r4339: - rename auth_guest to auth_anonymous

- don't use static const strings in the server_info

- fix segfault when auth_sam gets "" as username

metze
(This used to be commit 7fcbd483d4977cf6483f34ddd28e6c0182897ba2)

3 files changed, 68 insertions, 62 deletions

diff --git a/source4/auth/auth_builtin.c b/source4/auth/auth_builtin.c
index 56c465cfae..f3169231e8 100644
--- a/source4/auth/auth_builtin.c
+++ b/source4/auth/auth_builtin.c
@@ -21,19 +21,72 @@
 
 #include "includes.h"
 #include "auth/auth.h"
+#include "librpc/gen_ndr/ndr_samr.h"
+#include "librpc/gen_ndr/ndr_security.h"
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_AUTH
 
+/***************************************************************************
+ Make (and fill) a user_info struct for a anonymous login.
+***************************************************************************/
+static NTSTATUS make_server_info_anonymous(TALLOC_CTX *mem_ctx, struct auth_serversupplied_info **server_info)
+{
+	*server_info = talloc_p(mem_ctx, struct auth_serversupplied_info);
+	if (!*server_info) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	(*server_info)->guest = True;
+
+	(*server_info)->user_sid = dom_sid_parse_talloc((*server_info), SID_NT_ANONYMOUS);
+
+	/* is this correct? */
+	(*server_info)->primary_group_sid = dom_sid_parse_talloc((*server_info), SID_BUILTIN_GUESTS);
+
+	(*server_info)->n_domain_groups = 0;
+	(*server_info)->domain_groups = NULL;
+
+	/* annoying, but the Guest really does have a session key, 
+	   and it is all zeros! */
+	(*server_info)->user_session_key = data_blob_talloc(*server_info, NULL, 16);
+	(*server_info)->lm_session_key = data_blob_talloc(*server_info, NULL, 16);
+
+	data_blob_clear(&(*server_info)->user_session_key);
+	data_blob_clear(&(*server_info)->lm_session_key);
+
+	(*server_info)->account_name = talloc_strdup((*server_info), "ANONYMOUS LOGON");
+	(*server_info)->domain = talloc_strdup((*server_info), "NT AUTHORITY");
+	(*server_info)->full_name = talloc_strdup((*server_info), "Anonymous Logon");
+	(*server_info)->logon_script = talloc_strdup((*server_info), "");
+	(*server_info)->profile_path = talloc_strdup((*server_info), "");
+	(*server_info)->home_directory = talloc_strdup((*server_info), "");
+	(*server_info)->home_drive = talloc_strdup((*server_info), "");
+
+	(*server_info)->last_logon = 0;
+	(*server_info)->last_logoff = 0;
+	(*server_info)->acct_expiry = 0;
+	(*server_info)->last_password_change = 0;
+	(*server_info)->allow_password_change = 0;
+	(*server_info)->force_password_change = 0;
+
+	(*server_info)->logon_count = 0;
+	(*server_info)->bad_password_count = 0;
+
+	(*server_info)->acct_flags = ACB_NORMAL;
+
+	return NT_STATUS_OK;
+}
+
 /**
- * Return a guest logon for guest users (username = "")
+ * Return a anonymous logon for anonymous users (username = "")
  *
  * Typically used as the first module in the auth chain, this allows
  * guest logons to be dealt with in one place.  Non-guest logons 'fail'
  * and pass onto the next module.
  **/
 
-static NTSTATUS check_guest_security(const struct auth_context *auth_context,
+static NTSTATUS check_anonymous_security(const struct auth_context *auth_context,
 				     void *my_private_data, 
 				     TALLOC_CTX *mem_ctx,
 				     const struct auth_usersupplied_info *user_info, 
@@ -44,8 +97,8 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context,
 
 	if (!(user_info->internal_username.str 
 	      && *user_info->internal_username.str)) {
-		nt_status = make_server_info_guest(discard_const(auth_context), 
-						   server_info);
+		nt_status = make_server_info_anonymous(discard_const(auth_context), 
+							server_info);
 	}
 
 	return nt_status;
@@ -53,15 +106,15 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context,
 
 /* Guest modules initialisation */
 
-static NTSTATUS auth_init_guest(struct auth_context *auth_context, 
+static NTSTATUS auth_init_anonymous(struct auth_context *auth_context, 
 				const char *options, 
 				struct auth_methods **auth_method) 
 {
 	if (!make_auth_methods(auth_context, auth_method))
 		return NT_STATUS_NO_MEMORY;
 
