3 files changed, 31 insertions, 11 deletions

diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 315c7fbb51..5869588664 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -409,8 +409,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
   }
 
 
+  /* If no username is sent use the guest account */
   if (!*user)
-    strcpy(user,lp_guestaccount(-1));
+    {
+      strcpy(user,lp_guestaccount(-1));
+      /* If no user and no password then set guest flag. */
+      if( *smb_apasswd == 0)
+        guest = True;
+    }
 
   strlower(user);
 
@@ -421,24 +427,22 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
   add_session_user(user);
 
 
-  if (!(lp_security() == SEC_SERVER && server_validate(inbuf)) &&
+  if (!guest && !(lp_security() == SEC_SERVER && server_validate(inbuf)) &&
       !check_hosts_equiv(user))
     {
 
-      if (strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0))
-	guest = True;
-  
       /* now check if it's a valid username/password */
       /* If an NT password was supplied try and validate with that
-	 first. This is superior as the passwords are mixed case 128 length unicode */
-      if(smb_ntpasslen && !guest)
+	 first. This is superior as the passwords are mixed case 
+         128 length unicode */
+      if(smb_ntpasslen)
 	{
 	  if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL))
 	    DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n"));
 	  else
 	    valid_nt_password = True;
 	} 
-      if (!valid_nt_password && !guest && !password_ok(user,smb_apasswd,smb_apasslen,NULL))
+      if (!valid_nt_password && !password_ok(user,smb_apasswd,smb_apasslen,NULL))
 	{
 	  if (!computer_id && lp_security() >= SEC_USER) {
 #if (GUEST_SESSSETUP == 0)
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 2969624215..5f5404bcc2 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -817,6 +817,22 @@ BOOL check_name(char *name,int cnum)
     }
 
   ret = reduce_name(name,Connections[cnum].connectpath,lp_widelinks(SNUM(cnum)));
+
+  /* Check if we are allowing users to follow symlinks */
+  /* Patch from David Clerc <David.Clerc@cui.unige.ch>
+     University of Geneva */
+
+  if (!lp_symlinks(SNUM(cnum)))
+    {
+      struct stat statbuf;
+      if ( (sys_lstat(name,&statbuf) != -1) &&
+          (S_ISLNK(statbuf.st_mode)) )
+        {
+          DEBUG(3,("check_name: denied: file path name %s is a symlink\n",name));
+          ret=0; 
+        }
+    }
+
   if (!ret)
     DEBUG(5,("check_name on %s failed\n",name));
 
@@ -4111,7 +4127,7 @@ static void usage(char *pname)
 
   setup_logging(argv[0],False);
 
-  charset_initialise(-1);
+  charset_initialise();
 
   /* make absolutely sure we run as root - to handle cases whre people
      are crazy enough to have it setuid */
@@ -4226,7 +4242,7 @@ static void usage(char *pname)
   if (!reload_services(False))
     return(-1);	
 
-  charset_initialise(lp_client_code_page());
+  codepage_initialise(lp_client_code_page());
 
   strcpy(myworkgroup, lp_workgroup());
 
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 0cf1c217a9..cdc4e474c6 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -83,7 +83,7 @@ static BOOL become_uid(int uid)
 		&priv, sizeof(priv_t)) < 0 ||
 	setuidx(ID_REAL|ID_EFFECTIVE, (uid_t)uid) < 0 ||
 	seteuid((uid_t)uid) < 0) 
-      DEBUG(1,("Can't set uid (AIX3)"));
+      DEBUG(1,("Can't set uid (AIX3)\n"));
   }
 #endif