svn commit: samba r7020 - in branches/SAMBA_3_0/source: . auth include param registry smbd

jerry at samba.org jerry at samba.org
Fri May 27 13:58:05 GMT 2005


Author: jerry
Date: 2005-05-27 13:58:04 +0000 (Fri, 27 May 2005)
New Revision: 7020

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7020

Log:
fixing printer ace values and getting rid of false compiler warning about unitialized variable
Modified:
   branches/SAMBA_3_0/source/Makefile.in
   branches/SAMBA_3_0/source/auth/auth.c
   branches/SAMBA_3_0/source/include/rpc_spoolss.h
   branches/SAMBA_3_0/source/include/smb.h
   branches/SAMBA_3_0/source/param/loadparm.c
   branches/SAMBA_3_0/source/registry/regfio.c
   branches/SAMBA_3_0/source/smbd/sesssetup.c


Changeset:
Modified: branches/SAMBA_3_0/source/Makefile.in
===================================================================
--- branches/SAMBA_3_0/source/Makefile.in	2005-05-27 13:16:26 UTC (rev 7019)
+++ branches/SAMBA_3_0/source/Makefile.in	2005-05-27 13:58:04 UTC (rev 7020)
@@ -270,7 +270,8 @@
 RPC_SAMR_OBJ = rpc_server/srv_samr.o rpc_server/srv_samr_nt.o \
                rpc_server/srv_samr_util.o
 
-RPC_REG_OBJ =  rpc_server/srv_reg.o rpc_server/srv_reg_nt.o
+REGFIO_OBJ = registry/regfio.o
+
 RPC_REG_OBJ =  rpc_server/srv_reg.o rpc_server/srv_reg_nt.o $(REGFIO_OBJ)
 
 RPC_LSA_DS_OBJ =  rpc_server/srv_lsa_ds.o rpc_server/srv_lsa_ds_nt.o
@@ -371,8 +372,6 @@
 
 MANGLE_OBJ = smbd/mangle.o smbd/mangle_hash.o smbd/mangle_map.o smbd/mangle_hash2.o
 
-REGFIO_OBJ = registry/regfio.o
-
 SMBD_OBJ_MAIN = smbd/server.o
 
 BUILDOPT_OBJ = smbd/build_options.o

Modified: branches/SAMBA_3_0/source/auth/auth.c
===================================================================
--- branches/SAMBA_3_0/source/auth/auth.c	2005-05-27 13:16:26 UTC (rev 7019)
+++ branches/SAMBA_3_0/source/auth/auth.c	2005-05-27 13:58:04 UTC (rev 7020)
@@ -215,6 +215,7 @@
 	if (!user_info || !auth_context || !server_info)
 		return NT_STATUS_LOGON_FAILURE;
 
+
 	DEBUG(3, ("check_ntlm_password:  Checking password for unmapped user [%s]\\[%s]@[%s] with the new password interface\n", 
 		  user_info->client_domain.str, user_info->smb_name.str, user_info->wksta_name.str));
 
@@ -305,12 +306,19 @@
 			       unix_username));
 		}
 	}
-
 	if (!NT_STATUS_IS_OK(nt_status)) {
-		DEBUG(2, ("check_ntlm_password:  Authentication for user [%s] -> [%s] FAILED with error %s\n", 
-			  user_info->smb_name.str, user_info->internal_username.str, 
-			  nt_errstr(nt_status)));
-		ZERO_STRUCTP(server_info);
+			if (lp_map_to_guest() == MAP_TO_GUEST_ON_VALID_DOMAIN_USER ){
+				/*user_info->smb_name.str = lp_guestaccount();*/
+			 	become_root();
+			 	nt_status = smb_pam_accountcheck(lp_guestaccount());
+			 	unbecome_root();
+			 	make_server_info_guest(server_info); 
+			 }else{
+				DEBUG(2, ("check_ntlm_password:  Authentication for user [%s] -> [%s] FAILED with error %s\n", 
+			  	user_info->smb_name.str, user_info->internal_username.str, 
+			  	nt_errstr(nt_status)));
+				ZERO_STRUCTP(server_info); 
+			}
 	}
 	return nt_status;
 }

Modified: branches/SAMBA_3_0/source/include/rpc_spoolss.h
===================================================================
--- branches/SAMBA_3_0/source/include/rpc_spoolss.h	2005-05-27 13:16:26 UTC (rev 7019)
+++ branches/SAMBA_3_0/source/include/rpc_spoolss.h	2005-05-27 13:58:04 UTC (rev 7020)
@@ -191,8 +191,8 @@
 /* ACE masks for the various print permissions */
 
