diff options
| author | Jeremy Allison <jra@samba.org> | 1998-06-15 18:19:54 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 1998-06-15 18:19:54 +0000 |
| commit | 21ca6bfb3ba3927efaf7eeff4325976d41489be2 (patch) | |
| tree | 19719afa3344807cb7d82fa2bb35cd499585ec86 /source/smbd/reply.c | |
| parent | fb8b04be25d9b8c80719263acc6c4930686b3671 (diff) | |
| download | samba-21ca6bfb3ba3927efaf7eeff4325976d41489be2.tar.gz samba-21ca6bfb3ba3927efaf7eeff4325976d41489be2.tar.xz samba-21ca6bfb3ba3927efaf7eeff4325976d41489be2.zip | |
Makefile:
smbumount.c: Added fixes to compile under Linux.
includes.h: Added SunOS 4.x QSORT_CAST fix.
reply.c: Fixed user name mapping function for security=server, security=domain.
Jeremy.
Diffstat (limited to 'source/smbd/reply.c')
| -rw-r--r-- | source/smbd/reply.c | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/source/smbd/reply.c b/source/smbd/reply.c index a9db0b38409..9177b3cde15 100644 --- a/source/smbd/reply.c +++ b/source/smbd/reply.c @@ -482,6 +482,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) pstring smb_ntpasswd; BOOL valid_nt_password = False; pstring user; + pstring orig_user; BOOL guest=False; static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); @@ -624,6 +625,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) reload_services(True); /* + * Save the username before mapping. We will use + * the original username sent to us for security=server + * and security=domain checking. + */ + + pstrcpy( orig_user, user); + + /* * Pass the user through the NT -> unix user mapping * function. */ @@ -645,14 +654,17 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) guest = True; if (!guest && !(lp_security() == SEC_SERVER && - server_validate(user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !(lp_security() == SEC_DOMAIN && - domain_client_validate(user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !check_hosts_equiv(user)) + /* Check with orig_user for security=server and + security=domain. */ + server_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && + !(lp_security() == SEC_DOMAIN && + domain_client_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && + !check_hosts_equiv(user) + ) { /* now check if it's a valid username/password */ |