From 9dd7e7fc2d6d1aa7f3c3b741ac134e087ce808fd Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Wed, 18 Aug 2010 17:17:42 +0200 Subject: s3-auth: Use SamInfo3_for_guest to create guest server_info. Signed-off-by: Simo Sorce --- source3/auth/auth_util.c | 89 +++++++++++++++++++++++++++++++++++++----------- 1 file changed, 70 insertions(+), 19 deletions(-) diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 1ff9714b1f..23f557a316 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -25,6 +25,7 @@ #include "smbd/globals.h" #include "../libcli/auth/libcli_auth.h" #include "../lib/crypto/arcfour.h" +#include "rpc_client/init_lsa.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH @@ -631,6 +632,54 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, return NT_STATUS_OK; } +static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx, + struct netr_SamInfo3 *info3) +{ + const char *guest_account = lp_guestaccount(); + struct dom_sid domain_sid; + struct passwd *pwd; + const char *tmp; + NTSTATUS status; + + pwd = getpwnam_alloc(mem_ctx, guest_account); + if (pwd == NULL) { + DEBUG(0,("SamInfo3_for_guest: Unable to locate guest " + "account [%s]!\n", guest_account)); + return NT_STATUS_NO_SUCH_USER; + } + + /* Set acount name */ + tmp = talloc_strdup(mem_ctx, pwd->pw_name); + if (tmp == NULL) { + return NT_STATUS_NO_MEMORY; + } + init_lsa_String(&info3->base.account_name, tmp); + + /* Set domain name */ + tmp = talloc_strdup(mem_ctx, get_global_sam_name()); + if (tmp == NULL) { + return NT_STATUS_NO_MEMORY; + } + init_lsa_StringLarge(&info3->base.domain, tmp); + + /* Domain sid */ + sid_copy(&domain_sid, get_global_sam_sid()); + + info3->base.domain_sid = sid_dup_talloc(mem_ctx, &domain_sid); + if (info3->base.domain_sid == NULL) { + return NT_STATUS_NO_MEMORY; + } + + /* Guest rid */ + info3->base.rid = DOMAIN_RID_GUEST; + + /* Primary gid */ + info3->base.primary_gid = BUILTIN_RID_GUESTS; + + TALLOC_FREE(pwd); + return status; +} + /*************************************************************************** Make (and fill) a user_info struct for a guest login. This *must* succeed for smbd to start. If there is no mapping entry for @@ -639,43 +688,42 @@ NTSTATUS make_server_info_pw(struct auth_serversupplied_info **server_info, static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **server_info) { + static const char zeros[16] = {0}; + const char *guest_account = lp_guestaccount(); + const char *domain = global_myname(); + struct netr_SamInfo3 info3; + TALLOC_CTX *tmp_ctx; NTSTATUS status; - struct samu *sampass = NULL; - struct dom_sid guest_sid; - bool ret; - static const char zeros[16] = {0, }; fstring tmp; - if ( !(sampass = samu_new( NULL )) ) { + tmp_ctx = talloc_stackframe(); + if (tmp_ctx == NULL) { return NT_STATUS_NO_MEMORY; } - sid_compose(&guest_sid, get_global_sam_sid(), DOMAIN_RID_GUEST); + ZERO_STRUCT(info3); - become_root(); - ret = pdb_getsampwsid(sampass, &guest_sid); - unbecome_root(); - - if (!ret) { - TALLOC_FREE(sampass); - return NT_STATUS_NO_SUCH_USER; + status = get_guest_info3(tmp_ctx, &info3); + if (!NT_STATUS_IS_OK(status)) { + goto done; } - status = make_server_info_sam(server_info, sampass); + status = make_server_info_info3(tmp_ctx, + guest_account, + domain, + server_info, + &info3); if (!NT_STATUS_IS_OK(status)) { - TALLOC_FREE(sampass); - return status; + goto done; } - TALLOC_FREE(sampass); - (*server_info)->guest = True; status = create_local_token(*server_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("create_local_token failed: %s\n", nt_errstr(status))); - return status; + goto done; } /* annoying, but the Guest really does have a session key, and it is @@ -687,6 +735,9 @@ static NTSTATUS make_new_server_info_guest(struct auth_serversupplied_info **ser ". _-$", sizeof(tmp)); (*server_info)->sanitized_username = talloc_strdup(*server_info, tmp); + status = NT_STATUS_OK; +done: + TALLOC_FREE(tmp_ctx); return NT_STATUS_OK; } -- cgit