summaryrefslogtreecommitdiff
path: root/source3/smbd/password.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-07-19 11:57:05 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-07-20 09:17:14 +1000
commit662282106318e3f1f0bbcc7281f49ee5b3727f21 (patch)
tree615737d5c566c5ff5071d9db8227498f689e74f3 /source3/smbd/password.c
parent9d09b66f41cb4ab58bd4a6d83ecebb91805a4b5b (diff)
downloadsamba-662282106318e3f1f0bbcc7281f49ee5b3727f21.tar.gz
samba-662282106318e3f1f0bbcc7281f49ee5b3727f21.tar.bz2
samba-662282106318e3f1f0bbcc7281f49ee5b3727f21.zip
s3-auth Remove seperate guest boolean
Instead, we base our guest calculations on the presence or absense of the authenticated users group in the token, ensuring that we have only one canonical source of this important piece of authorization data Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/smbd/password.c')
-rw-r--r--source3/smbd/password.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index d529dc1a63..e23818f2d1 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -24,6 +24,7 @@
#include "smbd/globals.h"
#include "../librpc/gen_ndr/netlogon.h"
#include "auth.h"
+#include "../libcli/security/security.h"
/* Fix up prototypes for OSX 10.4, where they're missing */
#ifndef HAVE_SETNETGRENT_PROTOTYPE
@@ -269,6 +270,7 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
{
fstring tmp;
user_struct *vuser;
+ bool guest = security_session_user_level(session_info, NULL) < SECURITY_USER;
vuser = get_partial_auth_user_struct(sconn, vuid);
if (!vuser) {
@@ -294,7 +296,7 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
vuser->session_info->unix_info->unix_name,
vuser->session_info->unix_info->sanitized_username,
vuser->session_info->info->domain_name,
- vuser->session_info->unix_info->guest ));
+ guest));
DEBUG(3, ("register_existing_vuid: User name: %s\t"
"Real name: %s\n", vuser->session_info->unix_info->unix_name,
@@ -328,13 +330,14 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
vuser->homes_snum = -1;
- if (!vuser->session_info->unix_info->guest) {
+
+ if (!guest) {
vuser->homes_snum = register_homes_share(
vuser->session_info->unix_info->unix_name);
}
if (srv_is_signing_negotiated(sconn) &&
- !vuser->session_info->unix_info->guest) {
+ !guest) {
/* Try and turn on server signing on the first non-guest
* sessionsetup. */
srv_set_signing(sconn,