Author: abartlet
Date: 2004-08-12 06:58:10 +0000 (Thu, 12 Aug 2004)
New Revision: 1762
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/&rev=1762&nolog=1
Log:
Ensure that a user (as opposed to guest) cannot login without SPNEGO,
when we have negotiated SPNEGO.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/smb_server/sesssetup.c
Changeset:
Modified: branches/SAMBA_4_0/source/smb_server/sesssetup.c
===================================================================
--- branches/SAMBA_4_0/source/smb_server/sesssetup.c 2004-08-12 06:37:12 UTC (rev
1761)
+++ branches/SAMBA_4_0/source/smb_server/sesssetup.c 2004-08-12 06:58:10 UTC (rev
1762)
@@ -106,16 +106,18 @@
if (req->smb_conn->negotiate.spnego_negotiated) {
struct auth_context *auth_context;
+ if (sess->nt1.in.user && *sess->nt1.in.user) {
+ return NT_STATUS_ACCESS_DENIED;
+ } else {
+ make_user_info_guest(&user_info);
+ }
+
status = make_auth_context_subsystem(&auth_context);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- if (!sess->nt1.in.user || !*sess->nt1.in.user) {
- make_user_info_guest(&user_info);
- }
-
status = auth_context->check_ntlm_password(auth_context,
user_info,
&server_info);
