diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-07-15 14:59:14 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-07-20 09:17:10 +1000 |
| commit | 6d741e918f145c6ec62c22358aabc8162db108fd (patch) | |
| tree | 4d562524b2ff71892911331d707e23045984b0d3 /source3/smbd/uid.c | |
| parent | f16d8f4eb86ecc4741c25e5ed87b2ea4c6717a31 (diff) | |
| download | samba-6d741e918f145c6ec62c22358aabc8162db108fd.tar.gz samba-6d741e918f145c6ec62c22358aabc8162db108fd.tar.bz2 samba-6d741e918f145c6ec62c22358aabc8162db108fd.zip | |
s3-auth Use *unix_token rather than utok in struct auth3_session_info
This brings this structure one step closer to the struct auth_session_info.
A few SMB_ASSERT calls are added in some key places to ensure that
this pointer is initialised, to make tracing any bugs here easier in
future.
NOTE: Many of the users of this structure should be reviewed, as unix
and NT access checks are mixed in a way that should just be done using
the NT ACL. This patch has not changed this behaviour however.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/smbd/uid.c')
| -rw-r--r-- | source3/smbd/uid.c | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 5d703e3a18..b6ea7674b1 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -178,7 +178,7 @@ static bool check_user_ok(connection_struct *conn, "Setting uid as %d\n", conn->session_info->unix_name, sec_initial_uid() )); - conn->session_info->utok.uid = sec_initial_uid(); + conn->session_info->unix_token->uid = sec_initial_uid(); } return(True); @@ -213,10 +213,10 @@ static bool change_to_user_internal(connection_struct *conn, return false; } - uid = conn->session_info->utok.uid; - gid = conn->session_info->utok.gid; - num_groups = conn->session_info->utok.ngroups; - group_list = conn->session_info->utok.groups; + uid = conn->session_info->unix_token->uid; + gid = conn->session_info->unix_token->gid; + num_groups = conn->session_info->unix_token->ngroups; + group_list = conn->session_info->unix_token->groups; /* * See if we should force group for this service. If so this overrides @@ -237,7 +237,7 @@ static bool change_to_user_internal(connection_struct *conn, */ for (i = 0; i < num_groups; i++) { if (group_list[i] == conn->force_group_gid) { - conn->session_info->utok.gid = + conn->session_info->unix_token->gid = conn->force_group_gid; gid = conn->force_group_gid; gid_to_sid(&conn->session_info->security_token @@ -246,7 +246,7 @@ static bool change_to_user_internal(connection_struct *conn, } } } else { - conn->session_info->utok.gid = conn->force_group_gid; + conn->session_info->unix_token->gid = conn->force_group_gid; gid = conn->force_group_gid; gid_to_sid(&conn->session_info->security_token->sids[1], gid); @@ -296,13 +296,13 @@ bool change_to_user(connection_struct *conn, uint16_t vuid) */ if((lp_security() == SEC_SHARE) && (current_user.conn == conn) && - (current_user.ut.uid == conn->session_info->utok.uid)) { + (current_user.ut.uid == conn->session_info->unix_token->uid)) { DEBUG(4,("Skipping user change - already " "user\n")); return(True); } else if ((current_user.conn == conn) && (vuser != NULL) && (current_user.vuid == vuid) && - (current_user.ut.uid == vuser->session_info->utok.uid)) { + (current_user.ut.uid == vuser->session_info->unix_token->uid)) { DEBUG(4,("Skipping user change - already " "user\n")); return(True); @@ -334,7 +334,7 @@ bool change_to_user_by_session(connection_struct *conn, SMB_ASSERT(session_info != NULL); if ((current_user.conn == conn) && - (current_user.ut.uid == session_info->utok.uid)) { + (current_user.ut.uid == session_info->unix_token->uid)) { DEBUG(7, ("Skipping user change - already user\n")); return true; @@ -372,8 +372,8 @@ bool become_authenticated_pipe_user(struct auth3_session_info *session_info) if (!push_sec_ctx()) return False; - set_sec_ctx(session_info->utok.uid, session_info->utok.gid, - session_info->utok.ngroups, session_info->utok.groups, + set_sec_ctx(session_info->unix_token->uid, session_info->unix_token->gid, + session_info->unix_token->ngroups, session_info->unix_token->groups, session_info->security_token); return True; @@ -512,7 +512,7 @@ bool unbecome_user(void) /**************************************************************************** Return the current user we are running effectively as on this connection. - I'd like to make this return conn->session_info->utok.uid, but become_root() + I'd like to make this return conn->session_info->unix_token->uid, but become_root() doesn't alter this value. ****************************************************************************/ @@ -523,7 +523,7 @@ uid_t get_current_uid(connection_struct *conn) /**************************************************************************** Return the current group we are running effectively as on this connection. - I'd like to make this return conn->session_info->utok.gid, but become_root() + I'd like to make this return conn->session_info->unix_token->gid, but become_root() doesn't alter this value. ****************************************************************************/ @@ -534,7 +534,7 @@ gid_t get_current_gid(connection_struct *conn) /**************************************************************************** Return the UNIX token we are running effectively as on this connection. - I'd like to make this return &conn->session_info->utok, but become_root() + I'd like to make this return &conn->session_info->unix_token-> but become_root() doesn't alter this value. ****************************************************************************/ |