diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-02-11 11:50:37 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-04-05 06:32:07 +1000 |
| commit | 17d8f0ad30847bb940f645ee1817d782ddaaee74 (patch) | |
| tree | 1f1547798f45e3da1f0fecece628b4b07a95c0ff /source3/smbd/smb2_sesssetup.c | |
| parent | 2ec48260ee377e499fe7f0fc2ca18b8a078c6aaa (diff) | |
| download | samba-17d8f0ad30847bb940f645ee1817d782ddaaee74.tar.gz samba-17d8f0ad30847bb940f645ee1817d782ddaaee74.tar.bz2 samba-17d8f0ad30847bb940f645ee1817d782ddaaee74.zip | |
s3-auth use create_local_token() to transform server_info -> session_info
Before a auth_serversupplied_info struct can be used for
authorization, the local groups and privileges must be calculated.
create_local_token() now copies the server_info, and then sets the
calulated token and unix groups.
Soon, it will also transform the result into an expanded struct
auth_session_info. Until then, the variable name (server_info vs
session_info provides a clue to the developer about what information
has been entered in the structure).
By moving the calls to create_local_token within the codebase, we
remove duplication, and ensure that the session key (where modified)
is consistently copied into the new structure.
Andrew Bartlett
Diffstat (limited to 'source3/smbd/smb2_sesssetup.c')
| -rw-r--r-- | source3/smbd/smb2_sesssetup.c | 23 |
1 files changed, 6 insertions, 17 deletions
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 3668ab8851..722e4c7705 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -236,11 +236,12 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, /* reload services so that the new %U is taken into account */ reload_services(smb2req->sconn->msg_ctx, smb2req->sconn->sock, true); - status = make_server_info_krb5(session, - user, domain, real_username, pw, - logon_info, map_domainuser_to_guest, - username_was_mapped, - &session->session_info); + status = make_session_info_krb5(session, + user, domain, real_username, pw, + logon_info, map_domainuser_to_guest, + username_was_mapped, + &session_key, + &session->session_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("smb2: make_server_info_krb5 failed\n")); goto fail; @@ -259,18 +260,6 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, session->do_signing = false; } - data_blob_free(&session->session_info->user_session_key); - session->session_info->user_session_key = - data_blob_talloc( - session->session_info, - session_key.data, - session_key.length); - if (session_key.length > 0) { - if (session->session_info->user_session_key.data == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - } session->session_key = session->session_info->user_session_key; session->compat_vuser = talloc_zero(session, user_struct); |