 #define PRINTER_ACE_FULL_CONTROL      (GENERIC_ALL_ACCESS|PRINTER_ALL_ACCESS)
-#define PRINTER_ACE_MANAGE_DOCUMENTS  READ_CONTROL_ACCESS
-#define PRINTER_ACE_PRINT             (READ_CONTROL_ACCESS|PRINTER_ACCESS_USE)
+#define PRINTER_ACE_MANAGE_DOCUMENTS  (GENERIC_ALL_ACCESS|READ_CONTROL_ACCESS)
+#define PRINTER_ACE_PRINT             (GENERIC_EXECUTE_ACCESS|READ_CONTROL_ACCESS|PRINTER_ACCESS_USE)
 
 
 /* Notify field types */

Modified: branches/SAMBA_3_0/source/include/smb.h
===================================================================
--- branches/SAMBA_3_0/source/include/smb.h	2005-05-27 13:16:26 UTC (rev 7019)
+++ branches/SAMBA_3_0/source/include/smb.h	2005-05-27 13:58:04 UTC (rev 7020)
@@ -1654,6 +1654,7 @@
 #include "client.h"
 */
 
+#define MAP_TO_GUEST_ON_VALID_DOMAIN_USER 3
 /*
  * Size of new password account encoding string.  This is enough space to
  * hold 11 ACB characters, plus the surrounding [] and a terminating null.

Modified: branches/SAMBA_3_0/source/param/loadparm.c
===================================================================
--- branches/SAMBA_3_0/source/param/loadparm.c	2005-05-27 13:16:26 UTC (rev 7019)
+++ branches/SAMBA_3_0/source/param/loadparm.c	2005-05-27 13:58:04 UTC (rev 7020)
@@ -754,6 +754,7 @@
    are rejected, unless the username does not exist, in which case it
    is treated as a guest login
 
+      {MAP_TO_GUEST_ON_VALID_DOMAIN_USER, "Non-UNIX Valid Domain User"},
    "Bad Password" means session setups with an invalid password
    are treated as a guest login
 

Modified: branches/SAMBA_3_0/source/registry/regfio.c
===================================================================
--- branches/SAMBA_3_0/source/registry/regfio.c	2005-05-27 13:16:26 UTC (rev 7019)
+++ branches/SAMBA_3_0/source/registry/regfio.c	2005-05-27 13:58:04 UTC (rev 7020)
@@ -1679,7 +1679,7 @@
                                SEC_DESC *sec_desc, REGF_NK_REC *parent )
 {
 	REGF_NK_REC *nk;
-	REGF_HBIN *vlist_hbin;
+	REGF_HBIN *vlist_hbin = NULL;
 	uint32 size;
 
 	if ( !(nk = TALLOC_ZERO_P( file->mem_ctx, REGF_NK_REC )) )

Modified: branches/SAMBA_3_0/source/smbd/sesssetup.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/sesssetup.c	2005-05-27 13:16:26 UTC (rev 7019)
+++ branches/SAMBA_3_0/source/smbd/sesssetup.c	2005-05-27 13:58:04 UTC (rev 7020)
@@ -125,6 +125,7 @@
 		return nt_status;
 	}
 
+
 	if (!make_user_info_guest(&user_info)) {
 		(auth_context->free)(&auth_context);
 		return NT_STATUS_NO_MEMORY;
@@ -146,6 +147,7 @@
 				 int length, int bufsize,
 				 DATA_BLOB *secblob)
 {
+	int map_domainuser_to_guest = 0;
 	DATA_BLOB ticket;
 	char *client, *p, *domain;
 	fstring netbios_domain_name;
@@ -245,14 +247,19 @@
 	}
 
 	asprintf(&user, "%s%c%s", domain, *lp_winbind_separator(), client);
-	
 	/* lookup the passwd struct, create a new user if necessary */
+		if (lp_map_to_guest() == MAP_TO_GUEST_ON_VALID_DOMAIN_USER ){ 
+			map_domainuser_to_guest == 1;
+			fstrcpy(user,lp_guestaccount());
+			pw = smb_getpwnam( user, real_username, True );
+		} else {
 
 	map_username( user );
 
 	pw = smb_getpwnam( user, real_username, True );
 	
 	if (!pw) {
+		}
 		DEBUG(1,("Username %s is invalid on this system\n",user));
 		SAFE_FREE(user);
 		SAFE_FREE(client);
@@ -265,16 +272,20 @@
 	
 	sub_set_smb_name( real_username );
 	reload_services(True);
-	
-	if (!NT_STATUS_IS_OK(ret = make_server_info_pw(&server_info, real_username, pw))) 
+	if (map_domainuser_to_guest == 1) {			
+			make_server_info_guest(&server_info);
+	}else{
+	 if (!NT_STATUS_IS_OK(ret = make_server_info_pw(&server_info, real_username, pw))) 
 	{
 		DEBUG(1,("make_server_info_from_pw failed!\n"));
 		SAFE_FREE(user);
 		SAFE_FREE(client);
 		data_blob_free(&ap_rep);
+
 		data_blob_free(&session_key);
 		return ERROR_NT(ret);
 	}
+	}
 
         /* make_server_info_pw does not set the domain. Without this we end up
 	 * with the local netbios name in substitutions for %D. */



More information about the samba-cvs mailing list