summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/smbd/smb2_sesssetup.c83
1 files changed, 8 insertions, 75 deletions
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 89f9ffe3ec..e025f98121 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -233,83 +233,16 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session,
/* reload services so that the new %U is taken into account */
reload_services(smb2req->sconn->msg_ctx, smb2req->sconn->sock, true);
- if (map_domainuser_to_guest) {
- status = make_server_info_guest(session,
- &session->server_info);
- if (!NT_STATUS_IS_OK(status) ) {
- DEBUG(1,("smb2: make_server_info_guest failed: %s!\n",
- nt_errstr(status)));
- goto fail;
- }
-
- } else if (logon_info) {
- /* pass the unmapped username here since map_username()
- will be called again in make_server_info_info3() */
-
- status = make_server_info_info3(session,
- user, domain,
- &session->server_info,
- &logon_info->info3);
- if (!NT_STATUS_IS_OK(status) ) {
- DEBUG(1,("smb2: make_server_info_info3 failed: %s!\n",
- nt_errstr(status)));
- goto fail;
- }
-
- } else {
- /*
- * We didn't get a PAC, we have to make up the user
- * ourselves. Try to ask the pdb backend to provide
- * SID consistency with ntlmssp session setup
- */
- struct samu *sampass;
- /* The stupid make_server_info_XX functions here
- don't take a talloc context. */
- struct auth_serversupplied_info *tmp_server_info = NULL;
-
- sampass = samu_new(talloc_tos());
- if (sampass == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
-
- if (pdb_getsampwnam(sampass, real_username)) {
- DEBUG(10, ("smb2: found user %s in passdb, calling "
- "make_server_info_sam\n", real_username));
- status = make_server_info_sam(&tmp_server_info, sampass);
- TALLOC_FREE(sampass);
- } else {
- /*
- * User not in passdb, make it up artificially
- */
- TALLOC_FREE(sampass);
- DEBUG(10, ("smb2: didn't find user %s in passdb, calling "
- "make_server_info_pw\n", real_username));
- status = make_server_info_pw(&tmp_server_info,
- real_username, pw);
- }
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(1,("smb2: make_server_info_[sam|pw] failed: %s!\n",
- nt_errstr(status)));
- goto fail;
- }
-
- /* Steal tmp_server_info into the session->server_info
- pointer. */
- session->server_info = talloc_move(session, &tmp_server_info);
-
- /* make_server_info_pw does not set the domain. Without this
- * we end up with the local netbios name in substitutions for
- * %D. */
-
- if (session->server_info->info3 != NULL) {
- session->server_info->info3->base.domain.string =
- talloc_strdup(session->server_info->info3, domain);
- }
-
+ status = make_server_info_krb5(session,
+ user, domain, real_username, pw,
+ logon_info, map_domainuser_to_guest,
+ &session->server_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("smb2: make_server_info_krb5 failed\n"));
+ goto fail;
}
+
session->server_info->nss_token |= username_was_mapped;
/* we need to build the token for the user. make_server_info_guest()