diff options
| author | Gerald Carter <jerry@samba.org> | 2006-03-09 22:31:37 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:11:13 -0500 |
| commit | 1de2983de4ea1a482c294a9ecce8437cc35ff7ee (patch) | |
| tree | 6b04ba8452a08e3396964e7965ad64582042cc16 /source3 | |
| parent | f0210601d19016d0c932ad1623e77a70c9aee023 (diff) | |
| download | samba-1de2983de4ea1a482c294a9ecce8437cc35ff7ee.tar.gz samba-1de2983de4ea1a482c294a9ecce8437cc35ff7ee.tar.bz2 samba-1de2983de4ea1a482c294a9ecce8437cc35ff7ee.zip | |
r14112: * fix checks on return code from register_vuid() which could actually
fail and we would still return success in the SMBsesssetup reply :-(
* Make sure to create the local token for the server_fino struct
in reply_spnego_kerberos() so that register_vuid() does not fail.
(how did this ever work?)
(This used to be commit 8dafa45b97020d1aceb027a85e18401c965bf402)
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/auth/auth_util.c | 2 | ||||
| -rw-r--r-- | source3/smbd/password.c | 2 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 23 |
3 files changed, 20 insertions, 7 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 263d8f2df7..357da1fdb7 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1301,8 +1301,6 @@ BOOL init_guest_info(void) { if (guest_info != NULL) return True; - - return NT_STATUS_IS_OK(make_new_server_info_guest(&guest_info)); } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 8b88990e2f..8d33c1deed 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -305,7 +305,7 @@ int register_vuid(auth_serversupplied_info *server_info, DEBUG(1, ("Failed to claim session for vuid=%d\n", vuser->vuid)); invalidate_vuid(vuser->vuid); - return -1; + return UID_FIELD_INVALID; } /* Register a home dir service for this user iff diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 1be117a7d4..1abb800627 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -349,6 +349,21 @@ static int reply_spnego_kerberos(connection_struct *conn, pdb_set_domain(server_info->sam_account, domain, PDB_SET); } } + + /* we need to build the token for the user. make_server_info_guest() + already does this */ + + if ( !server_info->ptok ) { + ret = create_local_token( server_info ); + if ( !NT_STATUS_IS_OK(ret) ) { + SAFE_FREE(client); + data_blob_free(&ap_rep); + data_blob_free(&session_key); + TALLOC_FREE( mem_ctx ); + TALLOC_FREE( server_info ); + return ERROR_NT(ret); + } + } /* register_vuid keeps the server info */ /* register_vuid takes ownership of session_key, no need to free after this. @@ -357,7 +372,7 @@ static int reply_spnego_kerberos(connection_struct *conn, SAFE_FREE(client); - if (sess_vuid == -1) { + if (sess_vuid == UID_FIELD_INVALID ) { ret = NT_STATUS_LOGON_FAILURE; } else { /* current_user_info is changed on new vuid */ @@ -429,7 +444,7 @@ static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *out sess_vuid = register_vuid(server_info, session_key, nullblob, (*auth_ntlmssp_state)->ntlmssp_state->user); (*auth_ntlmssp_state)->server_info = NULL; - if (sess_vuid == -1) { + if (sess_vuid == UID_FIELD_INVALID ) { nt_status = NT_STATUS_LOGON_FAILURE; } else { @@ -674,7 +689,7 @@ static int reply_sesssetup_and_X_spnego(connection_struct *conn, char *inbuf, vuser = get_partial_auth_user_struct(vuid); if (!vuser) { vuid = register_vuid(NULL, data_blob(NULL, 0), data_blob(NULL, 0), NULL); - if (vuid == -1) { + if (vuid == UID_FIELD_INVALID ) { return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } @@ -1100,7 +1115,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf, data_blob_free(&nt_resp); data_blob_free(&lm_resp); - if (sess_vuid == -1) { + if (sess_vuid == UID_FIELD_INVALID) { return ERROR_NT(NT_STATUS_LOGON_FAILURE); } |