From 578a39d44f532a211169a7635043e2dfc18b3c65 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 17 Aug 2001 07:03:27 +0000 Subject: smbd/auth_server: Doco, we want to use cli_nt_error here soon smbd/password.c: We don't use globals here anymore smbd/reply.c: Tidyness, global_myworkgroup must die! smbd/service.c: Move some of the make_connection code into a helper function. (This used to be commit 15c87e404fcaff9e360a40b8b673938c6e611daf) --- source3/auth/auth_server.c | 1 + source3/smbd/auth_server.c | 1 + source3/smbd/password.c | 3 -- source3/smbd/reply.c | 5 ++-- source3/smbd/service.c | 73 +++++++++++++++++++++++++++------------------- 5 files changed, 47 insertions(+), 36 deletions(-) diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c index dc1d924b3c..1960fc1cfb 100644 --- a/source3/auth/auth_server.c +++ b/source3/auth/auth_server.c @@ -211,6 +211,7 @@ use this machine as the password server.\n")); user_info->nt_resp.len, user_info->domain.str)) { DEBUG(1,("password server %s rejected the password\n", cli->desthost)); + /* Make this cli_nt_error() when the conversion is in */ nt_status = NT_STATUS_LOGON_FAILURE; } else { nt_status = NT_STATUS_NOPROBLEMO; diff --git a/source3/smbd/auth_server.c b/source3/smbd/auth_server.c index dc1d924b3c..1960fc1cfb 100644 --- a/source3/smbd/auth_server.c +++ b/source3/smbd/auth_server.c @@ -211,6 +211,7 @@ use this machine as the password server.\n")); user_info->nt_resp.len, user_info->domain.str)) { DEBUG(1,("password server %s rejected the password\n", cli->desthost)); + /* Make this cli_nt_error() when the conversion is in */ nt_status = NT_STATUS_LOGON_FAILURE; } else { nt_status = NT_STATUS_NOPROBLEMO; diff --git a/source3/smbd/password.c b/source3/smbd/password.c index bbdd0c3bf5..51df7a95a2 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -28,9 +28,6 @@ extern struct in_addr ipzero; /* users from session setup */ static pstring session_users=""; -extern pstring global_myname; -extern fstring global_myworkgroup; - /* this holds info on user ids that are already validated for this VC */ static user_struct *validated_users; static int next_vuid = VUID_OFFSET; diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 47a363ae8d..ee71854687 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -37,7 +37,6 @@ extern BOOL case_preserve; extern BOOL short_case_preserve; extern userdom_struct current_user_info; extern pstring global_myname; -extern fstring global_myworkgroup; extern int global_oplock_break; uint32 global_client_caps = 0; unsigned int smb_echo_count = 0; @@ -800,7 +799,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!guest) { valid_password = (pass_check_smb(user, domain, smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO); + smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO); /* The true branch will be executed if (1) the NT password failed (or was not tried), and @@ -862,7 +861,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int p = smb_buf(outbuf); p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE); p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE); - p += srvstr_push(outbuf, p, global_myworkgroup, -1, STR_TERMINATE); + p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE); set_message_end(outbuf,p); /* perhaps grab OS version here?? */ } diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 13a6a387ae..fe0f95ba6a 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -213,6 +213,47 @@ int find_service(char *service) } +/**************************************************************************** + do some basic sainity checks on the share. + This function modifies dev, ecode. +****************************************************************************/ +static BOOL share_sanity_checks(int snum, char* service, char *dev, int *ecode) +{ + + if (!lp_snum_ok(snum) || + !check_access(smbd_server_fd(), + lp_hostsallow(snum), lp_hostsdeny(snum))) { + *ecode = ERRaccess; + return False; + } + + /* you can only connect to the IPC$ service as an ipc device */ + if (strequal(service,"IPC$") || strequal(service,"ADMIN$")) + pstrcpy(dev,"IPC"); + + if (*dev == '?' || !*dev) { + if (lp_print_ok(snum)) { + pstrcpy(dev,"LPT1:"); + } else { + pstrcpy(dev,"A:"); + } + } + + /* if the request is as a printer and you can't print then refuse */ + strupper(dev); + if (!lp_print_ok(snum) && (strncmp(dev,"LPT",3) == 0)) { + DEBUG(1,("Attempt to connect to non-printer as a printer\n")); + *ecode = ERRinvdevice; + return False; + } + + /* Behave as a printer if we are supposed to */ + if (lp_print_ok(snum) && (strcmp(dev, "A:") == 0)) { + pstrcpy(dev, "LPT1:"); + } + return True; +} + /**************************************************************************** make a connection to a service ****************************************************************************/ @@ -268,37 +309,9 @@ connection_struct *make_connection(char *service,char *user,char *password, int } } - if (!lp_snum_ok(snum) || - !check_access(smbd_server_fd(), - lp_hostsallow(snum), lp_hostsdeny(snum))) { - *ecode = ERRaccess; - return NULL; - } - - /* you can only connect to the IPC$ service as an ipc device */ - if (strequal(service,"IPC$") || strequal(service,"ADMIN$")) - pstrcpy(dev,"IPC"); - - if (*dev == '?' || !*dev) { - if (lp_print_ok(snum)) { - pstrcpy(dev,"LPT1:"); - } else { - pstrcpy(dev,"A:"); - } - } - - /* if the request is as a printer and you can't print then refuse */ - strupper(dev); - if (!lp_print_ok(snum) && (strncmp(dev,"LPT",3) == 0)) { - DEBUG(1,("Attempt to connect to non-printer as a printer\n")); - *ecode = ERRinvdevice; + if (!share_sanity_checks(snum, service, dev, ecode)) { return NULL; - } - - /* Behave as a printer if we are supposed to */ - if (lp_print_ok(snum) && (strcmp(dev, "A:") == 0)) { - pstrcpy(dev, "LPT1:"); - } + } /* lowercase the user name */ strlower(user); -- cgit