From 17d8f0ad30847bb940f645ee1817d782ddaaee74 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 11 Feb 2011 11:50:37 +1100 Subject: s3-auth use create_local_token() to transform server_info -> session_info Before a auth_serversupplied_info struct can be used for authorization, the local groups and privileges must be calculated. create_local_token() now copies the server_info, and then sets the calulated token and unix groups. Soon, it will also transform the result into an expanded struct auth_session_info. Until then, the variable name (server_info vs session_info provides a clue to the developer about what information has been entered in the structure). By moving the calls to create_local_token within the codebase, we remove duplication, and ensure that the session key (where modified) is consistently copied into the new structure. Andrew Bartlett --- source3/smbd/smb2_sesssetup.c | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) (limited to 'source3/smbd/smb2_sesssetup.c') diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 3668ab8851..722e4c7705 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -236,11 +236,12 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, /* reload services so that the new %U is taken into account */ reload_services(smb2req->sconn->msg_ctx, smb2req->sconn->sock, true); - status = make_server_info_krb5(session, - user, domain, real_username, pw, - logon_info, map_domainuser_to_guest, - username_was_mapped, - &session->session_info); + status = make_session_info_krb5(session, + user, domain, real_username, pw, + logon_info, map_domainuser_to_guest, + username_was_mapped, + &session_key, + &session->session_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("smb2: make_server_info_krb5 failed\n")); goto fail; @@ -259,18 +260,6 @@ static NTSTATUS smbd_smb2_session_setup_krb5(struct smbd_smb2_session *session, session->do_signing = false; } - data_blob_free(&session->session_info->user_session_key); - session->session_info->user_session_key = - data_blob_talloc( - session->session_info, - session_key.data, - session_key.length); - if (session_key.length > 0) { - if (session->session_info->user_session_key.data == NULL) { - status = NT_STATUS_NO_MEMORY; - goto fail; - } - } session->session_key = session->session_info->user_session_key; session->compat_vuser = talloc_zero(session, user_struct); -- cgit