summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-10-29 09:58:23 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:05:01 -0500
commit9a09b41b013e957fb7ce9cd644ac1f6d1fd26528 (patch)
tree7b5af7af2c8b201f46921d72ffbbb64c1c7d301b
parent757215dc8b417765b74a824dd2744957274efd01 (diff)
downloadsamba-9a09b41b013e957fb7ce9cd644ac1f6d1fd26528.tar.gz
samba-9a09b41b013e957fb7ce9cd644ac1f6d1fd26528.tar.bz2
samba-9a09b41b013e957fb7ce9cd644ac1f6d1fd26528.zip
r3365: Fill in the user and primary group SIDs into the 'server info' before
the session info. Andrew Bartlett (This used to be commit 5db5c30ebedca1fee8924a9416bcb94ed13af372)
-rw-r--r--source4/libcli/auth/gensec_krb5.c19
1 files changed, 11 insertions, 8 deletions
diff --git a/source4/libcli/auth/gensec_krb5.c b/source4/libcli/auth/gensec_krb5.c
index 1ce05b519e..ea70b471e5 100644
--- a/source4/libcli/auth/gensec_krb5.c
+++ b/source4/libcli/auth/gensec_krb5.c
@@ -616,8 +616,8 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
*session_info_out = NULL;
- /* IF we have the PAC - otherwise (TODO) we need to get this
- * data from elsewere - local ldb, or lookup of some
+ /* IF we have the PAC - otherwise we need to get this
+ * data from elsewere - local ldb, or (TODO) lookup of some
* kind... */
principal = talloc_strdup(gensec_krb5_state, gensec_krb5_state->peer_principal);
@@ -666,14 +666,17 @@ static NTSTATUS gensec_krb5_session_info(struct gensec_security *gensec_security
}
- sid = dom_sid_dup(session_info, logon_info->dom_sid);
- ptoken->user_sids[0] = dom_sid_add_rid(session_info, sid, logon_info->user_rid);
+ sid = dom_sid_dup(server_info, logon_info->dom_sid);
+ server_info->user_sid = dom_sid_add_rid(server_info, sid, logon_info->user_rid);
+ sid = dom_sid_dup(server_info, logon_info->dom_sid);
+ server_info->primary_group_sid = dom_sid_add_rid(server_info, sid, logon_info->group_rid);
+
+ ptoken->user_sids[0] = talloc_reference(session_info, server_info->user_sid);
ptoken->num_sids++;
- sid = dom_sid_dup(session_info, logon_info->dom_sid);
- ptoken->user_sids[1] = dom_sid_add_rid(session_info, sid, logon_info->group_rid);
+ ptoken->user_sids[1] = talloc_reference(session_info, server_info->primary_group_sid);
ptoken->num_sids++;
-
- for (;ptoken->num_sids < logon_info->groups_count; ptoken->num_sids++) {
+
+ for (;ptoken->num_sids < (logon_info->groups_count + 2); ptoken->num_sids++) {
sid = dom_sid_dup(session_info, logon_info->dom_sid);
ptoken->user_sids[ptoken->num_sids]
= dom_sid_add_rid(session_info, sid,