From 6d741e918f145c6ec62c22358aabc8162db108fd Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 15 Jul 2011 14:59:14 +1000
Subject: s3-auth Use *unix_token rather than utok in struct auth3_session_info

This brings this structure one step closer to the struct auth_session_info.

A few SMB_ASSERT calls are added in some key places to ensure that
this pointer is initialised, to make tracing any bugs here easier in
future.

NOTE: Many of the users of this structure should be reviewed, as unix
and NT access checks are mixed in a way that should just be done using
the NT ACL.  This patch has not changed this behaviour however.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
---
 source3/rpc_server/lsa/srv_lsa_nt.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'source3/rpc_server/lsa')

diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
index 2342a0e8aa..fa018b424f 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -434,7 +434,7 @@ NTSTATUS _lsa_OpenPolicy2(struct pipes_struct *p,
 
 	/* Work out max allowed. */
 	map_max_allowed_access(p->session_info->security_token,
-			       &p->session_info->utok,
+			       p->session_info->unix_token,
 			       &des_access);
 
 	/* map the generic bits to the lsa policy ones */
@@ -1504,7 +1504,7 @@ static NTSTATUS _lsa_OpenTrustedDomain_base(struct pipes_struct *p,
 
 	/* Work out max allowed. */
 	map_max_allowed_access(p->session_info->security_token,
-			       &p->session_info->utok,
+			       p->session_info->unix_token,
 			       &access_mask);
 
 	/* map the generic bits to the lsa account ones */
@@ -1701,14 +1701,14 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p,
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	if (p->session_info->utok.uid != sec_initial_uid() &&
+	if (p->session_info->unix_token->uid != sec_initial_uid() &&
 	    !nt_token_check_domain_rid(p->session_info->security_token, DOMAIN_RID_ADMINS)) {
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
 	/* Work out max allowed. */
 	map_max_allowed_access(p->session_info->security_token,
-			       &p->session_info->utok,
+			       p->session_info->unix_token,
 			       &r->in.access_mask);
 
 	/* map the generic bits to the lsa policy ones */
@@ -2466,7 +2466,7 @@ NTSTATUS _lsa_CreateAccount(struct pipes_struct *p,
 
 	/* Work out max allowed. */
 	map_max_allowed_access(p->session_info->security_token,
-			       &p->session_info->utok,
+			       p->session_info->unix_token,
 			       &r->in.access_mask);
 
 	/* map the generic bits to the lsa policy ones */
@@ -2530,7 +2530,7 @@ NTSTATUS _lsa_OpenAccount(struct pipes_struct *p,
 
 	/* Work out max allowed. */
 	map_max_allowed_access(p->session_info->security_token,
-			       &p->session_info->utok,
+			       p->session_info->unix_token,
 			       &des_access);
 
 	/* map the generic bits to the lsa account ones */
-- 
cgit