diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/auth/auth.c | 18 | ||||
-rw-r--r-- | source3/include/smb.h | 1 | ||||
-rw-r--r-- | source3/param/loadparm.c | 1 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 17 |
4 files changed, 8 insertions, 29 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c index e38279a140..b777e97cc9 100644 --- a/source3/auth/auth.c +++ b/source3/auth/auth.c @@ -215,7 +215,6 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, if (!user_info || !auth_context || !server_info) return NT_STATUS_LOGON_FAILURE; - DEBUG(3, ("check_ntlm_password: Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n", user_info->client_domain.str, user_info->smb_name.str, user_info->wksta_name.str)); @@ -306,19 +305,12 @@ static NTSTATUS check_ntlm_password(const struct auth_context *auth_context, unix_username)); } } + if (!NT_STATUS_IS_OK(nt_status)) { - if (lp_map_to_guest() == MAP_TO_GUEST_ON_VALID_DOMAIN_USER ){ - /*user_info->smb_name.str = lp_guestaccount();*/ - become_root(); - nt_status = smb_pam_accountcheck(lp_guestaccount()); - unbecome_root(); - make_server_info_guest(server_info); - }else{ - DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n", - user_info->smb_name.str, user_info->internal_username.str, - nt_errstr(nt_status))); - ZERO_STRUCTP(server_info); - } + DEBUG(2, ("check_ntlm_password: Authentication for user [%s] -> [%s] FAILED with error %s\n", + user_info->smb_name.str, user_info->internal_username.str, + nt_errstr(nt_status))); + ZERO_STRUCTP(server_info); } return nt_status; } diff --git a/source3/include/smb.h b/source3/include/smb.h index 4161c6c788..35ae5723b0 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -1654,7 +1654,6 @@ struct unix_error_map { #include "client.h" */ -#define MAP_TO_GUEST_ON_VALID_DOMAIN_USER 3 /* * Size of new password account encoding string. This is enough space to * hold 11 ACB characters, plus the surrounding [] and a terminating null. diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index c90d214be6..ac6dbb4d4a 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -754,7 +754,6 @@ static const struct enum_list enum_smb_signing_vals[] = { are rejected, unless the username does not exist, in which case it is treated as a guest login - {MAP_TO_GUEST_ON_VALID_DOMAIN_USER, "Non-UNIX Valid Domain User"}, "Bad Password" means session setups with an invalid password are treated as a guest login diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 0209dc2597..9fbf0b1d51 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -125,7 +125,6 @@ static NTSTATUS check_guest_password(auth_serversupplied_info **server_info) return nt_status; } - if (!make_user_info_guest(&user_info)) { (auth_context->free)(&auth_context); return NT_STATUS_NO_MEMORY; @@ -147,7 +146,6 @@ static int reply_spnego_kerberos(connection_struct *conn, int length, int bufsize, DATA_BLOB *secblob) { - int map_domainuser_to_guest = 0; DATA_BLOB ticket; char *client, *p, *domain; fstring netbios_domain_name; @@ -247,19 +245,14 @@ static int reply_spnego_kerberos(connection_struct *conn, } asprintf(&user, "%s%c%s", domain, *lp_winbind_separator(), client); + /* lookup the passwd struct, create a new user if necessary */ - if (lp_map_to_guest() == MAP_TO_GUEST_ON_VALID_DOMAIN_USER ){ - map_domainuser_to_guest == 1; - fstrcpy(user,lp_guestaccount()); - pw = smb_getpwnam( user, real_username, True ); - } else { map_username( user ); pw = smb_getpwnam( user, real_username, True ); if (!pw) { - } DEBUG(1,("Username %s is invalid on this system\n",user)); SAFE_FREE(user); SAFE_FREE(client); @@ -272,20 +265,16 @@ static int reply_spnego_kerberos(connection_struct *conn, sub_set_smb_name( real_username ); reload_services(True); - if (map_domainuser_to_guest == 1) { - make_server_info_guest(&server_info); - }else{ - if (!NT_STATUS_IS_OK(ret = make_server_info_pw(&server_info, real_username, pw))) + + if (!NT_STATUS_IS_OK(ret = make_server_info_pw(&server_info, real_username, pw))) { DEBUG(1,("make_server_info_from_pw failed!\n")); SAFE_FREE(user); SAFE_FREE(client); data_blob_free(&ap_rep); - data_blob_free(&session_key); return ERROR_NT(ret); } - } /* make_server_info_pw does not set the domain. Without this we end up * with the local netbios name in substitutions for %D. */ |