diff options
Diffstat (limited to 'source3/smbd/sesssetup.c')
-rw-r--r-- | source3/smbd/sesssetup.c | 47 |
1 files changed, 39 insertions, 8 deletions
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 74d9e1cebf..694c0874f2 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -49,9 +49,9 @@ struct pending_auth_data { on a logon error possibly map the error to success if "map to guest" is set approriately */ -NTSTATUS do_map_to_guest(NTSTATUS status, - struct auth_serversupplied_info **server_info, - const char *user, const char *domain) +static NTSTATUS do_map_to_guest_server_info(NTSTATUS status, + struct auth_serversupplied_info **server_info, + const char *user, const char *domain) { user = user ? user : ""; domain = domain ? domain : ""; @@ -76,6 +76,37 @@ NTSTATUS do_map_to_guest(NTSTATUS status, return status; } +/* + on a logon error possibly map the error to success if "map to guest" + is set approriately +*/ +NTSTATUS do_map_to_guest(NTSTATUS status, + struct auth3_session_info **session_info, + const char *user, const char *domain) +{ + user = user ? user : ""; + domain = domain ? domain : ""; + + if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) { + if ((lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) || + (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) { + DEBUG(3,("No such user %s [%s] - using guest account\n", + user, domain)); + status = make_session_info_guest(NULL, session_info); + } + } + + if (NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) { + if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD) { + DEBUG(3,("Registered username %s for guest access\n", + user)); + status = make_session_info_guest(NULL, session_info); + } + } + + return status; +} + /**************************************************************************** Add the standard 'Samba' signature to the end of the session setup. ****************************************************************************/ @@ -251,7 +282,7 @@ static void reply_spnego_kerberos(struct smb_request *req, int sess_vuid = req->vuid; NTSTATUS ret = NT_STATUS_OK; DATA_BLOB ap_rep, ap_rep_wrapped, response; - struct auth_serversupplied_info *session_info = NULL; + struct auth3_session_info *session_info = NULL; DATA_BLOB session_key = data_blob_null; uint8 tok_id[2]; DATA_BLOB nullblob = data_blob_null; @@ -456,7 +487,7 @@ static void reply_spnego_ntlmssp(struct smb_request *req, { bool do_invalidate = true; DATA_BLOB response; - struct auth_serversupplied_info *session_info = NULL; + struct auth3_session_info *session_info = NULL; struct smbd_server_connection *sconn = req->sconn; if (NT_STATUS_IS_OK(nt_status)) { @@ -1297,7 +1328,7 @@ void reply_sesssetup_and_X(struct smb_request *req) const char *primary_domain; struct auth_usersupplied_info *user_info = NULL; struct auth_serversupplied_info *server_info = NULL; - struct auth_serversupplied_info *session_info = NULL; + struct auth3_session_info *session_info = NULL; uint16 smb_flag2 = req->flags2; NTSTATUS nt_status; @@ -1635,8 +1666,8 @@ void reply_sesssetup_and_X(struct smb_request *req) free_user_info(&user_info); if (!NT_STATUS_IS_OK(nt_status)) { - nt_status = do_map_to_guest(nt_status, &server_info, - user, domain); + nt_status = do_map_to_guest_server_info(nt_status, &server_info, + user, domain); } if (!NT_STATUS_IS_OK(nt_status)) { |