From 6d741e918f145c6ec62c22358aabc8162db108fd Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 15 Jul 2011 14:59:14 +1000 Subject: s3-auth Use *unix_token rather than utok in struct auth3_session_info This brings this structure one step closer to the struct auth_session_info. A few SMB_ASSERT calls are added in some key places to ensure that this pointer is initialised, to make tracing any bugs here easier in future. NOTE: Many of the users of this structure should be reviewed, as unix and NT access checks are mixed in a way that should just be done using the NT ACL. This patch has not changed this behaviour however. Andrew Bartlett Signed-off-by: Andrew Tridgell --- source3/printing/nt_printing.c | 4 ++-- source3/printing/printing.c | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/printing') diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index dc3654c63f..0023515bb1 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1737,7 +1737,7 @@ bool print_access_check(const struct auth3_session_info *session_info, /* Always allow root or SE_PRINT_OPERATROR to do anything */ - if (session_info->utok.uid == sec_initial_uid() + if (session_info->unix_token->uid == sec_initial_uid() || security_token_has_privilege(session_info->security_token, SEC_PRIV_PRINT_OPERATOR)) { return True; } @@ -1802,7 +1802,7 @@ bool print_access_check(const struct auth3_session_info *session_info, /* see if we need to try the printer admin list */ if (!NT_STATUS_IS_OK(status) && - (token_contains_name_in_list(uidtoname(session_info->utok.uid), + (token_contains_name_in_list(uidtoname(session_info->unix_token->uid), session_info->info3->base.domain.string, NULL, session_info->security_token, lp_printer_admin(snum)))) { diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 31d558c791..50ef75b8ef 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -2282,7 +2282,7 @@ WERROR print_job_delete(const struct auth3_session_info *server_info, sys_adminlog( LOG_ERR, "Permission denied-- user not allowed to delete, \ pause, or resume print job. User name: %s. Printer name: %s.", - uidtoname(server_info->utok.uid), + uidtoname(server_info->unix_token->uid), lp_printername(snum) ); /* END_ADMIN_LOG */ @@ -2359,7 +2359,7 @@ bool print_job_pause(const struct auth3_session_info *server_info, sys_adminlog( LOG_ERR, "Permission denied-- user not allowed to delete, \ pause, or resume print job. User name: %s. Printer name: %s.", - uidtoname(server_info->utok.uid), + uidtoname(server_info->unix_token->uid), lp_printername(snum) ); /* END_ADMIN_LOG */ @@ -2425,7 +2425,7 @@ bool print_job_resume(const struct auth3_session_info *server_info, sys_adminlog( LOG_ERR, "Permission denied-- user not allowed to delete, \ pause, or resume print job. User name: %s. Printer name: %s.", - uidtoname(server_info->utok.uid), + uidtoname(server_info->unix_token->uid), lp_printername(snum) ); /* END_ADMIN_LOG */ return False; @@ -2841,7 +2841,7 @@ WERROR print_job_start(const struct auth3_session_info *server_info, fstrcpy(pjob.user, lp_printjob_username(snum)); standard_sub_advanced(sharename, server_info->sanitized_username, - path, server_info->utok.gid, + path, server_info->unix_token->gid, server_info->sanitized_username, server_info->info3->base.domain.string, pjob.user, sizeof(pjob.user)-1); -- cgit