s3-auth Move map to guest to directly after the check_password calls

This means we no longer need two different map to guest functions
and have consistent logic with fewer layering violations.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

5 files changed, 49 insertions, 97 deletions

diff --git a/source3/auth/auth_ntlmssp.c b/source3/auth/auth_ntlmssp.c
index 61029bc95d8..2157d355d20 100644
--- a/source3/auth/auth_ntlmssp.c
+++ b/source3/auth/auth_ntlmssp.c
@@ -145,6 +145,10 @@ static NTSTATUS auth_ntlmssp_check_password(struct ntlmssp_state *ntlmssp_state,
 	free_user_info(&user_info);
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
+		nt_status = do_map_to_guest_server_info(nt_status,
+							&auth_ntlmssp_state->server_info,
+							auth_ntlmssp_state->ntlmssp_state->user,
+							auth_ntlmssp_state->ntlmssp_state->domain);
 		return nt_status;
 	}
 
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index a261e39b7be..1621630b876 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1580,3 +1580,35 @@ bool is_trusted_domain(const char* dom_name)
 	return false;
 }
 
+
+
+/*
+  on a logon error possibly map the error to success if "map to guest"
+  is set approriately
+*/
+NTSTATUS do_map_to_guest_server_info(NTSTATUS status,
+				     struct auth_serversupplied_info **server_info,
+				     const char *user, const char *domain)
+{
+	user = user ? user : "";
+	domain = domain ? domain : "";
+
+	if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) {
+		if ((lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) ||
+		    (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) {
+			DEBUG(3,("No such user %s [%s] - using guest account\n",
+				 user, domain));
+			status = make_server_info_guest(NULL, server_info);
+		}
+	}
+
+	if (NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
+		if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD) {
+			DEBUG(3,("Registered username %s for guest access\n",
+				user));
+			status = make_server_info_guest(NULL, server_info);
+		}
+	}
+
+	return status;
+}
diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index d51a3e6444d..f2b7875997c 100644
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -214,6 +214,10 @@ NTSTATUS make_user_info(struct auth_usersupplied_info **ret_user_info,
 			enum auth_password_state password_state);
 void free_user_info(struct auth_usersupplied_info **user_info);
 
+NTSTATUS do_map_to_guest_server_info(NTSTATUS status,
+				     struct auth_serversupplied_info **server_info,
+				     const char *user, const char *domain);
+
 /* The following definitions come from auth/auth_winbind.c  */
 
 NTSTATUS auth_winbind_init(void);
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 2df8b435e56..329b8b6aa52 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -46,68 +46,6 @@ struct pending_auth_data {
 	DATA_BLOB partial_data;
 };
 
