s3-auth Rename cryptic 'ptok' to security_token

This will allow the auth_serversupplied_info struct to be migrated
to auth_session_info easier.

Adnrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

6 files changed, 26 insertions, 26 deletions

diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 9be2b3b746..9c343badd2 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -293,7 +293,7 @@ int register_existing_vuid(struct smbd_server_connection *sconn,
 		  "Real name: %s\n", vuser->server_info->unix_name,
 		  vuser->server_info->info3->base.full_name.string));
 
-	if (!vuser->server_info->ptok) {
+	if (!vuser->server_info->security_token) {
 		DEBUG(1, ("register_existing_vuid: server_info does not "
 			"contain a user_token - cannot continue\n"));
 		goto fail;
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index a58f17c070..dfe2c2141f 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -613,7 +613,7 @@ static NTSTATUS create_connection_server_info(struct smbd_server_connection *sco
                 } else {
                         if (!user_ok_token(vuid_serverinfo->unix_name,
 					   vuid_serverinfo->info3->base.domain.string,
-                                           vuid_serverinfo->ptok, snum)) {
+                                           vuid_serverinfo->security_token, snum)) {
                                 DEBUG(2, ("user '%s' (from session setup) not "
                                           "permitted to access this share "
                                           "(%s)\n",
@@ -782,7 +782,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
 
 		status = find_forced_group(
 			conn->force_user, snum, conn->server_info->unix_name,
-			&conn->server_info->ptok->sids[1],
+			&conn->server_info->security_token->sids[1],
 			&conn->server_info->utok.gid);
 
 		if (!NT_STATUS_IS_OK(status)) {
@@ -835,12 +835,12 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
 	{
 		bool can_write = False;
 
-		can_write = share_access_check(conn->server_info->ptok,
+		can_write = share_access_check(conn->server_info->security_token,
 					       lp_servicename(snum),
 					       FILE_WRITE_DATA);
 
 		if (!can_write) {
-			if (!share_access_check(conn->server_info->ptok,
+			if (!share_access_check(conn->server_info->security_token,
 						lp_servicename(snum),
 						FILE_READ_DATA)) {
 				/* No access, read or write. */
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 12d046038c..5a1776e698 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -384,7 +384,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
 	/* we need to build the token for the user. make_server_info_guest()
 	   already does this */
 
-	if ( !server_info->ptok ) {
+	if ( !server_info->security_token ) {
 		ret = create_local_token( server_info );
 		if ( !NT_STATUS_IS_OK(ret) ) {
 			DEBUG(10,("failed to create local token: %s\n",
@@ -1643,7 +1643,7 @@ void reply_sesssetup_and_X(struct smb_request *req)
 		return;
 	}
 
-	if (!server_info->ptok) {
+	if (!server_info->security_token) {
 		nt_status = create_local_token(server_info);
 
 		if (!NT_STATUS_IS_OK(nt_status)) {
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index e025f98121..7d029151bc 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -248,7 +248,7 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session,
 	/* we need to build the token for the user. make_server_info_guest()
 	   already does this */
 
-	if (!session->server_info->ptok ) {
+	if (!session->server_info->security_token ) {
 		status = create_local_token(session->server_info);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(10,("smb2: failed to create local token: %s\n",
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index ed8e9f5642..32c557826e 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -3356,7 +3356,7 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
 			 * in our list of SIDs.
 			 */
 			if (nt_token_check_sid(&global_sid_Builtin_Guests,
-					       conn->server_info->ptok)) {
+					       conn->server_info->security_token)) {
 				flags |= SMB_WHOAMI_GUEST;
 			}
 
@@ -3364,7 +3364,7 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
 			 * is in our list of SIDs.
 			 */
 			if (nt_token_check_sid(&global_sid_Authenticated_Users,
-					       conn->server_info->ptok)) {
+					       conn->server_info->security_token)) {
 				flags &= ~SMB_WHOAMI_GUEST;
 			}
 
@@ -3382,7 +3382,7 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
 			    + 4 /* pad/reserved */
 			    + (conn->server_info->utok.ngroups * 8)
 				/* groups list */
-			    + (conn->server_info->ptok->num_sids *
+			    + (conn->server_info->security_token->num_sids *
 				    SID_MAX_SIZE)
 				/* SID list */;
 
@@ -3407,16 +3407,16 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
 			}
 
 			SIVAL(pdata, 24, conn->server_info->utok.ngroups);
-			SIVAL(pdata, 28, conn->server_info->ptok->num_sids);
+			SIVAL(pdata, 28, conn->server_info->security_token->num_sids);
 
