[SCM] Samba Shared Repository - branch master updated

Andrew Bartlett abartlet at samba.org
Tue Apr 5 16:34:02 MDT 2011


The branch, master has been updated
       via  48646ee s3-auth: Make server_info const in create_local_token()
       via  86baefe kdc: always ldb escape the realm
       via  663dc94 auth: Move auth_session_info into IDL
       via  f261266 s4-auth: Always talloc_zero() the struct auth_session_info
       via  1c34842 pidl: Add support for the [ignore] property
       via  917b0a2 librpc/idl Add [nopython] to krb5pac ndrdump functions
      from  b6a30be Fix bug #7080 - Quota only shown when logged as root.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 48646ee69aeb8f963d5d34abdaec783283efea71
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Wed Apr 6 06:46:26 2011 +1000

    s3-auth: Make server_info const in create_local_token()
    
    Andreas Schneider <asn at samba.org> correctly points out that this input
    parameter should now be const, and that found a bug where I used then
    used it incorrectly as a talloc context.
    
    Andrew Bartlett
    
    Autobuild-User: Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date: Wed Apr  6 00:33:31 CEST 2011 on sn-devel-104

commit 86baefe2245a74f1777418b1e2c7b97e33c42529
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Apr 5 16:21:14 2011 +1000

    kdc: always ldb escape the realm

commit 663dc94e630910b0b5b61801a03622641b2b83b4
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Apr 5 16:15:27 2011 +1000

    auth: Move auth_session_info into IDL
    
    This changes auth_session_info_transport to just be a wrapper, rather
    than a copy that has to be kept in sync.
    
    As auth_session_info was already wrapped in python, this required
    changes to the existing pyauth wrapper and it's users.
    
    Andrew Bartlett

commit f261266c9d66d7143a867f4719d1549f58915036
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Apr 5 15:57:42 2011 +1000

    s4-auth: Always talloc_zero() the struct auth_session_info

commit 1c34842db43db04abf8aa3449c56e2049fee3eb0
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Apr 5 15:55:07 2011 +1000

    pidl: Add support for the [ignore] property
    
    This is implemented to simply never push this pointer, but to push a
    NULL in it's place.  Likewise a pull will simply return a NULL.
    
    Andrew Bartlett

commit 917b0a23a6d7c8f0926792ff51e718d793670d33
Author: Andrew Bartlett <abartlet at samba.org>
Date:   Tue Apr 5 15:50:08 2011 +1000

    librpc/idl Add [nopython] to krb5pac ndrdump functions
    
    These functions are not real RPC functions, but are used to help
    ndrdump operate.  They don't need python bindings.
    
    Andrew Bartlett

-----------------------------------------------------------------------

Summary of changes:
 libcli/security/session.h                          |   11 +---
 librpc/idl/auth.idl                                |   18 +++++-
 librpc/idl/krb5pac.idl                             |   10 ++--
 librpc/ndr/{ndr_misc.c => ndr_auth.c}              |   27 +++++---
 .../ntvfs/common/init.c => librpc/ndr/ndr_auth.h   |   20 +++---
 librpc/wscript_build                               |    2 +-
 pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm           |   31 ++++++---
 source3/Makefile.in                                |    2 +-
 source3/auth/auth_util.c                           |    8 +-
 source3/auth/proto.h                               |    2 +-
 source3/rpc_server/rpc_ncacn_np.c                  |   33 ++++++---
 source3/rpc_server/rpc_server.c                    |   18 +++--
 source4/auth/gensec/pygensec.c                     |    2 +-
 source4/auth/pyauth.c                              |   76 +-------------------
 source4/auth/pyauth.h                              |    2 -
 source4/auth/session.c                             |   42 ++++-------
 source4/kdc/db-glue.c                              |   12 +++-
 source4/lib/ldb-samba/pyldb.c                      |    4 +-
 source4/librpc/ndr/py_auth.c                       |   74 +++++++++++++++++++
 source4/librpc/wscript_build                       |   11 +++
 20 files changed, 225 insertions(+), 180 deletions(-)
 copy librpc/ndr/{ndr_misc.c => ndr_auth.c} (52%)
 copy source4/ntvfs/common/init.c => librpc/ndr/ndr_auth.h (54%)
 create mode 100644 source4/librpc/ndr/py_auth.c