-/*
-  on a logon error possibly map the error to success if "map to guest"
-  is set approriately
-*/
-static NTSTATUS do_map_to_guest_server_info(NTSTATUS status,
-					    struct auth_serversupplied_info **server_info,
-					    const char *user, const char *domain)
-{
-	user = user ? user : "";
-	domain = domain ? domain : "";
-
-	if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) {
-		if ((lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) ||
-		    (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) {
-			DEBUG(3,("No such user %s [%s] - using guest account\n",
-				 user, domain));
-			status = make_server_info_guest(NULL, server_info);
-		}
-	}
-
-	if (NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
-		if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD) {
-			DEBUG(3,("Registered username %s for guest access\n",
-				user));
-			status = make_server_info_guest(NULL, server_info);
-		}
-	}
-
-	return status;
-}
-
-/*
-  on a logon error possibly map the error to success if "map to guest"
-  is set approriately
-*/
-NTSTATUS do_map_to_guest(NTSTATUS status,
-			struct auth_session_info **session_info,
-			const char *user, const char *domain)
-{
-	user = user ? user : "";
-	domain = domain ? domain : "";
-
-	if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) {
-		if ((lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) ||
-		    (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) {
-			DEBUG(3,("No such user %s [%s] - using guest account\n",
-				 user, domain));
-			status = make_session_info_guest(NULL, session_info);
-		}
-	}
-
-	if (NT_STATUS_EQUAL(status, NT_STATUS_WRONG_PASSWORD)) {
-		if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD) {
-			DEBUG(3,("Registered username %s for guest access\n",
-				user));
-			status = make_session_info_guest(NULL, session_info);
-		}
-	}
-
-	return status;
-}
-
 /****************************************************************************
  Add the standard 'Samba' signature to the end of the session setup.
 ****************************************************************************/
@@ -494,15 +432,6 @@ static void reply_spnego_ntlmssp(struct smb_request *req,
 	if (NT_STATUS_IS_OK(nt_status)) {
 		nt_status = auth_ntlmssp_steal_session_info(talloc_tos(),
 					(*auth_ntlmssp_state), &session_info);
-	} else {
-		/* Note that this session_info won't have a session
-		 * key.  But for map to guest, that's exactly the right
-		 * thing - we can't reasonably guess the key the
-		 * client wants, as the password was wrong */
-		nt_status = do_map_to_guest(nt_status,
-					    &session_info,
-					    auth_ntlmssp_get_username(*auth_ntlmssp_state),
-					    auth_ntlmssp_get_domain(*auth_ntlmssp_state));
 	}
 
 	reply_outbuf(req, 4, 0);
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 7a839532564..511df8639dd 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -151,26 +151,6 @@ static int smbd_smb2_session_destructor(struct smbd_smb2_session *session)
 	return 0;
 }
 
-static NTSTATUS setup_ntlmssp_session_info(struct smbd_smb2_session *session,
-				NTSTATUS status)
-{
-	if (NT_STATUS_IS_OK(status)) {
-		status = auth_ntlmssp_steal_session_info(session,
-				session->auth_ntlmssp_state,
-				&session->session_info);
-	} else {
-		/* Note that this session_info won't have a session
-		 * key.  But for map to guest, that's exactly the right
-		 * thing - we can't reasonably guess the key the
-		 * client wants, as the password was wrong */
-		status = do_map_to_guest(status,
-			&session->session_info,
-			auth_ntlmssp_get_username(session->auth_ntlmssp_state),
-			auth_ntlmssp_get_domain(session->auth_ntlmssp_state));
-	}
-	return status;
-}
-
 #ifdef HAVE_KRB5
 static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session,
 					struct smbd_smb2_request *smb2req,
@@ -606,11 +586,12 @@ static NTSTATUS smbd_smb2_spnego_auth(struct smbd_smb2_session *session,
 	status = auth_ntlmssp_update(session->auth_ntlmssp_state,
 				     auth,
 				     &auth_out);
-	/* We need to call setup_ntlmssp_session_info() if status==NT_STATUS_OK,
-	   or if status is anything except NT_STATUS_MORE_PROCESSING_REQUIRED,
-	   as this can trigger map to guest. */
-	if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
-		status = setup_ntlmssp_session_info(session, status);
+	/* If status is NT_STATUS_OK then we need to get the token.
+	 * Map to guest is now internal to auth_ntlmssp */
+	if (NT_STATUS_IS_OK(status)) {
+		status = auth_ntlmssp_steal_session_info(session,
+				session->auth_ntlmssp_state,
+				&session->session_info);
 	}
 
 	if (!NT_STATUS_IS_OK(status) &&
@@ -689,7 +670,9 @@ static NTSTATUS smbd_smb2_raw_ntlmssp_auth(struct smbd_smb2_session *session,
 		return status;
 	}
 
-	status = setup_ntlmssp_session_info(session, status);
+	status = auth_ntlmssp_steal_session_info(session,
+						 session->auth_ntlmssp_state,
+						 &session->session_info);
 
 	if (!NT_STATUS_IS_OK(status)) {
 		TALLOC_FREE(session->auth_ntlmssp_state);