diff options
author | Andrew Bartlett <abartlet@samba.org> | 2007-05-25 05:19:02 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:52:53 -0500 |
commit | 79d3f82f3383fd4e09d3fd1fefdc45cf53fdb5c1 (patch) | |
tree | 0010cfef2b904da669e888248adb0112087b8cae /source4/auth/auth_util.c | |
parent | d875b7d620c1007f38fb886cb8d5342a2d261585 (diff) | |
download | samba-79d3f82f3383fd4e09d3fd1fefdc45cf53fdb5c1.tar.gz samba-79d3f82f3383fd4e09d3fd1fefdc45cf53fdb5c1.tar.bz2 samba-79d3f82f3383fd4e09d3fd1fefdc45cf53fdb5c1.zip |
r23132: Resolve an issue where we would use the ccache after we free()ed it.
The problem was, we would set the ccache, then invalidate it as we set
details from it (like the principal name from the ccache).
Instead, set the ccache onto the credentials structure after we are
done processing it.
Andrew Bartlett
(This used to be commit d285bd927c604d930fc44cc84ef3321aa4ce9d9a)
Diffstat (limited to 'source4/auth/auth_util.c')
-rw-r--r-- | source4/auth/auth_util.c | 34 |
1 files changed, 30 insertions, 4 deletions
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index d4a2fa93e8..649928ac9b 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -581,8 +581,9 @@ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx) return session_info; } -NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, - struct auth_session_info **_session_info) +static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx, + BOOL anonymous_credentials, + struct auth_session_info **_session_info) { NTSTATUS nt_status; struct auth_serversupplied_info *server_info = NULL; @@ -609,7 +610,7 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, cli_credentials_set_conf(session_info->credentials); - if (lp_parm_bool(-1,"system","anonymous", False)) { + if (anonymous_credentials) { cli_credentials_set_anonymous(session_info->credentials); } else { cli_credentials_set_machine_account_pending(session_info->credentials); @@ -619,11 +620,36 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, return NT_STATUS_OK; } +_PUBLIC_ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, + struct auth_session_info **_session_info) +{ + return _auth_system_session_info(parent_ctx, lp_parm_bool(-1,"system","anonymous", False), + _session_info); +} + +/* + Create a system session, with machine account credentials +*/ _PUBLIC_ struct auth_session_info *system_session(TALLOC_CTX *mem_ctx) { NTSTATUS nt_status; struct auth_session_info *session_info = NULL; - nt_status = auth_system_session_info(mem_ctx, &session_info); + nt_status = auth_system_session_info(mem_ctx, + &session_info); + if (!NT_STATUS_IS_OK(nt_status)) { + return NULL; + } + return session_info; +} + +/* + Create a system session, but with anonymous credentials (so we do not need to open secrets.ldb) +*/ +_PUBLIC_ struct auth_session_info *system_session_anon(TALLOC_CTX *mem_ctx) +{ + NTSTATUS nt_status; + struct auth_session_info *session_info = NULL; + nt_status = _auth_system_session_info(mem_ctx, False, &session_info); if (!NT_STATUS_IS_OK(nt_status)) { return NULL; } |