diff options
| author | Stefan Metzmacher <metze@samba.org> | 2016-04-20 16:29:42 +0200 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2016-04-29 12:06:26 +0200 |
| commit | 4b5e95a9894b8c5bf2a7243ba4f3190a2f5cc5d2 (patch) | |
| tree | 71569cebe7b2f8d4ecf16ee2849c79bea6de78fa | |
| parent | 5f10f25f8e384da8fc89183216ba7a171ff88d28 (diff) | |
| download | samba-4b5e95a9894b8c5bf2a7243ba4f3190a2f5cc5d2.tar.gz | |
libcli/security: implement SECURITY_GUEST
SECURITY_GUEST is not exactly the same as SECURITY_ANONYMOUS.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
(cherry picked from commit 837e6176329330893d5a1e4ce4ac67dbac758e56)
| -rw-r--r-- | libcli/security/security_token.c | 5 | ||||
| -rw-r--r-- | libcli/security/security_token.h | 2 | ||||
| -rw-r--r-- | libcli/security/session.c | 4 | ||||
| -rw-r--r-- | libcli/security/session.h | 1 |
4 files changed, 12 insertions, 0 deletions
diff --git a/libcli/security/security_token.c b/libcli/security/security_token.c index 6812d42ba01..2e5a87be504 100644 --- a/libcli/security/security_token.c +++ b/libcli/security/security_token.c @@ -130,6 +130,11 @@ bool security_token_has_sid_string(const struct security_token *token, const cha return ret; } +bool security_token_has_builtin_guests(const struct security_token *token) +{ + return security_token_has_sid(token, &global_sid_Builtin_Guests); +} + bool security_token_has_builtin_administrators(const struct security_token *token) { return security_token_has_sid(token, &global_sid_Builtin_Administrators); diff --git a/libcli/security/security_token.h b/libcli/security/security_token.h index b8ca990035c..5c5b30bac1c 100644 --- a/libcli/security/security_token.h +++ b/libcli/security/security_token.h @@ -51,6 +51,8 @@ bool security_token_has_sid(const struct security_token *token, const struct dom bool security_token_has_sid_string(const struct security_token *token, const char *sid_string); +bool security_token_has_builtin_guests(const struct security_token *token); + bool security_token_has_builtin_administrators(const struct security_token *token); bool security_token_has_nt_authenticated_users(const struct security_token *token); diff --git a/libcli/security/session.c b/libcli/security/session.c index 0c32556fa44..0fbb87d584e 100644 --- a/libcli/security/session.c +++ b/libcli/security/session.c @@ -38,6 +38,10 @@ enum security_user_level security_session_user_level(struct auth_session_info *s return SECURITY_ANONYMOUS; } + if (security_token_has_builtin_guests(session_info->security_token)) { + return SECURITY_GUEST; + } + if (security_token_has_builtin_administrators(session_info->security_token)) { return SECURITY_ADMINISTRATOR; } diff --git a/libcli/security/session.h b/libcli/security/session.h index ee9187d2c9b..31e950ed449 100644 --- a/libcli/security/session.h +++ b/libcli/security/session.h @@ -24,6 +24,7 @@ enum security_user_level { SECURITY_ANONYMOUS = 0, + SECURITY_GUEST = 1, SECURITY_USER = 10, SECURITY_RO_DOMAIN_CONTROLLER = 20, SECURITY_DOMAIN_CONTROLLER = 30, |