Changeset truncated at 500 lines:

diff --git a/libcli/security/session.h b/libcli/security/session.h
index 1f0d486..ee9187d 100644
--- a/libcli/security/session.h
+++ b/libcli/security/session.h
@@ -35,16 +35,7 @@ struct cli_credentials;
 struct security_token;
 struct auth_user_info;
 struct auth_user_info_torture;
-
-struct auth_session_info {
-	struct security_token *security_token;
-	struct security_unix_token *unix_token;
-	struct auth_user_info *info;
-	struct auth_user_info_unix *unix_info;
-	struct auth_user_info_torture *torture;
-	DATA_BLOB session_key;
-	struct cli_credentials *credentials;
-};
+struct auth_session_info;
 
 enum security_user_level security_session_user_level(struct auth_session_info *session_info,
 						     const struct dom_sid *domain_sid);
diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl
index 7b4556a..904beca 100644
--- a/librpc/idl/auth.idl
+++ b/librpc/idl/auth.idl
@@ -1,10 +1,20 @@
 #include "idl_types.h"
 
 /*
-  security IDL structures
+  Authentication IDL structures
+
+  These are NOT public network structures, but it is helpful to define
+  these things in IDL. They may change without ABI breakage or
+  warning.
+
 */
 
 import "misc.idl", "security.idl", "lsa.idl", "krb5pac.idl";
+[
+	pyhelper("librpc/ndr/py_auth.c"),
+	helper("../librpc/ndr/ndr_auth.h"),
+	helpstring("internal Samba authentication structures")
+]
 
 interface auth
 {
@@ -79,7 +89,13 @@ interface auth
 		security_unix_token *unix_token;
 		auth_user_info *info;
 		auth_user_info_unix *unix_info;
+		[value(NULL), ignore] auth_user_info_torture *torture;
 		DATA_BLOB session_key;
+		[value(NULL), ignore] cli_credentials *credentials;
+	} auth_session_info;
+
+	typedef [public] struct {
+		auth_session_info *session_info;
 		DATA_BLOB exported_gssapi_credentials;
 	} auth_session_info_transport;
 }
diff --git a/librpc/idl/krb5pac.idl b/librpc/idl/krb5pac.idl
index d7a99c9..fcd32c6 100644
--- a/librpc/idl/krb5pac.idl
+++ b/librpc/idl/krb5pac.idl
@@ -110,23 +110,23 @@ interface krb5pac
 		[flag(NDR_REMAINING)] DATA_BLOB ChecksumAndSignature;
 	} PAC_Validate;
 
-	void decode_pac(
+	[nopython] void decode_pac(
 		[in] PAC_DATA pac
 		);
 
-	void decode_pac_raw(
+	[nopython] void decode_pac_raw(
 		[in] PAC_DATA_RAW pac
 		);
 
-	void decode_login_info(
+	[nopython] void decode_login_info(
 		[in] PAC_LOGON_INFO logon_info
 		);
 
-	void decode_login_info_ctr(
+	[nopython] void decode_login_info_ctr(
 		[in] PAC_LOGON_INFO_CTR logon_info_ctr
 		);
 
-	void decode_pac_validate(
+	[nopython] void decode_pac_validate(
 		[in] PAC_Validate pac_validate
 		);
 
diff --git a/librpc/ndr/ndr_misc.c b/librpc/ndr/ndr_auth.c
similarity index 52%
copy from librpc/ndr/ndr_misc.c
copy to librpc/ndr/ndr_auth.c
index c4a1adb..5252d80 100644
--- a/librpc/ndr/ndr_misc.c
+++ b/librpc/ndr/ndr_auth.c
@@ -1,10 +1,9 @@
 /* 
    Unix SMB/CIFS implementation.
 
