summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-02-10 21:04:01 +1100
committerAndrew Bartlett <abartlet@samba.org>2011-04-04 19:48:58 +1000
commit77e67163daaa670ee43ddbc4fd3fd3e8c3c38d49 (patch)
tree6b9598e0bffaa21174076c61fa840bfa47591587 /source3/rpc_server
parent841d0bc9e81dbe56352ac8b12e63e8257963936e (diff)
downloadsamba-77e67163daaa670ee43ddbc4fd3fd3e8c3c38d49.tar.gz
samba-77e67163daaa670ee43ddbc4fd3fd3e8c3c38d49.tar.bz2
samba-77e67163daaa670ee43ddbc4fd3fd3e8c3c38d49.zip
s3-auth consolidate create_local_token() into make_server_info_krb5()
This ensures that all callers don't need to each add builtin groups and privileges to the user's token Andrew Bartlett
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/dcesrv_gssapi.c2
-rw-r--r--source3/rpc_server/srv_pipe.c10
2 files changed, 1 insertions, 11 deletions
diff --git a/source3/rpc_server/dcesrv_gssapi.c b/source3/rpc_server/dcesrv_gssapi.c
index f60f6ce245..a3007e4044 100644
--- a/source3/rpc_server/dcesrv_gssapi.c
+++ b/source3/rpc_server/dcesrv_gssapi.c
@@ -230,7 +230,7 @@ NTSTATUS gssapi_server_get_user_info(struct gse_context *gse_ctx,
status = make_server_info_krb5(mem_ctx,
ntuser, ntdomain, username, pw,
- logon_info, is_guest, server_info);
+ logon_info, is_guest, is_mapped, server_info);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to map kerberos pac to server info (%s)\n",
nt_errstr(status)));
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 73a34866b2..27a43f30f7 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -738,16 +738,6 @@ static NTSTATUS pipe_gssapi_verify_final(TALLOC_CTX *mem_ctx,
return status;
}
- if ((*session_info)->security_token == NULL) {
- status = create_local_token(*session_info);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1, ("Failed to create local user token (%s)\n",
- nt_errstr(status)));
- status = NT_STATUS_ACCESS_DENIED;
- return status;
- }
- }
-
/* TODO: this is what the ntlmssp code does with the session_key, check
* it is ok with gssapi too */
/*