From a364047b2a8dc76db39989570a1a3d22bcc214ec Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 21 Jun 2001 20:18:48 +0000 Subject: Andrew - please look this over. I've fixed a long standing (maybe 4-5 years old) bug when chainging a sessionsetup_and_X and tcon together. The wrong username was being entered into the tdb, even though the correct user was used for accessing files. This is related to the fact that authorise_login() is not used for sessionsetup, but only for tcon auths. Jeremy. --- source/smbd/reply.c | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) (limited to 'source/smbd/reply.c') diff --git a/source/smbd/reply.c b/source/smbd/reply.c index d86d882cdd7..c98375792e2 100644 --- a/source/smbd/reply.c +++ b/source/smbd/reply.c @@ -164,11 +164,10 @@ static int connection_error(char *inbuf,char *outbuf,int ecode) return(ERROR(ERRSRV,ecode)); } - - /**************************************************************************** parse a share descriptor string ****************************************************************************/ + static void parse_connect(char *p,char *service,char *user, char *password,int *pwlen,char *dev) { @@ -222,6 +221,14 @@ int reply_tcon(connection_struct *conn, parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); + /* + * If the vuid is valid, we should be using that.... + */ + + if (*user == '\0' && (lp_security() != SEC_SHARE) && validated_username(vuid)) { + pstrcpy(user,validated_username(vuid)); + } + /* * Ensure the user and password names are in UNIX codepage format. */ @@ -264,6 +271,7 @@ int reply_tcon(connection_struct *conn, /**************************************************************************** Reply to a tcon and X. ****************************************************************************/ + int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { fstring service; @@ -314,6 +322,14 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt StrnCpy(devicename,path + strlen(path) + 1,6); DEBUG(4,("Got device type %s\n",devicename)); + /* + * If the vuid is valid, we should be using that.... + */ + + if (*user == '\0' && (lp_security() != SEC_SHARE) && validated_username(vuid)) { + pstrcpy(user,validated_username(vuid)); + } + /* * Ensure the user and password names are in UNIX codepage format. */ @@ -389,7 +405,6 @@ int reply_unknown(char *inbuf,char *outbuf) return(ERROR(ERRSRV,ERRunknownsmb)); } - /**************************************************************************** reply to an ioctl ****************************************************************************/ -- cgit