summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_util.c38
1 files changed, 16 insertions, 22 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index a7fce46923..98884eaddb 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -641,39 +641,44 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
return NT_STATUS_OK;
}
-static NTSTATUS log_nt_token(TALLOC_CTX *tmp_ctx, NT_USER_TOKEN *token)
+static NTSTATUS log_nt_token(NT_USER_TOKEN *token)
{
+ TALLOC_CTX *frame = talloc_stackframe();
char *command;
char *group_sidstr;
size_t i;
if ((lp_log_nt_token_command() == NULL) ||
(strlen(lp_log_nt_token_command()) == 0)) {
+ TALLOC_FREE(frame);
return NT_STATUS_OK;
}
- group_sidstr = talloc_strdup(tmp_ctx, "");
+ group_sidstr = talloc_strdup(frame, "");
for (i=1; i<token->num_sids; i++) {
group_sidstr = talloc_asprintf(
- tmp_ctx, "%s %s", group_sidstr,
- sid_string_talloc(tmp_ctx, &token->user_sids[i]));
+ frame, "%s %s", group_sidstr,
+ sid_string_talloc(frame, &token->user_sids[i]));
}
command = talloc_string_sub(
- tmp_ctx, lp_log_nt_token_command(),
- "%s", sid_string_talloc(tmp_ctx, &token->user_sids[0]));
- command = talloc_string_sub(tmp_ctx, command, "%t", group_sidstr);
+ frame, lp_log_nt_token_command(),
+ "%s", sid_string_talloc(frame, &token->user_sids[0]));
+ command = talloc_string_sub(frame, command, "%t", group_sidstr);
if (command == NULL) {
+ TALLOC_FREE(frame);
return NT_STATUS_NO_MEMORY;
}
DEBUG(8, ("running command: [%s]\n", command));
if (smbrun(command, NULL) != 0) {
DEBUG(0, ("Could not log NT token\n"));
+ TALLOC_FREE(frame);
return NT_STATUS_ACCESS_DENIED;
}
+ TALLOC_FREE(frame);
return NT_STATUS_OK;
}
@@ -684,16 +689,8 @@ static NTSTATUS log_nt_token(TALLOC_CTX *tmp_ctx, NT_USER_TOKEN *token)
NTSTATUS create_local_token(auth_serversupplied_info *server_info)
{
- TALLOC_CTX *mem_ctx;
NTSTATUS status;
size_t i;
-
-
- mem_ctx = talloc_new(NULL);
- if (mem_ctx == NULL) {
- DEBUG(0, ("talloc_new failed\n"));
- return NT_STATUS_NO_MEMORY;
- }
/*
* If winbind is not around, we can not make much use of the SIDs the
@@ -710,7 +707,7 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info)
&server_info->utok.gid,
&server_info->unix_name,
&server_info->ptok);
-
+
} else {
server_info->ptok = create_local_nt_token(
server_info,
@@ -722,10 +719,9 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info)
}
if (!NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(mem_ctx);
return status;
}
-
+
/* Convert the SIDs to gids. */
server_info->utok.ngroups = 0;
@@ -746,12 +742,10 @@ NTSTATUS create_local_token(auth_serversupplied_info *server_info)
&server_info->utok.groups,
&server_info->utok.ngroups);
}
-
- debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok);
- status = log_nt_token(mem_ctx, server_info->ptok);
+ debug_nt_user_token(DBGC_AUTH, 10, server_info->ptok);
- TALLOC_FREE(mem_ctx);
+ status = log_nt_token(server_info->ptok);
return status;
}