-   UUID/GUID/policy_handle functions
+   Helper routines for marshalling the internal 'auth.idl'
 
-   Copyright (C) Andrew Tridgell                   2003.
-   Copyright (C) Stefan (metze) Metzmacher         2004.
+   Copyright (C) Andrew Bartlett 2011
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -21,17 +20,25 @@
 */
 
 #include "includes.h"
-#include "system/network.h"
+#include "librpc/ndr/ndr_auth.h"
 #include "librpc/ndr/libndr.h"
 
-_PUBLIC_ void ndr_print_GUID(struct ndr_print *ndr, const char *name, const struct GUID *guid)
+_PUBLIC_ void ndr_print_cli_credentials(struct ndr_print *ndr, const char *name, struct cli_credentials *v)
 {
-	ndr->print(ndr, "%-25s: %s", name, GUID_string(ndr, guid));
+	ndr->print(ndr, "%-25s: NULL", name);
 }
 
-bool ndr_syntax_id_equal(const struct ndr_syntax_id *i1,
-			 const struct ndr_syntax_id *i2)
+/*
+  cli_credentials does not have a network representation, just pull/push a NULL pointer
+*/
+_PUBLIC_ enum ndr_err_code ndr_pull_cli_credentials(struct ndr_pull *ndr, int ndr_flags, struct cli_credentials *v)
+{
+	return NDR_ERR_SUCCESS;
+}
+
+_PUBLIC_ enum ndr_err_code ndr_push_cli_credentials(struct ndr_push *ndr, int ndr_flags, struct cli_credentials *v)
 {
-	return GUID_equal(&i1->uuid, &i2->uuid)
-		&& (i1->if_version == i2->if_version);
+	return ndr_push_pointer(ndr, ndr_flags, NULL);
 }
+
+
diff --git a/source4/ntvfs/common/init.c b/librpc/ndr/ndr_auth.h
similarity index 54%
copy from source4/ntvfs/common/init.c
copy to librpc/ndr/ndr_auth.h
index f8f8e27..57f6535 100644
--- a/source4/ntvfs/common/init.c
+++ b/librpc/ndr/ndr_auth.h
@@ -1,7 +1,9 @@
 /* 
    Unix SMB/CIFS implementation.
 
-   Copyright (C) Stefan Metzmacher 2006
+   Helper routines for marshalling the internal 'auth.idl'
+
+   Copyright (C) Andrew Bartlett 2011
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -18,17 +20,13 @@
 */
 
 /*
-  this is the change notify database. It implements mechanisms for
-  storing current change notify waiters in a tdb, and checking if a
-  given event matches any of the stored notify waiiters.
+  cli_credentials does not have a network representation, just pull/push a NULL pointer
 */
 
-#include "includes.h"
-#include "ntvfs/sysdep/sys_notify.h"
+#include "librpc/gen_ndr/ndr_auth.h"
 
-NTSTATUS ntvfs_common_init(void);
+struct cli_credentials;
+_PUBLIC_ enum ndr_err_code ndr_pull_cli_credentials(struct ndr_pull *ndr, int ndr_flags, struct cli_credentials *v);
+_PUBLIC_ enum ndr_err_code ndr_push_cli_credentials(struct ndr_push *ndr, int ndr_flags, struct cli_credentials *v);
 
-NTSTATUS ntvfs_common_init(void)
-{
-	return sys_notify_init();
-}
+_PUBLIC_ void ndr_print_cli_credentials(struct ndr_print *ndr, const char *name, struct cli_credentials *v);
diff --git a/librpc/wscript_build b/librpc/wscript_build
index ce78cb6..b71a3ae 100644
--- a/librpc/wscript_build
+++ b/librpc/wscript_build
@@ -9,7 +9,7 @@ bld.SAMBA_SUBSYSTEM('NDR_AUDIOSRV',
 	)
 
