diff options
author | Andrew Bartlett <abartlet@samba.org> | 2012-03-05 07:47:50 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2012-03-04 23:33:05 +0100 |
commit | 2c7d77c77f3709fc340a30cb48a6c289fe8d42dd (patch) | |
tree | b398f96560e16f2f547ae26e0c4a65f781c89371 | |
parent | 8b99c83d2fc25424a5cd021c9a65d0e235cea621 (diff) | |
download | samba-2c7d77c77f3709fc340a30cb48a6c289fe8d42dd.tar.gz samba-2c7d77c77f3709fc340a30cb48a6c289fe8d42dd.tar.bz2 samba-2c7d77c77f3709fc340a30cb48a6c289fe8d42dd.zip |
s3-smbd: vuser and session_info cannot be NULL here
The callers always supply it. (this is a hold-over from the
security=share removal).
Andrew Bartlett
-rw-r--r-- | source3/smbd/service.c | 68 |
1 files changed, 31 insertions, 37 deletions
diff --git a/source3/smbd/service.c b/source3/smbd/service.c index c53323381e..3b14634b6c 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -383,49 +383,43 @@ static NTSTATUS create_connection_session_info(struct smbd_server_connection *sc struct auth_session_info *session_info, struct auth_session_info **presult) { + struct auth_session_info *result; + if (lp_guest_only(snum)) { return make_session_info_guest(mem_ctx, presult); } - if (session_info != NULL) { - - struct auth_session_info *result; - - /* - * This is the normal security != share case where we have a - * valid vuid from the session setup. */ - - if (security_session_user_level(session_info, NULL) < SECURITY_USER) { - if (!lp_guest_ok(snum)) { - DEBUG(2, ("guest user (from session setup) " - "not permitted to access this share " - "(%s)\n", lp_servicename(snum))); - return NT_STATUS_ACCESS_DENIED; - } - } else { - if (!user_ok_token(session_info->unix_info->unix_name, - session_info->info->domain_name, - session_info->security_token, snum)) { - DEBUG(2, ("user '%s' (from session setup) not " - "permitted to access this share " - "(%s)\n", - session_info->unix_info->unix_name, - lp_servicename(snum))); - return NT_STATUS_ACCESS_DENIED; - } - } - - result = copy_session_info(mem_ctx, session_info); - if (result == NULL) { - return NT_STATUS_NO_MEMORY; + /* + * This is the normal security != share case where we have a + * valid vuid from the session setup. */ + + if (security_session_user_level(session_info, NULL) < SECURITY_USER) { + if (!lp_guest_ok(snum)) { + DEBUG(2, ("guest user (from session setup) " + "not permitted to access this share " + "(%s)\n", lp_servicename(snum))); + return NT_STATUS_ACCESS_DENIED; + } + } else { + if (!user_ok_token(session_info->unix_info->unix_name, + session_info->info->domain_name, + session_info->security_token, snum)) { + DEBUG(2, ("user '%s' (from session setup) not " + "permitted to access this share " + "(%s)\n", + session_info->unix_info->unix_name, + lp_servicename(snum))); + return NT_STATUS_ACCESS_DENIED; } + } - *presult = result; - return NT_STATUS_OK; - } + result = copy_session_info(mem_ctx, session_info); + if (result == NULL) { + return NT_STATUS_NO_MEMORY; + } - DEBUG(0, ("invalid VUID (vuser)\n")); - return NT_STATUS_ACCESS_DENIED; + *presult = result; + return NT_STATUS_OK; } /**************************************************************************** @@ -558,7 +552,7 @@ static NTSTATUS make_connection_snum(struct smbd_server_connection *sconn, conn->params->service = snum; status = create_connection_session_info(sconn, - conn, snum, vuser ? vuser->session_info : NULL, + conn, snum, vuser->session_info, &conn->session_info); if (!NT_STATUS_IS_OK(status)) { |