-	(*auth_method)->auth = check_guest_security;
-	(*auth_method)->name = "guest";
+	(*auth_method)->auth = check_anonymous_security;
+	(*auth_method)->name = "anonymous";
 	return NT_STATUS_OK;
 }
 
@@ -175,8 +228,8 @@ NTSTATUS auth_builtin_init(void)
 	NTSTATUS ret;
 	struct auth_operations ops;
 
-	ops.name = "guest";
-	ops.init = auth_init_guest;
+	ops.name = "anonymous";
+	ops.init = auth_init_anonymous;
 	ret = auth_register(&ops);
 	if (!NT_STATUS_IS_OK(ret)) {
 		DEBUG(0,("Failed to register '%s' auth backend!\n",
diff --git a/source4/auth/auth_sam.c b/source4/auth/auth_sam.c
index 501b5ca080..236a68fe9d 100644
--- a/source4/auth/auth_sam.c
+++ b/source4/auth/auth_sam.c
@@ -500,14 +500,18 @@ static NTSTATUS check_sam_security_internals(const struct auth_context *auth_con
 					     const struct auth_usersupplied_info *user_info, 
 					     struct auth_serversupplied_info **server_info)
 {
-	NTSTATUS nt_status;
-
+	/* mark this as 'not for me' */
+	NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED;
 	const char *username = user_info->internal_username.str;
 	struct ldb_message **msgs;
 	struct ldb_message **domain_msgs;
 	void *sam_ctx;
 	DATA_BLOB user_sess_key, lm_sess_key;
 
+	if (!username || !*username) {
+		return nt_status;
+	}
+
 	sam_ctx = samdb_connect(mem_ctx);
 	if (sam_ctx == NULL) {
 		return NT_STATUS_INVALID_SYSTEM_SERVICE;
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c
index 2b6d5324ee..9af4410a93 100644
--- a/source4/auth/auth_util.c
+++ b/source4/auth/auth_util.c
@@ -431,57 +431,6 @@ NTSTATUS make_server_info(const TALLOC_CTX *mem_ctx,
 }
 
 /***************************************************************************
- Make (and fill) a user_info struct for a guest login.
-***************************************************************************/
-NTSTATUS make_server_info_guest(TALLOC_CTX *mem_ctx, struct auth_serversupplied_info **server_info)
-{
-	NTSTATUS nt_status;
-
-	nt_status = make_server_info(mem_ctx, server_info, "");
-
-	if (!NT_STATUS_IS_OK(nt_status)) {
-		return nt_status;
-	}
-	
-	(*server_info)->guest = True;
-
-	(*server_info)->user_sid = dom_sid_parse_talloc((*server_info), SID_NT_ANONYMOUS);
-	(*server_info)->primary_group_sid = dom_sid_parse_talloc((*server_info), SID_BUILTIN_GUESTS);
-	(*server_info)->n_domain_groups = 0;
-	(*server_info)->domain_groups = NULL;
-	
-	/* annoying, but the Guest really does have a session key, 
-	   and it is all zeros! */
-	(*server_info)->user_session_key = data_blob_talloc(*server_info, NULL, 16);
-	(*server_info)->lm_session_key = data_blob_talloc(*server_info, NULL, 16);
-
-	data_blob_clear(&(*server_info)->user_session_key);
-	data_blob_clear(&(*server_info)->lm_session_key);
-
-	(*server_info)->account_name = "";
-	(*server_info)->domain = "";
-	(*server_info)->full_name = "Anonymous";
-	(*server_info)->logon_script = "";
-	(*server_info)->profile_path = "";
-	(*server_info)->home_directory = "";
-	(*server_info)->home_drive = "";
-
-	(*server_info)->last_logon = 0;
-	(*server_info)->last_logoff = 0;
-	(*server_info)->acct_expiry = 0;
-	(*server_info)->last_password_change = 0;
-	(*server_info)->allow_password_change = 0;
-	(*server_info)->force_password_change = 0;
-
-	(*server_info)->logon_count = 0;
-	(*server_info)->bad_password_count = 0;
-
-	(*server_info)->acct_flags = ACB_NORMAL;
-
-	return nt_status;
-}
-
-/***************************************************************************
  Make a server_info struct from the info3 returned by a domain logon 
 ***************************************************************************/