 bld.SAMBA_SUBSYSTEM('NDR_AUTH',
-                    source='gen_ndr/ndr_auth.c',
+                    source='gen_ndr/ndr_auth.c ndr/ndr_auth.c',
                     public_headers='gen_ndr/auth.h',
                     header_path='gen_ndr',
                     public_deps='ndr NDR_SECURITY ndr-krb5pac'
diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
index 7cda272..e2c9012 100644
--- a/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
+++ b/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm
@@ -685,6 +685,9 @@ sub ParsePtrPush($$$$$)
 		$self->pidl("NDR_CHECK(ndr_push_unique_ptr($ndr, $var_name));");
 	} elsif ($l->{POINTER_TYPE} eq "full") {
 		$self->pidl("NDR_CHECK(ndr_push_full_ptr($ndr, $var_name));");
+	} elsif ($l->{POINTER_TYPE} eq "ignore") {
+	        # We don't want this pointer to appear on the wire at all
+		$self->pidl("NDR_CHECK(ndr_push_uint3264(ndr, NDR_SCALARS, 0));");
 	} else {
 		die("Unhandled pointer type $l->{POINTER_TYPE}");
 	}
@@ -1209,6 +1212,10 @@ sub ParsePtrPull($$$$$)
 		$self->pidl("NDR_CHECK(ndr_pull_generic_ptr($ndr, &_ptr_$e->{NAME}));");
 	} elsif ($l->{POINTER_TYPE} eq "relative_short") {
 		$self->pidl("NDR_CHECK(ndr_pull_relative_ptr_short($ndr, &_ptr_$e->{NAME}));");
+	} elsif ($l->{POINTER_TYPE} eq "ignore") {
+                #We want to consume the pointer bytes, but ignore the pointer value
+	        $self->pidl("NDR_CHECK(ndr_pull_uint3264(ndr, NDR_SCALARS, &_ptr_$e->{NAME}));");
+		$self->pidl("_ptr_$e->{NAME} = NULL;");
 	} else {
 		die("Unhandled pointer type $l->{POINTER_TYPE}");
 	}
@@ -1216,16 +1223,22 @@ sub ParsePtrPull($$$$$)
 	$self->pidl("if (_ptr_$e->{NAME}) {");
 	$self->indent;
 
-	# Don't do this for arrays, they're allocated at the actual level 
-	# of the array
-	unless ($next_is_array or $next_is_string) { 
-		$self->pidl("NDR_PULL_ALLOC($ndr, $var_name);"); 
+	if ($l->{POINTER_TYPE} eq "ignore") {
+	        # Don't do anything, we don't want to do the
+	        # allocation, as we forced it to NULL just above, and
+	        # we may not know the declared type anyway.
 	} else {
-		# FIXME: Yes, this is nasty.
-		# We allocate an array twice
-		# - once just to indicate that it's there,
-		# - then the real allocation...
-		$self->pidl("NDR_PULL_ALLOC($ndr, $var_name);");
+	        # Don't do this for arrays, they're allocated at the actual level 
+	        # of the array
+	        unless ($next_is_array or $next_is_string) { 
+		       $self->pidl("NDR_PULL_ALLOC($ndr, $var_name);"); 
+		} else {
+		       # FIXME: Yes, this is nasty.
+		       # We allocate an array twice
+		       # - once just to indicate that it's there,
+		       # - then the real allocation...
+		       $self->pidl("NDR_PULL_ALLOC($ndr, $var_name);");
+		}
 	}
 
 	#$self->pidl("memset($var_name, 0, sizeof($var_name));");
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 108bfef..f70eb63 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -711,7 +711,7 @@ RPC_EVENTLOG_OBJ = rpc_server/eventlog/srv_eventlog_nt.o \
 
 NPA_TSTREAM_OBJ = ../libcli/named_pipe_auth/npa_tstream.o \
 		  librpc/gen_ndr/ndr_named_pipe_auth.o \
-		  ../auth/auth_sam_reply.o librpc/gen_ndr/ndr_auth.o
+		  ../auth/auth_sam_reply.o librpc/gen_ndr/ndr_auth.o ../librpc/ndr/ndr_auth.o
 
 RPC_NCACN_NP = rpc_server/srv_pipe_register.o rpc_server/rpc_ncacn_np.o \
 	       rpc_server/rpc_handles.o rpc_server/srv_access_check.o
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index e2a687d..1cc78f0 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -443,7 +443,7 @@ static NTSTATUS log_nt_token(struct security_token *token)
  */
 
 NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
-			    struct auth_serversupplied_info *server_info,
+			    const struct auth_serversupplied_info *server_info,
 			    DATA_BLOB *session_key,
 			    struct auth_serversupplied_info **session_info_out)
 {
@@ -527,9 +527,9 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
 				   "ignoring it\n", sid_string_dbg(sid)));
 			continue;
 		}
-		if (!add_gid_to_array_unique(server_info, gid,
-					&session_info->utok.groups,
-					&session_info->utok.ngroups)) {
+		if (!add_gid_to_array_unique(session_info, gid,
+					     &session_info->utok.groups,
+					     &session_info->utok.ngroups)) {
 			return NT_STATUS_NO_MEMORY;
 		}
 	}
diff --git a/source3/auth/proto.h b/source3/auth/proto.h
index 15e79dd..b88bb8c 100644
--- a/source3/auth/proto.h
+++ b/source3/auth/proto.h
@@ -102,7 +102,7 @@ struct samu;
 NTSTATUS make_server_info_sam(struct auth_serversupplied_info **server_info,
 			      struct samu *sampass);
 NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
-			    struct auth_serversupplied_info *server_info,
+			    const struct auth_serversupplied_info *server_info,
 			    DATA_BLOB *session_key,
 			    struct auth_serversupplied_info **session_info_out);
 NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c
index f000b64..e89a366 100644
--- a/source3/rpc_server/rpc_ncacn_np.c
+++ b/source3/rpc_server/rpc_ncacn_np.c
@@ -607,6 +607,7 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 	struct tevent_context *ev;
 	struct tevent_req *subreq;
 	struct auth_session_info_transport *session_info_t;
+	struct auth_session_info *session_info_npa;
 	struct auth_user_info_dc *user_info_dc;
 	union netr_Validation val;
 	NTSTATUS status;
@@ -651,20 +652,20 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 		goto fail;
 	}
 
-	session_info_t = talloc_zero(talloc_tos(), struct auth_session_info_transport);
-	if (session_info_t == NULL) {
+	session_info_npa = talloc_zero(talloc_tos(), struct auth_session_info);
+	if (session_info_npa == NULL) {
 		DEBUG(0, ("talloc failed\n"));
 		goto fail;
 	}
 
 	/* Send the named_pipe_auth server the user's full token */
-	session_info_t->security_token = session_info->security_token;
-	session_info_t->session_key = session_info->session_key;
+	session_info_npa->security_token = session_info->security_token;
+	session_info_npa->session_key = session_info->session_key;
 
 	val.sam3 = session_info->info3;
 
 	/* Convert into something we can build a struct
-	 * auth_session_info_transport from.  Most of the work here
+	 * auth_session_info from.  Most of the work here
 	 * will be to convert the SIDS, which we will then ignore, but
 	 * this is the easier way to handle it */
 	status = make_user_info_dc_netlogon_validation(talloc_tos(), "", 3, &val, &user_info_dc);
@@ -673,9 +674,17 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 		goto fail;
 	}
 
-	session_info_t->info = talloc_move(session_info_t, &user_info_dc->info);
+	session_info_npa->info = talloc_move(session_info_npa, &user_info_dc->info);
 	talloc_free(user_info_dc);
 
+	session_info_t = talloc_zero(talloc_tos(), struct auth_session_info_transport);
+	if (session_info_npa == NULL) {
+		DEBUG(0, ("talloc failed\n"));
+		goto fail;
+	}
+
+	session_info_t->session_info = talloc_steal(session_info_t, session_info_npa);
+
 	become_root();
 	subreq = tstream_npa_connect_send(talloc_tos(), ev,
 					  socket_np_dir,
@@ -689,8 +698,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 		unbecome_root();
 		DEBUG(0, ("tstream_npa_connect_send to %s for pipe %s and "
 			  "user %s\\%s failed\n",
-			  socket_np_dir, pipe_name, session_info_t->info->domain_name,
-			  session_info_t->info->account_name));
+			  socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name,
+			  session_info_t->session_info->info->account_name));
 		goto fail;
 	}
 	ok = tevent_req_poll(subreq, ev);
@@ -698,8 +707,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 	if (!ok) {
 		DEBUG(0, ("tevent_req_poll to %s for pipe %s and user %s\\%s "
 			  "failed for tstream_npa_connect: %s\n",
-			  socket_np_dir, pipe_name, session_info_t->info->domain_name,
-			  session_info_t->info->account_name,
+			  socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name,
+			  session_info_t->session_info->info->account_name,
 			  strerror(errno)));
 		goto fail;
 
