sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00
Code
a66af4c96a
samba-mirror/source3
History
Ralph Boehme a66af4c96a s3:auth: explicitly add BUILTIN\Guests to the guest token 
This changes ensures that smbd always adds BUILTIN\Guests to the guest token
which is required for guest authentication.

Currently the guest token depends on the on-disk configured group mappings. If
there's an existing group mapping for BUILTIN\Guests, but LOCALSAM\Guest is not
a member, the final guest token won't contain BUILTIN\Guests.

For SMB2 the flag SMB2_SESSION_FLAG_IS_GUEST will not be set in the final SMB2
SESSION_SETUP response, because smbd sets it based on the token containing the
BUILTIN\Guests SID S-1-5-32-546.

At the same time, the packet is not signed which causes Windows clients and
smbclient to reject the unsigned SMB2 SESSION_SETUP response.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13944

Pair-programmed-with: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jun  5 16:55:26 UTC 2019 on sn-devel-184
2019-06-05 16:55:26 +00:00
..
auth s3:auth: explicitly add BUILTIN\Guests to the guest token 2019-06-05 16:55:26 +00:00
build source3/build/charset.py: update to handle waf 2.0.4 2018-09-05 06:37:23 +02:00
client s3:smbspool: Use NTSTATUS return codes 2019-05-23 09:41:17 +00:00
exports
groupdb groupdb: Use wrapper for string to integer conversion 2019-03-01 00:32:10 +00:00
include smbd: Add file_rename_message in idl 2019-05-18 19:06:23 +00:00
intl lib: Remove "tdb based replacement for gettext" 2019-05-22 05:59:13 +00:00
lib s3/lib: don't write to buffer (which might be NULL) if bufsize <=0 2019-05-29 10:10:23 +00:00
libads s3/libads: cppcheck fix error: shiftTooManyBitsSigned: error 2019-05-29 10:10:23 +00:00
libgpo/gpext libgpo: Fix CID 1438462 Error handling issues (CHECKED_RETURN) 2018-08-22 00:58:41 +02:00
libnet s3-libnet_join: allow fallback to NTLMSSP auth in libnet_join 2019-04-03 18:57:31 +00:00
librpc smbd: Send "share_file_id" with the rename msg 2019-05-18 20:18:54 +00:00
libsmb s3: libsmbclient: Fix return value if cli_open() fails 2019-05-19 17:34:21 +00:00
locale pam_winbind: initial Turkish translation 2017-11-15 13:52:05 +01:00
locking smbd: Adapt brl_pending_overlap to README.Coding 2019-05-28 22:22:28 +00:00
modules s3:modules: Put debug msg into the if clause checking the strings exists 2019-06-04 22:13:07 +00:00
nmbd s3:nmbd: small improvements in --help strings 2019-01-28 14:28:29 +01:00
param s3:loadparm: Ensure to truncate FS Volume Label at multibyte boundary 2019-05-16 17:55:18 +00:00
passdb build: Remove bld.gen_python_environments() 2019-03-21 04:06:14 +00:00
printing s3/printing: cppcheck avoid 'nullPointerArithmetic:' error 2019-05-29 10:10:23 +00:00
profile s3:profile: Use GnuTLS MD5 2019-05-21 00:03:22 +00:00
registry registry: add a missing include 2019-05-27 14:29:36 +00:00
rpc_client s3:rpc_client: Use GnuTLS MD5 for samr 2019-05-21 00:03:22 +00:00
rpc_server s3:rpc_server:netlogon: simplify AUTH_TYPE_SCHANNEL check in netr_creds_server_step_check() 2019-06-04 22:13:07 +00:00
rpcclient s3/rpcclient: cppcheck: Fix shiftTooManyBitsSigned error 2019-06-04 22:13:07 +00:00
script tests: add a test for guest authentication 2019-06-05 15:40:24 +00:00
selftest tests: add a test for guest authentication 2019-06-05 15:40:24 +00:00
services srcctl3: Improve debug messages 2018-01-16 02:43:03 +01:00
smbd s3:smbd: call reinit_guest_session_info() in the conf updated handler 2019-06-05 15:40:23 +00:00
torture s3:torture: Use GnuTLS MD5 2019-05-21 00:03:23 +00:00
utils s3-smbcontrol: Replace && with || to declare variables in do_sleep() 2019-05-31 20:38:09 +00:00
web
winbindd s3/winbdind: cppcheck: fix nullPointerArithmetic error 2019-06-04 22:13:07 +00:00
.clang_complete
.dmallocrc
.indent.pro
Doxyfile
mainpage.dox
smbadduser.in
wscript vfs: add ceph_snapshots module 2019-05-14 22:17:32 +00:00
wscript_build s3:smbspool: Fallback to default ccache if KRB5CCNAME is not set 2019-05-23 09:41:17 +00:00
wscript_configure_system_ncurses source3/wscript_configure_system_ncurses: update to handle waf 2.0.4 2018-09-05 06:37:24 +02:00