diff options
| author | Volker Lendecke <vl@samba.org> | 2008-05-06 17:48:22 +0200 |
|---|---|---|
| committer | Volker Lendecke <vl@samba.org> | 2008-05-10 11:17:00 +0200 |
| commit | 270a3f2a6f6674c0a854b513b756500a9edb3d21 (patch) | |
| tree | e43bcc84ad177947a3e8c21961b2da1cf0421513 /source3/smbd | |
| parent | b446bb05d0438cd5f831a738c59cd37975e25b67 (diff) | |
| download | samba-270a3f2a6f6674c0a854b513b756500a9edb3d21.tar.gz samba-270a3f2a6f6674c0a854b513b756500a9edb3d21.tar.bz2 samba-270a3f2a6f6674c0a854b513b756500a9edb3d21.zip | |
Add create_connection_server_info() -- not used yet
(This used to be commit 50bf075f7556fd09e0081175c31a5020a8eaf4d6)
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/service.c | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/source3/smbd/service.c b/source3/smbd/service.c index f589f0644b..35a415b0ac 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -640,6 +640,82 @@ static NTSTATUS find_forced_group(bool force_user, } /**************************************************************************** + Create an auth_serversupplied_info structure for a connection_struct +****************************************************************************/ + +static NTSTATUS create_connection_server_info(TALLOC_CTX *mem_ctx, int snum, + struct auth_serversupplied_info *vuid_serverinfo, + DATA_BLOB password, + struct auth_serversupplied_info **presult) +{ + if (lp_guest_only(snum)) { + return make_server_info_guest(mem_ctx, presult); + } + + if (vuid_serverinfo != NULL) { + + struct auth_serversupplied_info *result; + + /* + * This is the normal security != share case where we have a + * valid vuid from the session setup. */ + + if (vuid_serverinfo->guest) { + if (!lp_guest_ok(snum)) { + DEBUG(2, ("guest user (from session setup) " + "not permitted to access this share " + "(%s)\n", lp_servicename(snum))); + return NT_STATUS_ACCESS_DENIED; + } + } else { + if (!user_ok_token(vuid_serverinfo->unix_name, + vuid_serverinfo->ptok, snum)) { + DEBUG(2, ("user '%s' (from session setup) not " + "permitted to access this share " + "(%s)\n", + vuid_serverinfo->unix_name, + lp_servicename(snum))); + return NT_STATUS_ACCESS_DENIED; + } + } + + result = copy_serverinfo(mem_ctx, vuid_serverinfo); + if (result == NULL) { + return NT_STATUS_NO_MEMORY; + } + + *presult = result; + return NT_STATUS_OK; + } + + if (lp_security() == SEC_SHARE) { + + fstring user; + bool guest; + + /* add the sharename as a possible user name if we + are in share mode security */ + + add_session_user(lp_servicename(snum)); + + /* shall we let them in? */ + + if (!authorise_login(snum,user,password,&guest)) { + DEBUG( 2, ( "Invalid username/password for [%s]\n", + lp_servicename(snum)) ); + return NT_STATUS_WRONG_PASSWORD; + } + + return make_serverinfo_from_username(mem_ctx, user, guest, + presult); + } + + DEBUG(0, ("invalid VUID (vuser) but not in security=share\n")); + return NT_STATUS_ACCESS_DENIED; +} + + +/**************************************************************************** Make a connection, given the snum to connect to, and the vuser of the connecting user if appropriate. ****************************************************************************/ |