summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2001-11-09 11:16:06 +0000
committerAndrew Bartlett <abartlet@samba.org>2001-11-09 11:16:06 +0000
commit395aa946cd4fb9d5e07dd2fee418045a8064dfab (patch)
tree33514af6045d3bd11238dac5dd83a853abdbe35c /source3/rpc_server
parent50093d3bbda60634b76a7ec14ab60c76a4b83a42 (diff)
downloadsamba-395aa946cd4fb9d5e07dd2fee418045a8064dfab.tar.gz
samba-395aa946cd4fb9d5e07dd2fee418045a8064dfab.tar.bz2
samba-395aa946cd4fb9d5e07dd2fee418045a8064dfab.zip
This change updates lp_guestaccount() to be a *global* paramater, rather than
per-share. I beleive that almost all the things that this could have done on a per-share basis can be done with other tools, like 'force user'. Almost all the user's of this paramater used it as a global anyway... While this is one step at a time, I hope it will allow me to considerably simplfy the make_connection() code, particularly for the user-level security case. This already removes an absolute truckload of extra attempted password lookups on the guest account. Andrew Bartlett (This used to be commit 8e708332eded210c1d1fe0cebca3c9c19f054b71)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_pipe.c18
1 files changed, 5 insertions, 13 deletions
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index e3969f7ea8..b9c40e719b 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -265,7 +265,6 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm
int nt_pw_len;
int lm_pw_len;
fstring user_name;
- fstring pipe_user_name;
fstring domain;
fstring wks;
@@ -326,14 +325,7 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm
* Allow guest access. Patch from Shirish Kalele <kalele@veritas.com>.
*/
- if((strlen(user_name) == 0) &&
- (ntlmssp_resp->hdr_nt_resp.str_str_len==0))
- {
-
- fstrcpy(pipe_user_name, lp_guestaccount(-1));
- DEBUG(100,("Null user in NTLMSSP verification. Using guest = %s\n", pipe_user_name));
-
- } else {
+ if (*user_name) {
/*
* Do the length checking only if user is not NULL.
@@ -367,8 +359,8 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm
p->ntlmssp_auth_validated = NT_STATUS_IS_OK(nt_status);
if (!p->ntlmssp_auth_validated) {
- DEBUG(1,("api_pipe_ntlmssp_verify: User %s\\%s from machine %s \
-failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name ));
+ DEBUG(1,("api_pipe_ntlmssp_verify: User [%s]\\[%s] from machine %s \
+failed authentication on named pipe %s.\n", domain, user_name, wks, p->name ));
free_server_info(&server_info);
return False;
}
@@ -413,7 +405,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
}
fstrcpy(p->user_name, user_name);
- fstrcpy(p->pipe_user_name, pipe_user_name);
+ fstrcpy(p->pipe_user_name, pdb_get_username(server_info->sam_account));
fstrcpy(p->domain, domain);
fstrcpy(p->wks, wks);
@@ -434,7 +426,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
p->pipe_user.gid = *pgid;
/* Set up pipe user group membership. */
- initialise_groups(pipe_user_name, p->pipe_user.uid, p->pipe_user.gid);
+ initialise_groups(p->pipe_user_name, p->pipe_user.uid, p->pipe_user.gid);
get_current_groups( &p->pipe_user.ngroups, &p->pipe_user.groups);
if (server_info->ptok)