAFE_FREE(user);
SAFE_FREE(client);
@@ -272,20 +265,16 @@ static int reply_spnego_kerberos(connection_struct *conn,
sub_set_smb_name( real_username );
reload_services(True);
- if (map_domainuser_to_guest == 1) {
- make_server_info_guest(&server_info);
- }else{
- if (!NT_STATUS_IS_OK(ret = make_server_info_pw(&server_info, real_username, pw)))
+
+ if (!NT_STATUS_IS_OK(ret = make_server_info_pw(&server_info, real_username, pw)))
{
DEBUG(1,("make_server_info_from_pw failed!\n"));
SAFE_FREE(user);
SAFE_FREE(client);
data_blob_free(&ap_rep);
-
data_blob_free(&session_key);
return ERROR_NT(ret);
}
- }
/* make_server_info_pw does not set the domain. Without this we end up
* with the local netbios name in substitutions for %D. */