@@ -714,8 +723,8 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
 	if (ret != 0) {
 		DEBUG(0, ("tstream_npa_connect_recv  to %s for pipe %s and "
 			  "user %s\\%s failed: %s\n",
-			  socket_np_dir, pipe_name, session_info_t->info->domain_name,
-			  session_info_t->info->account_name,
+			  socket_np_dir, pipe_name, session_info_t->session_info->info->domain_name,
+			  session_info_t->session_info->info->account_name,
 			  strerror(sys_errno)));
 		goto fail;
 	}
diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c
index 2fa2a77..c7c77f0 100644
--- a/source3/rpc_server/rpc_server.c
+++ b/source3/rpc_server/rpc_server.c
@@ -32,15 +32,15 @@
 #define SERVER_TCP_HIGH_PORT 1300
 
 static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx,
-					    struct auth_session_info_transport **session_info)
+					    struct auth_session_info **session_info)
 {
-	struct auth_session_info_transport *i;
+	struct auth_session_info *i;
 	struct auth_serversupplied_info *s;
 	struct auth_user_info_dc *u;
 	union netr_Validation val;
 	NTSTATUS status;
 
-	i = talloc_zero(mem_ctx, struct auth_session_info_transport);
+	i = talloc_zero(mem_ctx, struct auth_session_info);
 	if (i == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -81,7 +81,7 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx,
 				    bool ncalrpc_as_system,
 				    const char *client_address,
 				    const char *server_address,
-				    struct auth_session_info_transport *session_info,
+				    struct auth_session_info *session_info,
 				    struct pipes_struct **_p,
 				    int *perrno)
 {
@@ -355,7 +355,7 @@ struct named_pipe_client {
 	char *client_name;
 	struct tsocket_address *server;
 	char *server_name;
-	struct auth_session_info_transport *session_info;
+	struct auth_session_info *session_info;
 
 	struct pipes_struct *p;
 
@@ -433,6 +433,7 @@ static void named_pipe_packet_done(struct tevent_req *subreq);
 
 static void named_pipe_accept_done(struct tevent_req *subreq)
 {
+	struct auth_session_info_transport *session_info_transport;
 	struct named_pipe_client *npc =
 		tevent_req_callback_data(subreq, struct named_pipe_client);
 	const char *cli_addr;
@@ -445,7 +446,10 @@ static void named_pipe_accept_done(struct tevent_req *subreq)
 						&npc->client_name,
 						&npc->server,
 						&npc->server_name,
-						&npc->session_info);
+						&session_info_transport);
+
+	npc->session_info = talloc_move(npc, &session_info_transport->session_info);
+
 	TALLOC_FREE(subreq);
 	if (ret != 0) {
 		DEBUG(2, ("Failed to accept named pipe connection! (%s)\n",
@@ -996,7 +1000,7 @@ struct dcerpc_ncacn_conn {
 	char *client_name;
 	struct tsocket_address *server;
 	char *server_name;
-	struct auth_session_info_transport *session_info;
+	struct auth_session_info *session_info;
 
 	struct iovec *iov;
 	size_t count;
diff --git a/source4/auth/gensec/pygensec.c b/source4/auth/gensec/pygensec.c
index 5fe3703..fd9726e 100644
--- a/source4/auth/gensec/pygensec.c
+++ b/source4/auth/gensec/pygensec.c
@@ -271,7 +271,7 @@ static PyObject *py_gensec_session_info(PyObject *self)
 		return NULL;
 	}
 
-	py_session_info = py_return_ndr_struct("samba.auth", "AuthSession",
+	py_session_info = py_return_ndr_struct("samba.dcerpc.auth", "session_info",
 						 info, info);
 	return py_session_info;
 }
diff --git a/source4/auth/pyauth.c b/source4/auth/pyauth.c
index 9cb770b..a4ba88c 100644
--- a/source4/auth/pyauth.c
+++ b/source4/auth/pyauth.c
@@ -46,72 +46,9 @@ typedef intargfunc ssizeargfunc;
 #define Py_RETURN_NONE return Py_INCREF(Py_None), Py_None
 #endif
 
-static PyObject *py_auth_session_get_security_token(PyObject *self, void *closure)
+static PyObject *PyAuthSession_FromSession(struct auth_session_info *session)
 {
-	struct auth_session_info *session = py_talloc_get_type(self, struct auth_session_info);
-	PyObject *py_security_token;
-	py_security_token = py_return_ndr_struct("samba.dcerpc.security", "token",
-						 session->security_token, session->security_token);


-- 
Samba Shared Repository


More information about the samba-cvs mailing list