svn commit: samba r14130 - branches/SAMBA_3_0/source/auth branches/SAMBA_3_0/source/smbd trunk/source/auth trunk/source/smbd

gd at samba.org gd at samba.org
Fri Mar 10 08:43:32 GMT 2006 

Author: gd
Date: 2006-03-10 08:43:32 +0000 (Fri, 10 Mar 2006)
New Revision: 14130

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=14130

Log:
Remove make_server_info_pac alltogether, make_server_info_info3 does
already do what we need.

Guenther

Modified:
   branches/SAMBA_3_0/source/auth/auth_util.c
   branches/SAMBA_3_0/source/smbd/sesssetup.c
   trunk/source/auth/auth_util.c
   trunk/source/smbd/sesssetup.c


Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_util.c
===================================================================
--- branches/SAMBA_3_0/source/auth/auth_util.c	2006-03-10 08:26:40 UTC (rev 14129)
+++ branches/SAMBA_3_0/source/auth/auth_util.c	2006-03-10 08:43:32 UTC (rev 14130)
@@ -1088,95 +1088,6 @@
 
 
 /***************************************************************************
- Make (and fill) a user_info struct from a Kerberos PAC logon_info by
- conversion to a struct samu
-***************************************************************************/
-
-NTSTATUS make_server_info_pac(auth_serversupplied_info **server_info, 
-			      char *unix_username,
-			      struct passwd *pwd,
-			      PAC_LOGON_INFO *logon_info)
-{
-	NTSTATUS status;
-	struct samu *sampass = NULL;
-	DOM_SID user_sid, group_sid;
-	fstring dom_name;
-	auth_serversupplied_info *result;
-	int i;
-
-	if ( !(sampass = samu_new( NULL )) ) {
-		return NT_STATUS_NO_MEMORY;
-	}
-		
-	status = samu_set_unix( sampass, pwd );
-	if ( !NT_STATUS_IS_OK(status) ) {		
-		return status;
-	}
-
-	result = make_server_info(NULL);
-	if (result == NULL) {
-		TALLOC_FREE(sampass);
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	/* only copy user_sid, group_sid and domain name out of the PAC for
-	 * now, we will benefit from more later - Guenther */
-
-	sid_copy(&user_sid, &logon_info->info3.dom_sid.sid);
-	sid_append_rid(&user_sid, logon_info->info3.user_rid);
-	pdb_set_user_sid(sampass, &user_sid, PDB_SET);
-	
-	sid_copy(&group_sid, &logon_info->info3.dom_sid.sid);
-	sid_append_rid(&group_sid, logon_info->info3.group_rid);
-	pdb_set_group_sid(sampass, &group_sid, PDB_SET);
-
-	unistr2_to_ascii(dom_name, &logon_info->info3.uni_logon_dom, -1);
-	pdb_set_domain(sampass, dom_name, PDB_SET);
-
-	pdb_set_logon_count(sampass, logon_info->info3.logon_count, PDB_SET);
-
-	result->sam_account = sampass;
-	result->unix_name = talloc_strdup(result, unix_username);
-	result->uid = pwd->pw_uid;
-	result->gid = pwd->pw_gid;
-
-	result->sids = NULL;
-	result->num_sids = 0;
-
-	/* and create (by appending rids) the 'domain' sids */
-	
-	for (i = 0; i < logon_info->info3.num_groups2; i++) {
-		DOM_SID sid;
-		if (!sid_compose(&sid, &logon_info->info3.dom_sid.sid,
-				 logon_info->info3.gids[i].g_rid)) {
-			DEBUG(3,("could not append additional group rid "
-				 "0x%x\n", logon_info->info3.gids[i].g_rid));
-			TALLOC_FREE(result);
-			return NT_STATUS_INVALID_PARAMETER;
-		}
-		add_sid_to_array(result, &sid, &result->sids,
-				 &result->num_sids);
-	}
-
-	/* Copy 'other' sids.  We need to do sid filtering here to
- 	   prevent possible elevation of privileges.  See:
-
-           http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
-         */
-
-	for (i = 0; i < logon_info->info3.num_other_sids; i++) {
-		add_sid_to_array(result, &logon_info->info3.other_sids[i].sid,
-				 &result->sids,
-				 &result->num_sids);
-	}
-
-	*server_info = result;
-
-	return NT_STATUS_OK;
-}
-
-
-/***************************************************************************
  Make (and fill) a user_info struct from a 'struct passwd' by conversion 
  to a struct samu
 ***************************************************************************/

Modified: branches/SAMBA_3_0/source/smbd/sesssetup.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/sesssetup.c	2006-03-10 08:26:40 UTC (rev 14129)
+++ branches/SAMBA_3_0/source/smbd/sesssetup.c	2006-03-10 08:43:32 UTC (rev 14130)
@@ -316,10 +316,10 @@
 	if ( map_domainuser_to_guest ) {
 		make_server_info_guest(&server_info);
 	} else if (logon_info) {
-		ret = make_server_info_pac(&server_info, real_username, pw, logon_info);
-
+		ret = make_server_info_info3(mem_ctx, real_username, real_username, domain, 
+					     &server_info, &logon_info->info3);
 		if ( !NT_STATUS_IS_OK(ret) ) {
-			DEBUG(1,("make_server_info_pac failed: %s!\n",
+			DEBUG(1,("make_server_info_info3 failed: %s!\n",
 				 nt_errstr(ret)));
 			SAFE_FREE(client);
 			data_blob_free(&ap_rep);

