summaryrefslogtreecommitdiffstats
path: root/source3/smbd/reply.c
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2001-07-04 04:17:58 +0000
committerAndrew Tridgell <tridge@samba.org>2001-07-04 04:17:58 +0000
commit59db9bcbf084a23c1f8c7e1c7017f064b8c1e59c (patch)
tree35b5eb8877410c2af9c46430881bbc63c9f94d9b /source3/smbd/reply.c
parentd972dc06a189fc433c822d1e5eee650a02a79550 (diff)
downloadsamba-59db9bcbf084a23c1f8c7e1c7017f064b8c1e59c.tar.gz
samba-59db9bcbf084a23c1f8c7e1c7017f064b8c1e59c.tar.xz
samba-59db9bcbf084a23c1f8c7e1c7017f064b8c1e59c.zip
check for bad usernames early in session setup
(This used to be commit 657836599a847578096696af27cd7c9f0d52c931)
Diffstat (limited to 'source3/smbd/reply.c')
-rw-r--r--source3/smbd/reply.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index d27f7842eb4..edcc3f48382 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -858,6 +858,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int
domain,native_os,native_lanman));
}
+ /* don't allow for weird usernames */
+ alpha_strcpy(user, user, ". _-", sizeof(user));
+ if (strstr(user, "..")) {
+ return bad_password_error(inbuf, outbuf);
+ }
+
DEBUG(3,("sesssetupX:name=[%s]\n",user));
/* If name ends in $ then I think it's asking about whether a */