the first independent msrpc daemon - lsarpcd.

one horrible cut / paste job from smbd, plus a code split of shared
components between the two.

the job is not _yet_ complete, as i need to be able to do a become_user()
call for security reasons.  i picked lsarpcd first because you don't
_need_ security on it (microsoft botched so badly on this one, it's not
real.  at least they fixed this in nt5 with restrictanonymous=0x2).
fixing this involves sending the current smb and unix credentials down
the unix pipe so that the daemon it eventually goes to can pick them
up at the other end.

i can't believe this all worked!!!
(This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26)

1 files changed, 29 insertions, 0 deletions

diff --git a/source3/lib/username.c b/source3/lib/username.c
index 87fe39466f..9f51d06642 100644
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -566,6 +566,35 @@ static BOOL user_in_group_list(char *user,char *gname)
 }	      
 
 /****************************************************************************
+check if a username is valid
+****************************************************************************/
+BOOL user_ok(char *user,int snum)
+{
+	pstring valid, invalid;
+	BOOL ret;
+
+	StrnCpy(valid, lp_valid_users(snum), sizeof(pstring));
+	StrnCpy(invalid, lp_invalid_users(snum), sizeof(pstring));
+
+	string_sub(valid,"%S",lp_servicename(snum));
+	string_sub(invalid,"%S",lp_servicename(snum));
+	
+	ret = !user_in_list(user,invalid);
+	
+	if (ret && valid && *valid) {
+		ret = user_in_list(user,valid);
+	}
+
+	if (ret && lp_onlyuser(snum)) {
+		char *user_list = lp_username(snum);
+		string_sub(user_list,"%S",lp_servicename(snum));
+		ret = user_in_list(user,user_list);
+	}
+
+	return(ret);
+}
+
+/****************************************************************************
 check if a user is in a user list - can check combinations of UNIX
 and netgroup lists.
 ****************************************************************************/