svn commit: samba r14130 - branches/SAMBA_3_0/source/auth
branches/SAMBA_3_0/source/smbd trunk/source/auth trunk/source/smbd
gd at samba.org
gd at samba.org
Fri Mar 10 08:43:32 GMT 2006
Author: gd
Date: 2006-03-10 08:43:32 +0000 (Fri, 10 Mar 2006)
New Revision: 14130
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14130
Log:
Remove make_server_info_pac alltogether, make_server_info_info3 does
already do what we need.
Guenther
Modified:
branches/SAMBA_3_0/source/auth/auth_util.c
branches/SAMBA_3_0/source/smbd/sesssetup.c
trunk/source/auth/auth_util.c
trunk/source/smbd/sesssetup.c
Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_util.c
===================================================================
--- branches/SAMBA_3_0/source/auth/auth_util.c 2006-03-10 08:26:40 UTC (rev 14129)
+++ branches/SAMBA_3_0/source/auth/auth_util.c 2006-03-10 08:43:32 UTC (rev 14130)
@@ -1088,95 +1088,6 @@
/***************************************************************************
- Make (and fill) a user_info struct from a Kerberos PAC logon_info by
- conversion to a struct samu
-***************************************************************************/
-
-NTSTATUS make_server_info_pac(auth_serversupplied_info **server_info,
- char *unix_username,
- struct passwd *pwd,
- PAC_LOGON_INFO *logon_info)
-{
- NTSTATUS status;
- struct samu *sampass = NULL;
- DOM_SID user_sid, group_sid;
- fstring dom_name;
- auth_serversupplied_info *result;
- int i;
-
- if ( !(sampass = samu_new( NULL )) ) {
- return NT_STATUS_NO_MEMORY;
- }
-
- status = samu_set_unix( sampass, pwd );
- if ( !NT_STATUS_IS_OK(status) ) {
- return status;
- }
-
- result = make_server_info(NULL);
- if (result == NULL) {
- TALLOC_FREE(sampass);
- return NT_STATUS_NO_MEMORY;
- }
-
- /* only copy user_sid, group_sid and domain name out of the PAC for
- * now, we will benefit from more later - Guenther */
-
- sid_copy(&user_sid, &logon_info->info3.dom_sid.sid);
- sid_append_rid(&user_sid, logon_info->info3.user_rid);
- pdb_set_user_sid(sampass, &user_sid, PDB_SET);
-
- sid_copy(&group_sid, &logon_info->info3.dom_sid.sid);
- sid_append_rid(&group_sid, logon_info->info3.group_rid);
- pdb_set_group_sid(sampass, &group_sid, PDB_SET);
-
- unistr2_to_ascii(dom_name, &logon_info->info3.uni_logon_dom, -1);
- pdb_set_domain(sampass, dom_name, PDB_SET);
-
- pdb_set_logon_count(sampass, logon_info->info3.logon_count, PDB_SET);
-
- result->sam_account = sampass;
- result->unix_name = talloc_strdup(result, unix_username);
- result->uid = pwd->pw_uid;
- result->gid = pwd->pw_gid;
-
- result->sids = NULL;
- result->num_sids = 0;
-
- /* and create (by appending rids) the 'domain' sids */
-
- for (i = 0; i < logon_info->info3.num_groups2; i++) {
- DOM_SID sid;
- if (!sid_compose(&sid, &logon_info->info3.dom_sid.sid,
- logon_info->info3.gids[i].g_rid)) {
- DEBUG(3,("could not append additional group rid "
- "0x%x\n", logon_info->info3.gids[i].g_rid));
- TALLOC_FREE(result);
- return NT_STATUS_INVALID_PARAMETER;
- }
- add_sid_to_array(result, &sid, &result->sids,
- &result->num_sids);
- }
-
- /* Copy 'other' sids. We need to do sid filtering here to
- prevent possible elevation of privileges. See:
-
- http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
- */
-
- for (i = 0; i < logon_info->info3.num_other_sids; i++) {
- add_sid_to_array(result, &logon_info->info3.other_sids[i].sid,
- &result->sids,
- &result->num_sids);
- }
-
- *server_info = result;
-
- return NT_STATUS_OK;
-}
-
-
-/***************************************************************************
Make (and fill) a user_info struct from a 'struct passwd' by conversion
to a struct samu
***************************************************************************/
Modified: branches/SAMBA_3_0/source/smbd/sesssetup.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/sesssetup.c 2006-03-10 08:26:40 UTC (rev 14129)
+++ branches/SAMBA_3_0/source/smbd/sesssetup.c 2006-03-10 08:43:32 UTC (rev 14130)
@@ -316,10 +316,10 @@
if ( map_domainuser_to_guest ) {
make_server_info_guest(&server_info);
} else if (logon_info) {
- ret = make_server_info_pac(&server_info, real_username, pw, logon_info);
-
