FIX: NT sending null username effects %U expansion
thwartedefforts at wonky.org
thwartedefforts at wonky.org
Wed Oct 28 18:45:51 GMT 1998
On Wed, 28 October 1998, Jeremy Allison wrote:
<snip>
> I think your patch is nearly correct - the actual intent
> of the original code is :
>
> if((lp_security() != SEC_SHARE) || (*user && !guest))
> pstrcpy(sesssetup_user,user);
<snip>
> The intent was only to change sesssetup_user in share level
> security when a valid username was given.
Well, you see I'm trying to work around (what Luke described as) a
bug in NT4. It insists on sending a null username/password when it
requests subsiquent share lists (it seems to send the logon
username/password for the initial request). This screws up the list
of configuration files read and shares disappear and reappear
depending on the mood of NT4.
Unfortunately, if the conditions are changed as you describe, the
same effect still results (but, thankfully, it gets rid of that
"always true" condition :) ). Note that I'm not using share
level security.
Your change doesn't seem to honor your requirements:
> In user level security sesssetup_user should *always* be
> changed to match the incoming user (even if it's a null
> session).
What does "incoming user" mean? Incoming from the client (in
which case sesssetup_user should be "") or incoming after
samba gets a chance to massage it (so it would be the value
of lp_guestaccount() for null usernames). I'm confused here.
%U is susposed to expand to the username the client sent,
not the username that samba eventually assigned. Is
assignment to the guest account not the same as assigning
to a local UNIX user (via perhaps a map user or map file
setting)?
In my domain, I have no need for guest access in terms of file
services so if a client is sending a null username over an
already validated connection, I want it to use the validated
username in the %U expansion. Keep in mind that sending a
valid username (non-null) should override previous validations
on the same connection. This should be acceptable for the
cases where NT4 is going "Oh, I need to request the share list
again, but I'm not going to tell the server who I am", and
types of clients that are sending a username.
Would an acceptable solution to this be to have a parameter like
guest overrides valid user = yes/no (default yes)
null overrides valid user = yes/no (default yes)
or
force guest username expansion = yes/no (default yes)
or
allow null username expansion = yes/no (default yes)
And wrap a check for this around the assignmnt to sesssetup_user
in the above if?
I prefer the first set, they best describes what I'm trying to
achieve (I can't think of any shorter parameter names), and
offer the greatest configuration options. The defaults of yes
keep the current behaviour.
If we can agree on something, I'll write the patch.
Andy.
More information about the samba-ntdom
mailing list