summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/smbd/reply.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index d27f7842eb..edcc3f4838 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -858,6 +858,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int
domain,native_os,native_lanman));
}
+ /* don't allow for weird usernames */
+ alpha_strcpy(user, user, ". _-", sizeof(user));
+ if (strstr(user, "..")) {
+ return bad_password_error(inbuf, outbuf);
+ }
+
DEBUG(3,("sesssetupX:name=[%s]\n",user));
/* If name ends in $ then I think it's asking about whether a */