s3-auth Remove seperate guest boolean

Instead, we base our guest calculations on the presence or absense of the
authenticated users group in the token, ensuring that we have only
one canonical source of this important piece of authorization data

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

1 files changed, 4 insertions, 3 deletions

diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index b6a3243b85..2df8b435e5 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -35,6 +35,7 @@
 #include "auth.h"
 #include "messages.h"
 #include "smbprofile.h"
+#include "../libcli/security/security.h"
 
 /* For split krb5 SPNEGO blobs. */
 struct pending_auth_data {
@@ -441,7 +442,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
 
 		SSVAL(req->outbuf, smb_vwv3, 0);
 
-		if (session_info->unix_info->guest) {
+		if (security_session_user_level(session_info, NULL) < SECURITY_USER) {
 			SSVAL(req->outbuf,smb_vwv2,1);
 		}
 
@@ -535,7 +536,7 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 
 		SSVAL(req->outbuf, smb_vwv3, 0);
 
-		if (session_info->unix_info->guest) {
+		if (security_session_user_level(session_info, NULL) < SECURITY_USER) {
 			SSVAL(req->outbuf,smb_vwv2,1);
 		}
 	}
@@ -1702,7 +1703,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
 		/* perhaps grab OS version here?? */
 	}
 
-	if (session_info->unix_info->guest) {
+	if (security_session_user_level(session_info, NULL) < SECURITY_USER) {
 		SSVAL(req->outbuf,smb_vwv2,1);
 	}