Enable total anonymization in vfs_smb_traffic_analyzer, by mapping

any user names to the one given by anonymize_prefix, without
generating a hash number. This setting is optional and is compatible
with the module configuration format of Samba 3.3.
(cherry picked from commit 4b17cca0557a086c5722c221a6e282bad4a2b40a)

diff --git a/docs-xml/manpages-3/vfs_smb_traffic_analyzer.8.xml b/docs-xml/manpages-3/vfs_smb_traffic_analyzer.8.xml
index a12f44babd4a69f6f423bb38c97b095e65c122c6..beb4f85ba85510e12717129f50b5b901331e83cc 100644 (file)
--- a/docs-xml/manpages-3/vfs_smb_traffic_analyzer.8.xml
+++ b/docs-xml/manpages-3/vfs_smb_traffic_analyzer.8.xml
@@ -117,6 +117,17 @@
                </listitem>
                </varlistentry>
 
+               <varlistentry>
+               <term>smb_traffic_analyzer:total_anonymization = STRING</term>
+               <listitem>
+               <para>If STRING matches to 'yes', the module will replace
+               any user name with the string given by the option 
+               smb_traffic_analyzer:anonymize_prefix, without generating
+               an additional hash number. This means that any transfer data
+               will be mapped to a single user, leading to a total 
+               anonymization of user related data.</para>
+               </listitem>
+               </varlistentry>
 
        </variablelist>
 </refsect1>

diff --git a/source/modules/vfs_smb_traffic_analyzer.c b/source/modules/vfs_smb_traffic_analyzer.c
index 10611cd0f56b9e2056eba4220135139450700f43..049bf16ed2f0df9751af253cc65d75456d45c2ec 100644 (file)
--- a/source/modules/vfs_smb_traffic_analyzer.c
+++ b/source/modules/vfs_smb_traffic_analyzer.c
@@ -165,6 +165,7 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle,
        char *str = NULL;
        const char *username = NULL;
        const char *anon_prefix = NULL;
+       const char *total_anonymization = NULL;
        size_t len;
 
        SMB_VFS_HANDLE_GET_DATA(handle, rf_sock, struct refcounted_sock, return);
@@ -185,13 +186,24 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle,
 
        /* check if anonymization is required */
 
+       total_anonymization=lp_parm_const_string(SNUM(handle->conn),"smb_traffic_analyzer",
+                                       "total_anonymization", NULL);
+
        anon_prefix=lp_parm_const_string(SNUM(handle->conn),"smb_traffic_analyzer",\
                                        "anonymize_prefix", NULL );
        if (anon_prefix!=NULL) {
-               username = talloc_asprintf(talloc_tos(),
-                       "%s%i",
-                       anon_prefix,
-                       str_checksum(get_current_username()));
+               if (total_anonymization!=NULL) {
+                       username = talloc_asprintf(talloc_tos(),
+                               "%s",
+                               anon_prefix);
+               } else {
+                       username = talloc_asprintf(talloc_tos(),
+                               "%s%i",
+                               anon_prefix,
+                               str_checksum(
+                                       handle->conn->server_info->sanitized_username ) ); 
+               }
+
        } else {
                username = get_current_username();
        }