Modified: trunk/source/auth/auth_util.c
===================================================================
--- trunk/source/auth/auth_util.c	2006-03-10 08:26:40 UTC (rev 14129)
+++ trunk/source/auth/auth_util.c	2006-03-10 08:43:32 UTC (rev 14130)
@@ -1088,95 +1088,6 @@
 
 
 /***************************************************************************
- Make (and fill) a user_info struct from a Kerberos PAC logon_info by
- conversion to a struct samu
-***************************************************************************/
-
-NTSTATUS make_server_info_pac(auth_serversupplied_info **server_info, 
-			      char *unix_username,
-			      struct passwd *pwd,
-			      PAC_LOGON_INFO *logon_info)
-{
-	NTSTATUS status;
-	struct samu *sampass = NULL;
-	DOM_SID user_sid, group_sid;
-	fstring dom_name;
-	auth_serversupplied_info *result;
-	int i;
-
-	if ( !(sampass = samu_new( NULL )) ) {
-		return NT_STATUS_NO_MEMORY;
-	}
-		
-	status = samu_set_unix( sampass, pwd );
-	if ( !NT_STATUS_IS_OK(status) ) {		
-		return status;
-	}
-
-	result = make_server_info(NULL);
-	if (result == NULL) {
-		TALLOC_FREE(sampass);
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	/* only copy user_sid, group_sid and domain name out of the PAC for
-	 * now, we will benefit from more later - Guenther */
-
-	sid_copy(&user_sid, &logon_info->info3.dom_sid.sid);
-	sid_append_rid(&user_sid, logon_info->info3.user_rid);
-	pdb_set_user_sid(sampass, &user_sid, PDB_SET);
-	
-	sid_copy(&group_sid, &logon_info->info3.dom_sid.sid);
-	sid_append_rid(&group_sid, logon_info->info3.group_rid);
-	pdb_set_group_sid(sampass, &group_sid, PDB_SET);
-
-	unistr2_to_ascii(dom_name, &logon_info->info3.uni_logon_dom, -1);
-	pdb_set_domain(sampass, dom_name, PDB_SET);
-
-	pdb_set_logon_count(sampass, logon_info->info3.logon_count, PDB_SET);
-
-	result->sam_account = sampass;
-	result->unix_name = talloc_strdup(result, unix_username);
-	result->uid = pwd->pw_uid;
-	result->gid = pwd->pw_gid;
-
-	result->sids = NULL;
-	result->num_sids = 0;
-
-	/* and create (by appending rids) the 'domain' sids */
-	
-	for (i = 0; i < logon_info->info3.num_groups2; i++) {
-		DOM_SID sid;
-		if (!sid_compose(&sid, &logon_info->info3.dom_sid.sid,
-				 logon_info->info3.gids[i].g_rid)) {
-			DEBUG(3,("could not append additional group rid "
-				 "0x%x\n", logon_info->info3.gids[i].g_rid));
-			TALLOC_FREE(result);
-			return NT_STATUS_INVALID_PARAMETER;
-		}
-		add_sid_to_array(result, &sid, &result->sids,
-				 &result->num_sids);
-	}
-
-	/* Copy 'other' sids.  We need to do sid filtering here to
- 	   prevent possible elevation of privileges.  See:
-
-           http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
-         */
-
-	for (i = 0; i < logon_info->info3.num_other_sids; i++) {
-		add_sid_to_array(result, &logon_info->info3.other_sids[i].sid,
-				 &result->sids,
-				 &result->num_sids);
-	}
-
-	*server_info = result;
-
-	return NT_STATUS_OK;
-}
-
-
-/***************************************************************************
  Make (and fill) a user_info struct from a 'struct passwd' by conversion 
  to a struct samu
 ***************************************************************************/

Modified: trunk/source/smbd/sesssetup.c
===================================================================
--- trunk/source/smbd/sesssetup.c	2006-03-10 08:26:40 UTC (rev 14129)
+++ trunk/source/smbd/sesssetup.c	2006-03-10 08:43:32 UTC (rev 14130)
@@ -316,10 +316,10 @@
 	if ( map_domainuser_to_guest ) {
 		make_server_info_guest(&server_info);
 	} else if (logon_info) {
-		ret = make_server_info_pac(&server_info, real_username, pw, logon_info);
-
+		ret = make_server_info_info3(mem_ctx, real_username, real_username, domain, 
+					     &server_info, &logon_info->info3);
 		if ( !NT_STATUS_IS_OK(ret) ) {
-			DEBUG(1,("make_server_info_pac failed: %s!\n",
+			DEBUG(1,("make_server_info_info3 failed: %s!\n",
 				 nt_errstr(ret)));
 			SAFE_FREE(client);
 			data_blob_free(&ap_rep);

More information about the samba-cvs mailing list