diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2004-10-29 09:58:23 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:05:01 -0500 |
| commit | 9a09b41b013e957fb7ce9cd644ac1f6d1fd26528 (patch) | |
| tree | 7b5af7af2c8b201f46921d72ffbbb64c1c7d301b | |
| parent | 757215dc8b417765b74a824dd2744957274efd01 (diff) | |
| download | samba-9a09b41b013e957fb7ce9cd644ac1f6d1fd26528.tar.gz samba-9a09b41b013e957fb7ce9cd644ac1f6d1fd26528.tar.bz2 samba-9a09b41b013e957fb7ce9cd644ac1f6d1fd26528.zip | |
r3365: Fill in the user and primary group SIDs into the 'server info' before
the session info.
Andrew Bartlett
(This used to be commit 5db5c30ebedca1fee8924a9416bcb94ed13af372)
| -rw-r--r-- | source4/libcli/auth/gensec_krb5.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c index 1ce05b519e..ea70b471e5 100644 --- a/source4/libcli/auth/gensec_krb5.c +++ b/source4/libcli/auth/gensec_krb5.c @@ -616,8 +616,8 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security *session_info_out = NULL; - /* IF we have the PAC - otherwise (TODO) we need to get this - * data from elsewere - local ldb, or lookup of some + /* IF we have the PAC - otherwise we need to get this + * data from elsewere - local ldb, or (TODO) lookup of some * kind... */ principal = talloc_strdup(gensec_krb5_state, gensec_krb5_state->peer_principal); @@ -666,14 +666,17 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security } - sid = dom_sid_dup(session_info, logon_info->dom_sid); - ptoken->user_sids[0] = dom_sid_add_rid(session_info, sid, logon_info->user_rid); + sid = dom_sid_dup(server_info, logon_info->dom_sid); + server_info->user_sid = dom_sid_add_rid(server_info, sid, logon_info->user_rid); + sid = dom_sid_dup(server_info, logon_info->dom_sid); + server_info->primary_group_sid = dom_sid_add_rid(server_info, sid, logon_info->group_rid); + + ptoken->user_sids[0] = talloc_reference(session_info, server_info->user_sid); ptoken->num_sids++; - sid = dom_sid_dup(session_info, logon_info->dom_sid); - ptoken->user_sids[1] = dom_sid_add_rid(session_info, sid, logon_info->group_rid); + ptoken->user_sids[1] = talloc_reference(session_info, server_info->primary_group_sid); ptoken->num_sids++; - - for (;ptoken->num_sids < logon_info->groups_count; ptoken->num_sids++) { + + for (;ptoken->num_sids < (logon_info->groups_count + 2); ptoken->num_sids++) { sid = dom_sid_dup(session_info, logon_info->dom_sid); ptoken->user_sids[ptoken->num_sids] = dom_sid_add_rid(session_info, sid, |