diff options
| author | Jeremy Allison <jra@samba.org> | 1998-06-15 18:19:54 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 1998-06-15 18:19:54 +0000 |
| commit | 644fbaaf9ba38a5f3d60f27f7110e755b20d31e7 (patch) | |
| tree | a433f6cc33cefceb846b9a81aa541c2903d818fb /source3/smbd/reply.c | |
| parent | 39c13bbeef6878e14c743831d63c33121d09e0bc (diff) | |
| download | samba-644fbaaf9ba38a5f3d60f27f7110e755b20d31e7.tar.gz samba-644fbaaf9ba38a5f3d60f27f7110e755b20d31e7.tar.bz2 samba-644fbaaf9ba38a5f3d60f27f7110e755b20d31e7.zip | |
Makefile:
smbumount.c: Added fixes to compile under Linux.
includes.h: Added SunOS 4.x QSORT_CAST fix.
reply.c: Fixed user name mapping function for security=server, security=domain.
Jeremy.
(This used to be commit 21ca6bfb3ba3927efaf7eeff4325976d41489be2)
Diffstat (limited to 'source3/smbd/reply.c')
| -rw-r--r-- | source3/smbd/reply.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a9db0b3840..9177b3cde1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -482,6 +482,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) pstring smb_ntpasswd; BOOL valid_nt_password = False; pstring user; + pstring orig_user; BOOL guest=False; static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); @@ -624,6 +625,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) reload_services(True); /* + * Save the username before mapping. We will use + * the original username sent to us for security=server + * and security=domain checking. + */ + + pstrcpy( orig_user, user); + + /* * Pass the user through the NT -> unix user mapping * function. */ @@ -645,14 +654,17 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) guest = True; if (!guest && !(lp_security() == SEC_SERVER && - server_validate(user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !(lp_security() == SEC_DOMAIN && - domain_client_validate(user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !check_hosts_equiv(user)) + /* Check with orig_user for security=server and + security=domain. */ + server_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && + !(lp_security() == SEC_DOMAIN && + domain_client_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && + !check_hosts_equiv(user) + ) { /* now check if it's a valid username/password */ |