[SCM] Samba Shared Repository - branch v3-5-test updated
Karolin Seeger
kseeger at samba.org
Wed Feb 17 09:43:41 MST 2010
The branch, v3-5-test has been updated
via 45c634e... s3: Fix bug 7139 owner of file not available with kerberos.
from 3bb72e7... WHATSNEW: Update changes.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -----------------------------------------------------------------
commit 45c634eafa2f398827f16345b56603b969964527
Author: Volker Lendecke <vl at samba.org>
Date: Tue Feb 16 23:29:48 2010 +0100
s3: Fix bug 7139 owner of file not available with kerberos.
To provide the user with the same SID when doing Kerberos logins, attempt to do
a make_server_info_sam instead of a make_server_info_pw.
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/sesssetup.c | 34 ++++++++++++++++++++++++++++++++--
1 files changed, 32 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index addd386..1529166 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -485,10 +485,40 @@ static void reply_spnego_kerberos(struct smb_request *req,
}
} else {
- ret = make_server_info_pw(&server_info, real_username, pw);
+ /*
+ * We didn't get a PAC, we have to make up the user
+ * ourselves. Try to ask the pdb backend to provide
+ * SID consistency with ntlmssp session setup
+ */
+ struct samu *sampass;
+
+ sampass = samu_new(talloc_tos());
+ if (sampass == NULL) {
+ ret = NT_STATUS_NO_MEMORY;
+ data_blob_free(&ap_rep);
+ data_blob_free(&session_key);
+ TALLOC_FREE(mem_ctx);
+ reply_nterror(req, nt_status_squash(ret));
+ return;
+ }
+
+ if (pdb_getsampwnam(sampass, real_username)) {
+ DEBUG(10, ("found user %s in passdb, calling "
+ "make_server_info_sam\n", real_username));
+ ret = make_server_info_sam(&server_info, sampass);
+ } else {
+ /*
+ * User not in passdb, make it up artificially
+ */
+ TALLOC_FREE(sampass);
+ DEBUG(10, ("didn't find user %s in passdb, calling "
+ "make_server_info_pw\n", real_username));
+ ret = make_server_info_pw(&server_info, real_username,
+ pw);
+ }
if ( !NT_STATUS_IS_OK(ret) ) {
- DEBUG(1,("make_server_info_pw failed: %s!\n",
+ DEBUG(1,("make_server_info_[sam|pw] failed: %s!\n",
nt_errstr(ret)));
data_blob_free(&ap_rep);
data_blob_free(&session_key);
--
Samba Shared Repository
More information about the samba-cvs
mailing list