diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2001-11-09 11:16:06 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2001-11-09 11:16:06 +0000 |
| commit | 395aa946cd4fb9d5e07dd2fee418045a8064dfab (patch) | |
| tree | 33514af6045d3bd11238dac5dd83a853abdbe35c /source3/rpc_server/srv_pipe.c | |
| parent | 50093d3bbda60634b76a7ec14ab60c76a4b83a42 (diff) | |
| download | samba-395aa946cd4fb9d5e07dd2fee418045a8064dfab.tar.gz samba-395aa946cd4fb9d5e07dd2fee418045a8064dfab.tar.bz2 samba-395aa946cd4fb9d5e07dd2fee418045a8064dfab.zip | |
This change updates lp_guestaccount() to be a *global* paramater, rather than
per-share. I beleive that almost all the things that this could have done on
a per-share basis can be done with other tools, like 'force user'.
Almost all the user's of this paramater used it as a global anyway...
While this is one step at a time, I hope it will allow me to considerably
simplfy the make_connection() code, particularly for the user-level security
case.
This already removes an absolute truckload of extra attempted password lookups
on the guest account.
Andrew Bartlett
(This used to be commit 8e708332eded210c1d1fe0cebca3c9c19f054b71)
Diffstat (limited to 'source3/rpc_server/srv_pipe.c')
| -rw-r--r-- | source3/rpc_server/srv_pipe.c | 18 |
1 files changed, 5 insertions, 13 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index e3969f7ea8..b9c40e719b 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -265,7 +265,6 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm int nt_pw_len; int lm_pw_len; fstring user_name; - fstring pipe_user_name; fstring domain; fstring wks; @@ -326,14 +325,7 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm * Allow guest access. Patch from Shirish Kalele <kalele@veritas.com>. */ - if((strlen(user_name) == 0) && - (ntlmssp_resp->hdr_nt_resp.str_str_len==0)) - { - - fstrcpy(pipe_user_name, lp_guestaccount(-1)); - DEBUG(100,("Null user in NTLMSSP verification. Using guest = %s\n", pipe_user_name)); - - } else { + if (*user_name) { /* * Do the length checking only if user is not NULL. @@ -367,8 +359,8 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm p->ntlmssp_auth_validated = NT_STATUS_IS_OK(nt_status); if (!p->ntlmssp_auth_validated) { - DEBUG(1,("api_pipe_ntlmssp_verify: User %s\\%s from machine %s \ -failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name )); + DEBUG(1,("api_pipe_ntlmssp_verify: User [%s]\\[%s] from machine %s \ +failed authentication on named pipe %s.\n", domain, user_name, wks, p->name )); free_server_info(&server_info); return False; } @@ -413,7 +405,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name } fstrcpy(p->user_name, user_name); - fstrcpy(p->pipe_user_name, pipe_user_name); + fstrcpy(p->pipe_user_name, pdb_get_username(server_info->sam_account)); fstrcpy(p->domain, domain); fstrcpy(p->wks, wks); @@ -434,7 +426,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name p->pipe_user.gid = *pgid; /* Set up pipe user group membership. */ - initialise_groups(pipe_user_name, p->pipe_user.uid, p->pipe_user.gid); + initialise_groups(p->pipe_user_name, p->pipe_user.uid, p->pipe_user.gid); get_current_groups( &p->pipe_user.ngroups, &p->pipe_user.groups); if (server_info->ptok) |