This patch does a number of things, mostly smaller than they look :-)

In particuar, it moves the domain_client_validate stuff out of
auth_domain.c to somwhere where they (I hope) they can be shared
with winbind better.  (This may need some work)

The main purpose of this patch was however to improve some of the
internal documentation and to correctly place become_root()/unbecome_root()
calls within the code.

Finally this patch moves some more of auth.c into other files, auth_unix.c
in this case.

Andrew Bartlett
(This used to be commit ea1c547ac880def29f150de2172c95213509350e)

1 files changed, 5 insertions, 5 deletions

diff --git a/source3/smbd/auth_smbpasswd.c b/source3/smbd/auth_smbpasswd.c
index ce0b03d942..927a262dc6 100644
--- a/source3/smbd/auth_smbpasswd.c
+++ b/source3/smbd/auth_smbpasswd.c
@@ -208,7 +208,11 @@ uint32 check_smbpasswd_security(const auth_usersupplied_info *user_info, auth_se
 	pdb_init_sam(&sampass);
 
 	/* get the account information */
+
+	become_root();
 	ret = pdb_getsampwnam(sampass, user_info->smb_username.str);
+	unbecome_root();
+
 	if (ret == False)
 	{
 		DEBUG(1,("Couldn't find user '%s' in passdb file.\n", user_info->smb_username.str));
@@ -216,11 +220,7 @@ uint32 check_smbpasswd_security(const auth_usersupplied_info *user_info, auth_se
 		return(NT_STATUS_NO_SUCH_USER);
 	}
 
-	if ((nt_status = smb_password_ok(sampass, user_info, server_info)) != NT_STATUS_NOPROBLEMO)
-	{
-		pdb_free_sam(sampass);
-		return(nt_status);
-	}
+	nt_status = smb_password_ok(sampass, user_info, server_info);
 	
 	pdb_free_sam(sampass);
 	return nt_status;