diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2010-12-21 10:19:53 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-12-21 15:10:38 +1100 |
| commit | 1961d7a4119200b8a4ad7b0207e0cdcf2e10d3f8 (patch) | |
| tree | 3a481279183723fdbc3a33977d7bf43196d1b80b /source4/auth/session.c | |
| parent | 94a59b781ccc5a552a9141484740255977db4637 (diff) | |
| download | samba-1961d7a4119200b8a4ad7b0207e0cdcf2e10d3f8.tar.gz samba-1961d7a4119200b8a4ad7b0207e0cdcf2e10d3f8.tar.bz2 samba-1961d7a4119200b8a4ad7b0207e0cdcf2e10d3f8.zip | |
s4-auth rework session_info handling not to require an auth context
This reverts a previous move to have this based around the auth
subsystem, which just spread auth deps all over unrelated code.
Andrew Bartlett
Diffstat (limited to 'source4/auth/session.c')
| -rw-r--r-- | source4/auth/session.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/source4/auth/session.c b/source4/auth/session.c index bb6a5946e5..1028aa8320 100644 --- a/source4/auth/session.c +++ b/source4/auth/session.c @@ -41,7 +41,8 @@ _PUBLIC_ struct auth_session_info *anonymous_session(TALLOC_CTX *mem_ctx, } _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, - struct auth_context *auth_context, /* Optional if the domain SID is in the NT AUTHORITY domain */ + struct loadparm_context *lp_ctx, /* Optional, if you don't want privilages */ + struct ldb_context *sam_ctx, /* Optional, if you don't want local groups */ struct auth_serversupplied_info *server_info, uint32_t session_info_flags, struct auth_session_info **_session_info) @@ -83,7 +84,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, /* Don't expand nested groups of system, anonymous etc*/ } else if (dom_sid_equal(system_sid, server_info->account_sid)) { /* Don't expand nested groups of system, anonymous etc*/ - } else if (auth_context) { + } else if (sam_ctx) { groupSIDs = talloc_array(tmp_ctx, struct dom_sid *, server_info->n_domain_groups); NT_STATUS_HAVE_NO_MEMORY_AND_FREE(groupSIDs, tmp_ctx); if (!groupSIDs) { @@ -119,7 +120,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, account_sid_blob = data_blob_string_const(account_sid_dn); - nt_status = authsam_expand_nested_groups(auth_context->sam_ctx, &account_sid_blob, true, filter, + nt_status = authsam_expand_nested_groups(sam_ctx, &account_sid_blob, true, filter, tmp_ctx, &groupSIDs, &num_groupSIDs); if (!NT_STATUS_IS_OK(nt_status)) { talloc_free(tmp_ctx); @@ -143,7 +144,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, primary_group_blob = data_blob_string_const(primary_group_dn); - nt_status = authsam_expand_nested_groups(auth_context->sam_ctx, &primary_group_blob, true, filter, + nt_status = authsam_expand_nested_groups(sam_ctx, &primary_group_blob, true, filter, tmp_ctx, &groupSIDs, &num_groupSIDs); if (!NT_STATUS_IS_OK(nt_status)) { talloc_free(tmp_ctx); @@ -167,7 +168,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, /* This function takes in memberOf values and expands * them, as long as they meet the filter - so only * builtin groups */ - nt_status = authsam_expand_nested_groups(auth_context->sam_ctx, &group_blob, true, filter, + nt_status = authsam_expand_nested_groups(sam_ctx, &group_blob, true, filter, tmp_ctx, &groupSIDs, &num_groupSIDs); if (!NT_STATUS_IS_OK(nt_status)) { talloc_free(tmp_ctx); @@ -177,7 +178,7 @@ _PUBLIC_ NTSTATUS auth_generate_session_info(TALLOC_CTX *mem_ctx, } nt_status = security_token_create(session_info, - auth_context ? auth_context->lp_ctx : NULL, + lp_ctx, server_info->account_sid, server_info->primary_group_sid, num_groupSIDs, |