+ ret = make_server_info_info3(mem_ctx, real_username, real_username, domain,
+ &server_info, &logon_info->info3);
if ( !NT_STATUS_IS_OK(ret) ) {
- DEBUG(1,("make_server_info_pac failed: %s!\n",
+ DEBUG(1,("make_server_info_info3 failed: %s!\n",
nt_errstr(ret)));
SAFE_FREE(client);
data_blob_free(&ap_rep);
Modified: trunk/source/auth/auth_util.c
===================================================================
--- trunk/source/auth/auth_util.c 2006-03-10 08:26:40 UTC (rev 14129)
+++ trunk/source/auth/auth_util.c 2006-03-10 08:43:32 UTC (rev 14130)
@@ -1088,95 +1088,6 @@
/***************************************************************************
- Make (and fill) a user_info struct from a Kerberos PAC logon_info by
- conversion to a struct samu
-***************************************************************************/
-
-NTSTATUS make_server_info_pac(auth_serversupplied_info **server_info,
- char *unix_username,
- struct passwd *pwd,
- PAC_LOGON_INFO *logon_info)
-{
- NTSTATUS status;
- struct samu *sampass = NULL;
- DOM_SID user_sid, group_sid;
- fstring dom_name;
- auth_serversupplied_info *result;
- int i;
-
- if ( !(sampass = samu_new( NULL )) ) {
- return NT_STATUS_NO_MEMORY;
- }
-
- status = samu_set_unix( sampass, pwd );
- if ( !NT_STATUS_IS_OK(status) ) {
- return status;
- }
-
- result = make_server_info(NULL);
- if (result == NULL) {
- TALLOC_FREE(sampass);
- return NT_STATUS_NO_MEMORY;
- }
-
- /* only copy user_sid, group_sid and domain name out of the PAC for
- * now, we will benefit from more later - Guenther */
-
- sid_copy(&user_sid, &logon_info->info3.dom_sid.sid);
- sid_append_rid(&user_sid, logon_info->info3.user_rid);
- pdb_set_user_sid(sampass, &user_sid, PDB_SET);
-
- sid_copy(&group_sid, &logon_info->info3.dom_sid.sid);
- sid_append_rid(&group_sid, logon_info->info3.group_rid);
- pdb_set_group_sid(sampass, &group_sid, PDB_SET);
-
- unistr2_to_ascii(dom_name, &logon_info->info3.uni_logon_dom, -1);
- pdb_set_domain(sampass, dom_name, PDB_SET);
-
- pdb_set_logon_count(sampass, logon_info->info3.logon_count, PDB_SET);
-
- result->sam_account = sampass;
- result->unix_name = talloc_strdup(result, unix_username);
- result->uid = pwd->pw_uid;
- result->gid = pwd->pw_gid;
-
- result->sids = NULL;
- result->num_sids = 0;
-
- /* and create (by appending rids) the 'domain' sids */
-
- for (i = 0; i < logon_info->info3.num_groups2; i++) {
- DOM_SID sid;
- if (!sid_compose(&sid, &logon_info->info3.dom_sid.sid,
- logon_info->info3.gids[i].g_rid)) {
- DEBUG(3,("could not append additional group rid "
- "0x%x\n", logon_info->info3.gids[i].g_rid));
- TALLOC_FREE(result);
- return NT_STATUS_INVALID_PARAMETER;
- }
- add_sid_to_array(result, &sid, &result->sids,
- &result->num_sids);
- }
-
- /* Copy 'other' sids. We need to do sid filtering here to
- prevent possible elevation of privileges. See:
-
- http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
- */
-
- for (i = 0; i < logon_info->info3.num_other_sids; i++) {
- add_sid_to_array(result, &logon_info->info3.other_sids[i].sid,
- &result->sids,
- &result->num_sids);
- }
-
- *server_info = result;
-
- return NT_STATUS_OK;
-}
-
-
-/***************************************************************************
Make (and fill) a user_info struct from a 'struct passwd' by conversion
to a struct samu
***************************************************************************/
Modified: trunk/source/smbd/sesssetup.c
===================================================================
--- trunk/source/smbd/sesssetup.c 2006-03-10 08:26:40 UTC (rev 14129)
+++ trunk/source/smbd/sesssetup.c 2006-03-10 08:43:32 UTC (rev 14130)
@@ -316,10 +316,10 @@
if ( map_domainuser_to_guest ) {
make_server_info_guest(&server_info);
} else if (logon_info) {
- ret = make_server_info_pac(&server_info, real_username, pw, logon_info);
-
+ ret = make_server_info_info3(mem_ctx, real_username, real_username, domain,
+ &server_info, &logon_info->info3);
if ( !NT_STATUS_IS_OK(ret) ) {
- DEBUG(1,("make_server_info_pac failed: %s!\n",
+ DEBUG(1,("make_server_info_info3 failed: %s!\n",
nt_errstr(ret)));
SAFE_FREE(client);
data_blob_free(&ap_rep);
More information about the samba-cvs
mailing list