 			/* We walk the SID list twice, but this call is fairly
 			 * infrequent, and I don't expect that it's performance
 			 * sensitive -- jpeach
 			 */
 			for (i = 0, sid_bytes = 0;
-			     i < conn->server_info->ptok->num_sids; ++i) {
+			     i < conn->server_info->security_token->num_sids; ++i) {
 				sid_bytes += ndr_size_dom_sid(
-					&conn->server_info->ptok->sids[i],
+					&conn->server_info->security_token->sids[i],
 					0);
 			}
 
@@ -3436,13 +3436,13 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned
 
 			/* SID list */
 			for (i = 0;
-			    i < conn->server_info->ptok->num_sids; ++i) {
+			    i < conn->server_info->security_token->num_sids; ++i) {
 				int sid_len = ndr_size_dom_sid(
-					&conn->server_info->ptok->sids[i],
+					&conn->server_info->security_token->sids[i],
 					0);
 
 				sid_linearize(pdata + data_len, sid_len,
-				    &conn->server_info->ptok->sids[i]);
+				    &conn->server_info->security_token->sids[i]);
 				data_len += sid_len;
 			}
 
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index b573a6c920..87d85eff83 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -107,17 +107,17 @@ static bool check_user_ok(connection_struct *conn,
 
 	if (!user_ok_token(server_info->unix_name,
 			   server_info->info3->base.domain.string,
-			   server_info->ptok, snum))
+			   server_info->security_token, snum))
 		return(False);
 
 	readonly_share = is_share_read_only_for_token(
 		server_info->unix_name,
 		server_info->info3->base.domain.string,
-		server_info->ptok,
+		server_info->security_token,
 		conn);
 
 	if (!readonly_share &&
-	    !share_access_check(server_info->ptok, lp_servicename(snum),
+	    !share_access_check(server_info->security_token, lp_servicename(snum),
 				FILE_WRITE_DATA)) {
 		/* smb.conf allows r/w, but the security descriptor denies
 		 * write. Fall back to looking at readonly. */
@@ -126,7 +126,7 @@ static bool check_user_ok(connection_struct *conn,
 			 "security descriptor\n"));
 	}
 
-	if (!share_access_check(server_info->ptok, lp_servicename(snum),
+	if (!share_access_check(server_info->security_token, lp_servicename(snum),
 				readonly_share ?
 				FILE_READ_DATA : FILE_WRITE_DATA)) {
 		return False;
@@ -135,7 +135,7 @@ static bool check_user_ok(connection_struct *conn,
 	admin_user = token_contains_name_in_list(
 		server_info->unix_name,
 		server_info->info3->base.domain.string,
-		NULL, server_info->ptok, lp_admin_users(snum));
+		NULL, server_info->security_token, lp_admin_users(snum));
 
 	if (valid_vuid) {
 		struct vuid_cache_entry *ent =
@@ -327,7 +327,7 @@ bool change_to_user(connection_struct *conn, uint16 vuid)
 					conn->server_info->utok.gid =
 						conn->force_group_gid;
 					gid = conn->force_group_gid;
-					gid_to_sid(&conn->server_info->ptok
+					gid_to_sid(&conn->server_info->security_token
 						   ->sids[1], gid);
 					break;
 				}
@@ -335,7 +335,7 @@ bool change_to_user(connection_struct *conn, uint16 vuid)
 		} else {
 			conn->server_info->utok.gid = conn->force_group_gid;
 			gid = conn->force_group_gid;
-			gid_to_sid(&conn->server_info->ptok->sids[1],
+			gid_to_sid(&conn->server_info->security_token->sids[1],
 				   gid);
 		}
 	}
@@ -347,7 +347,7 @@ bool change_to_user(connection_struct *conn, uint16 vuid)
 	current_user.ut.groups  = group_list;
 
 	set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups,
-		    conn->server_info->ptok);
+		    conn->server_info->security_token);
 
 	current_user.conn = conn;
 	current_user.vuid = vuid;
@@ -389,7 +389,7 @@ bool become_authenticated_pipe_user(struct pipes_struct *p)
 
 	set_sec_ctx(p->server_info->utok.uid, p->server_info->utok.gid,
 		    p->server_info->utok.ngroups, p->server_info->utok.groups,
-		    p->server_info->ptok);
+		    p->server_info->security_token);
 
 	return True;
 }