diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-02-10 21:04:01 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-04-04 19:48:58 +1000 |
| commit | 77e67163daaa670ee43ddbc4fd3fd3e8c3c38d49 (patch) | |
| tree | 6b9598e0bffaa21174076c61fa840bfa47591587 /source3/auth | |
| parent | 841d0bc9e81dbe56352ac8b12e63e8257963936e (diff) | |
| download | samba-77e67163daaa670ee43ddbc4fd3fd3e8c3c38d49.tar.gz samba-77e67163daaa670ee43ddbc4fd3fd3e8c3c38d49.tar.bz2 samba-77e67163daaa670ee43ddbc4fd3fd3e8c3c38d49.zip | |
s3-auth consolidate create_local_token() into make_server_info_krb5()
This ensures that all callers don't need to each add builtin groups
and privileges to the user's token
Andrew Bartlett
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/proto.h | 4 | ||||
| -rw-r--r-- | source3/auth/user_krb5.c | 12 |
2 files changed, 13 insertions, 3 deletions
diff --git a/source3/auth/proto.h b/source3/auth/proto.h index 88cc7074ed..3bf325e763 100644 --- a/source3/auth/proto.h +++ b/source3/auth/proto.h @@ -264,5 +264,5 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, char *username, struct passwd *pw, struct PAC_LOGON_INFO *logon_info, - bool mapped_to_guest, - struct auth_serversupplied_info **server_info); + bool mapped_to_guest, bool username_was_mapped, + struct auth_serversupplied_info **server_info); diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c index e52149afd7..1d87ccab79 100644 --- a/source3/auth/user_krb5.c +++ b/source3/auth/user_krb5.c @@ -185,7 +185,7 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, char *username, struct passwd *pw, struct PAC_LOGON_INFO *logon_info, - bool mapped_to_guest, + bool mapped_to_guest, bool username_was_mapped, struct auth_serversupplied_info **server_info) { NTSTATUS status; @@ -259,7 +259,17 @@ NTSTATUS make_server_info_krb5(TALLOC_CTX *mem_ctx, (*server_info)->info3->base.domain.string = talloc_strdup((*server_info)->info3, ntdomain); } + } + + (*server_info)->nss_token |= username_was_mapped; + if (!mapped_to_guest) { + status = create_local_token(*server_info); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10,("failed to create local token: %s\n", + nt_errstr(status))); + return status; + } } return NT_STATUS_OK; |