This change updates lp_guestaccount() to be a *global* paramater, rather than

per-share.  I beleive that almost all the things that this could have done on
a per-share basis can be done with other tools, like 'force user'.

Almost all the user's of this paramater used it as a global anyway...

While this is one step at a time, I hope it will allow me to considerably
simplfy the make_connection() code, particularly for the user-level security
case.

This already removes an absolute truckload of extra attempted password lookups
on the guest account.

Andrew Bartlett
(This used to be commit 8e708332eded210c1d1fe0cebca3c9c19f054b71)

4 files changed, 10 insertions, 9 deletions

diff --git a/source3/smbd/auth_util.c b/source3/smbd/auth_util.c
index cfdf3a6acc..d442f73a93 100644
--- a/source3/smbd/auth_util.c
+++ b/source3/smbd/auth_util.c
@@ -687,7 +687,7 @@ void free_server_info(auth_serversupplied_info **server_info)
 
 BOOL make_server_info_guest(auth_serversupplied_info **server_info) 
 {
-	struct passwd *pass = sys_getpwnam(lp_guestaccount(-1));
+	struct passwd *pass = sys_getpwnam(lp_guestaccount());
 	
 	if (pass) {
 		if (!make_server_info_pw(server_info, pass)) {
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index cbd4d14681..b2687980ac 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -474,11 +474,12 @@ BOOL authorise_login(int snum,char *user, DATA_BLOB password,
 			return False;
 		}
 
-		if (!vuser->guest && user_ok(vuser->user.unix_name,snum)) {
+		if ((!vuser->guest && user_ok(vuser->user.unix_name,snum)) || 
+		    (vuser->guest && GUEST_OK(snum))) {
 			fstrcpy(user,vuser->user.unix_name);
-			*guest = False;
-			DEBUG(3,("authorise_login: ACCEPTED: validated uid ok as non-guest \
-(user=%s)\n", user));
+			*guest = vuser->guest;
+			DEBUG(3,("authorise_login: ACCEPTED: validated based on vuid as %sguest \
+(user=%s)\n", vuser->guest ? "" : "non-", user));
 			return True;
 		}
 	}
@@ -577,7 +578,7 @@ and given password ok (%s)\n", user));
 	/* check for a normal guest connection */
 	if (!ok && GUEST_OK(snum)) {
 		fstring guestname;
-		StrnCpy(guestname,lp_guestaccount(snum),sizeof(guestname)-1);
+		StrnCpy(guestname,lp_guestaccount(),sizeof(guestname)-1);
 		if (Get_Pwnam(guestname)) {
 			fstrcpy(user,guestname);
 			ok = True;
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 23d99d7352..e2edd5703e 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -383,7 +383,7 @@ static int reply_spnego_anonymous(connection_struct *conn, char *inbuf, char *ou
 
 	nt_status = check_password(user_info, &server_info);
 
-	sess_vuid = register_vuid(server_info, lp_guestaccount(-1));
+	sess_vuid = register_vuid(server_info, lp_guestaccount());
 	free_server_info(&server_info);
   
 	if (sess_vuid == -1) {
@@ -644,7 +644,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
 	if (*user) {
 		pstrcpy(sub_user, user);
 	} else {
-		pstrcpy(sub_user, lp_guestaccount(-1));
+		pstrcpy(sub_user, lp_guestaccount());
 	}
 
 	pstrcpy(current_user_info.smb_name,sub_user);
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index e40b4707fc..4329e3fb76 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -36,7 +36,7 @@ BOOL change_to_guest(void)
 	static fstring guest_name;
 
 	if (!pass) {
-		pass = Get_Pwnam(lp_guestaccount(-1));
+		pass = sys_getpwnam(lp_guestaccount());
 		if (!pass)
 			return(False);
 		guest_uid = pass->pw_uid;