diff options
| author | Stefan Metzmacher <metze@samba.org> | 2016-04-27 01:48:32 +0200 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2016-04-28 16:51:17 +0200 |
| commit | ead483b0c0ec746c0869162024c97f2e08df7f4b (patch) | |
| tree | 5a49ad7d66101f3d8f769fe402def420ad3ddcba /source3/auth | |
| parent | d247dceaaab24b568425f2360e40f5e91be452cc (diff) | |
| download | samba-ead483b0c0ec746c0869162024c97f2e08df7f4b.tar.gz | |
s3:auth_builtin: anonymous authentication doesn't allow a password
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth_builtin.c | 47 |
1 files changed, 40 insertions, 7 deletions
diff --git a/source3/auth/auth_builtin.c b/source3/auth/auth_builtin.c index dce58bf8bfc..74807993cb7 100644 --- a/source3/auth/auth_builtin.c +++ b/source3/auth/auth_builtin.c @@ -38,17 +38,50 @@ static NTSTATUS check_guest_security(const struct auth_context *auth_context, const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info) { - /* mark this as 'not for me' */ - NTSTATUS nt_status = NT_STATUS_NOT_IMPLEMENTED; - DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name)); - if (!(user_info->mapped.account_name - && *user_info->mapped.account_name)) { - nt_status = make_server_info_guest(NULL, server_info); + if (user_info->mapped.account_name && *user_info->mapped.account_name) { + /* mark this as 'not for me' */ + return NT_STATUS_NOT_IMPLEMENTED; } - return nt_status; + switch (user_info->password_state) { + case AUTH_PASSWORD_PLAIN: + if (user_info->password.plaintext != NULL && + strlen(user_info->password.plaintext) > 0) + { + /* mark this as 'not for me' */ + return NT_STATUS_NOT_IMPLEMENTED; + } + break; + case AUTH_PASSWORD_HASH: + if (user_info->password.hash.lanman != NULL) { + /* mark this as 'not for me' */ + return NT_STATUS_NOT_IMPLEMENTED; + } + if (user_info->password.hash.nt != NULL) { + /* mark this as 'not for me' */ + return NT_STATUS_NOT_IMPLEMENTED; + } + break; + case AUTH_PASSWORD_RESPONSE: + if (user_info->password.response.lanman.length == 1) { + if (user_info->password.response.lanman.data[0] != '\0') { + /* mark this as 'not for me' */ + return NT_STATUS_NOT_IMPLEMENTED; + } + } else if (user_info->password.response.lanman.length > 1) { + /* mark this as 'not for me' */ + return NT_STATUS_NOT_IMPLEMENTED; + } + if (user_info->password.response.nt.length > 0) { + /* mark this as 'not for me' */ + return NT_STATUS_NOT_IMPLEMENTED; + } + break; + } + + return make_server_info_guest(NULL, server_info); } /* Guest modules initialisation */ |