mirror of
https://github.com/samba-team/samba.git
synced 2025-01-29 21:47:30 +03:00
smbd/auth_server: Doco, we want to use cli_nt_error here soon
smbd/password.c: We don't use globals here anymore
smbd/reply.c: Tidyness, global_myworkgroup must die!
smbd/service.c: Move some of the make_connection code into a helper
function.
This commit is contained in:
Andrew Bartlett
-
parent
3d91c11942
commit
15c87e404f
@ -211,6 +211,7 @@ use this machine as the password server.\n"));
|
||||
user_info->nt_resp.len,
|
||||
user_info->domain.str)) {
|
||||
DEBUG(1,("password server %s rejected the password\n", cli->desthost));
|
||||
/* Make this cli_nt_error() when the conversion is in */
|
||||
nt_status = NT_STATUS_LOGON_FAILURE;
|
||||
} else {
|
||||
nt_status = NT_STATUS_NOPROBLEMO;
|
||||
|
||||
@ -211,6 +211,7 @@ use this machine as the password server.\n"));
|
||||
user_info->nt_resp.len,
|
||||
user_info->domain.str)) {
|
||||
DEBUG(1,("password server %s rejected the password\n", cli->desthost));
|
||||
/* Make this cli_nt_error() when the conversion is in */
|
||||
nt_status = NT_STATUS_LOGON_FAILURE;
|
||||
} else {
|
||||
nt_status = NT_STATUS_NOPROBLEMO;
|
||||
|
||||
@ -28,9 +28,6 @@ extern struct in_addr ipzero;
|
||||
/* users from session setup */
|
||||
static pstring session_users="";
|
||||
|
||||
extern pstring global_myname;
|
||||
extern fstring global_myworkgroup;
|
||||
|
||||
/* this holds info on user ids that are already validated for this VC */
|
||||
static user_struct *validated_users;
|
||||
static int next_vuid = VUID_OFFSET;
|
||||
|
||||
@ -37,7 +37,6 @@ extern BOOL case_preserve;
|
||||
extern BOOL short_case_preserve;
|
||||
extern userdom_struct current_user_info;
|
||||
extern pstring global_myname;
|
||||
extern fstring global_myworkgroup;
|
||||
extern int global_oplock_break;
|
||||
uint32 global_client_caps = 0;
|
||||
unsigned int smb_echo_count = 0;
|
||||
@ -800,7 +799,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int
|
||||
if (!guest) {
|
||||
valid_password = (pass_check_smb(user, domain,
|
||||
smb_apasswd, smb_apasslen,
|
||||
smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO);
|
||||
smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO);
|
||||
|
||||
/* The true branch will be executed if
|
||||
(1) the NT password failed (or was not tried), and
|
||||
@ -862,7 +861,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int
|
||||
p = smb_buf(outbuf);
|
||||
p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE);
|
||||
p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE);
|
||||
p += srvstr_push(outbuf, p, global_myworkgroup, -1, STR_TERMINATE);
|
||||
p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE);
|
||||
set_message_end(outbuf,p);
|
||||
/* perhaps grab OS version here?? */
|
||||
}
|
||||
|
||||
@ -213,6 +213,47 @@ int find_service(char *service)
|
||||
}
|
||||
|
||||
|
||||
/****************************************************************************
|
||||
do some basic sainity checks on the share.
|
||||
This function modifies dev, ecode.
|
||||
****************************************************************************/
|
||||
static BOOL share_sanity_checks(int snum, char* service, char *dev, int *ecode)
|
||||
{
|
||||
|
||||
if (!lp_snum_ok(snum) ||
|
||||
!check_access(smbd_server_fd(),
|
||||
lp_hostsallow(snum), lp_hostsdeny(snum))) {
|
||||
*ecode = ERRaccess;
|
||||
return False;
|
||||
}
|
||||
|
||||
/* you can only connect to the IPC$ service as an ipc device */
|
||||
if (strequal(service,"IPC$") || strequal(service,"ADMIN$"))
|
||||
pstrcpy(dev,"IPC");
|
||||
|
||||
if (*dev == '?' || !*dev) {
|
||||
if (lp_print_ok(snum)) {
|
||||
pstrcpy(dev,"LPT1:");
|
||||
} else {
|
||||
pstrcpy(dev,"A:");
|
||||
}
|
||||
}
|
||||
|
||||
/* if the request is as a printer and you can't print then refuse */
|
||||
strupper(dev);
|
||||
if (!lp_print_ok(snum) && (strncmp(dev,"LPT",3) == 0)) {
|
||||
DEBUG(1,("Attempt to connect to non-printer as a printer\n"));
|
||||
*ecode = ERRinvdevice;
|
||||
return False;
|
||||
}
|
||||
|
||||
/* Behave as a printer if we are supposed to */
|
||||
if (lp_print_ok(snum) && (strcmp(dev, "A:") == 0)) {
|
||||
pstrcpy(dev, "LPT1:");
|
||||
}
|
||||
return True;
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
make a connection to a service
|
||||
****************************************************************************/
|
||||
@ -268,37 +309,9 @@ connection_struct *make_connection(char *service,char *user,char *password, int
|
||||
}
|
||||
}
|
||||
|
||||
if (!lp_snum_ok(snum) ||
|
||||
!check_access(smbd_server_fd(),
|
||||
lp_hostsallow(snum), lp_hostsdeny(snum))) {
|
||||
*ecode = ERRaccess;
|
||||
if (!share_sanity_checks(snum, service, dev, ecode)) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* you can only connect to the IPC$ service as an ipc device */
|
||||
if (strequal(service,"IPC$") || strequal(service,"ADMIN$"))
|
||||
pstrcpy(dev,"IPC");
|
||||
|
||||
if (*dev == '?' || !*dev) {
|
||||
if (lp_print_ok(snum)) {
|
||||
pstrcpy(dev,"LPT1:");
|
||||
} else {
|
||||
pstrcpy(dev,"A:");
|
||||
}
|
||||
}
|
||||
|
||||
/* if the request is as a printer and you can't print then refuse */
|
||||
strupper(dev);
|
||||
if (!lp_print_ok(snum) && (strncmp(dev,"LPT",3) == 0)) {
|
||||
DEBUG(1,("Attempt to connect to non-printer as a printer\n"));
|
||||
*ecode = ERRinvdevice;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Behave as a printer if we are supposed to */
|
||||
if (lp_print_ok(snum) && (strcmp(dev, "A:") == 0)) {
|
||||
pstrcpy(dev, "LPT1:");
|
||||
}
|
||||
}
|
||||
|
||||
/* lowercase the user name */
|
||||
strlower(user);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user