[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-2326-gb121a5a

Volker Lendecke Wed, 07 May 2008 05:47:19 -0700

The branch, v3-3-test has been updated
       via  b121a5acb2ef0bb3067d953b028696175432f10d (commit)
       via  1843ea64ab1df5ced5926aedbeb27c8320b0c70b (commit)
       via  27a9bbc645416265eebdfc866925855021bd407c (commit)
      from  4bef77a4566590b3e20470f538f20848ed49f264 (commit)


http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test


- Log -----------------------------------------------------------------
commit b121a5acb2ef0bb3067d953b028696175432f10d
Author: Volker Lendecke <[EMAIL PROTECTED]>
Date:   Tue May 6 17:37:00 2008 +0200

    Rename server_info->was_mapped to server_info->nss_token
    
    "nss_token" from my point of view much better reflects what this flag 
actually
    represents

commit 1843ea64ab1df5ced5926aedbeb27c8320b0c70b
Author: Volker Lendecke <[EMAIL PROTECTED]>
Date:   Tue May 6 15:16:45 2008 +0200

    Use talloc_tos() for a temporary getpwnam_alloc in make_connection_snum

commit 27a9bbc645416265eebdfc866925855021bd407c
Author: Volker Lendecke <[EMAIL PROTECTED]>
Date:   Wed May 7 14:20:15 2008 +0200

    Use talloc_stackframe() in find_forced_group

-----------------------------------------------------------------------

Summary of changes:
 source/auth/auth_domain.c  |    4 +---
 source/auth/auth_ntlmssp.c |    2 +-
 source/auth/auth_sam.c     |    2 +-
 source/auth/auth_util.c    |    6 +++---
 source/auth/auth_winbind.c |    4 +---
 source/include/auth.h      |    6 +++++-
 source/smbd/service.c      |   18 ++++++------------
 source/smbd/sesssetup.c    |    4 +---
 8 files changed, 19 insertions(+), 27 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/auth/auth_domain.c b/source/auth/auth_domain.c
index f526677..f483718 100644
--- a/source/auth/auth_domain.c
+++ b/source/auth/auth_domain.c
@@ -270,9 +270,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
                                                info3);
 
                if (NT_STATUS_IS_OK(nt_status)) {
-                       if (user_info->was_mapped) {
-                               (*server_info)->was_mapped = 
user_info->was_mapped;
-                       }
+                       (*server_info)->nss_token |= user_info->was_mapped;
 
                        if ( ! (*server_info)->guest) {
                                /* if a real user check pam account 
restrictions */
diff --git a/source/auth/auth_ntlmssp.c b/source/auth/auth_ntlmssp.c
index b6c26a1..0d46b14 100644
--- a/source/auth/auth_ntlmssp.c
+++ b/source/auth/auth_ntlmssp.c
@@ -122,7 +122,7 @@ static NTSTATUS auth_ntlmssp_check_password(struct 
ntlmssp_state *ntlmssp_state,
                return nt_status;
        }
 
-       auth_ntlmssp_state->server_info->was_mapped |= username_was_mapped;
+       auth_ntlmssp_state->server_info->nss_token |= username_was_mapped;
 
        nt_status = create_local_token(auth_ntlmssp_state->server_info);
 
diff --git a/source/auth/auth_sam.c b/source/auth/auth_sam.c
index 4d25d31..5e393f7 100644
--- a/source/auth/auth_sam.c
+++ b/source/auth/auth_sam.c
@@ -367,7 +367,7 @@ static NTSTATUS check_sam_security(const struct 
auth_context *auth_context,
                                 lm_sess_key.length);
        data_blob_free(&lm_sess_key);
 
-       (*server_info)->was_mapped |= user_info->was_mapped;
+       (*server_info)->nss_token |= user_info->was_mapped;
 
        return nt_status;
 }
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index 5116425..5e9da4e 100644
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -634,7 +634,7 @@ NTSTATUS create_local_token(auth_serversupplied_info 
*server_info)
         */
 
        if (((lp_server_role() == ROLE_DOMAIN_MEMBER) && !winbind_ping()) ||
-           (server_info->was_mapped)) {
+           (server_info->nss_token)) {
                status = create_token_from_username(server_info,
                                                    server_info->unix_name,
                                                    server_info->guest,
@@ -1626,7 +1626,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
                        sizeof(info3->base.LMSessKey.key));
        }
 
-       result->was_mapped = username_was_mapped;
+       result->nss_token |= username_was_mapped;
 
        *server_info = result;
 
@@ -1859,7 +1859,7 @@ NTSTATUS make_server_info_wbcAuthUserInfo(TALLOC_CTX 
*mem_ctx,
                        sizeof(info->lm_session_key));
        }
 
-       result->was_mapped = username_was_mapped;
+       result->nss_token |= username_was_mapped;
 
        *server_info = result;
 
diff --git a/source/auth/auth_winbind.c b/source/auth/auth_winbind.c
index 20faa95..d1b00a3 100644
--- a/source/auth/auth_winbind.c
+++ b/source/auth/auth_winbind.c
@@ -120,9 +120,7 @@ static NTSTATUS check_winbind_security(const struct 
auth_context *auth_context,
                return nt_status;
        }
 
-       if (user_info->was_mapped) {
-               (*server_info)->was_mapped = user_info->was_mapped;
-       }
+       (*server_info)->nss_token |= user_info->was_mapped;
 
         return nt_status;
 }
diff --git a/source/include/auth.h b/source/include/auth.h
index df2bed8..56b8144 100644
--- a/source/include/auth.h
+++ b/source/include/auth.h
@@ -67,7 +67,11 @@ typedef struct auth_serversupplied_info {
        
        void *pam_handle;
 
-       bool was_mapped;        /* Did the username map match? */
+       /*
+        * This is a token from /etc/passwd and /etc/group
+        */
+       bool nss_token;
+
        char *unix_name;
 
        /*
diff --git a/source/smbd/service.c b/source/smbd/service.c
index ff69fc4..f589f06 100644
--- a/source/smbd/service.c
+++ b/source/smbd/service.c
@@ -561,7 +561,7 @@ static NTSTATUS find_forced_group(bool force_user,
                                  gid_t *pgid)
 {
        NTSTATUS result = NT_STATUS_NO_SUCH_GROUP;
-       TALLOC_CTX *mem_ctx;
+       TALLOC_CTX *frame = talloc_stackframe();
        DOM_SID group_sid;
        enum lsa_SidType type;
        char *groupname;
@@ -571,13 +571,7 @@ static NTSTATUS find_forced_group(bool force_user,
        ZERO_STRUCTP(pgroup_sid);
        *pgid = (gid_t)-1;
 
-       mem_ctx = talloc_new(NULL);
-       if (mem_ctx == NULL) {
-               DEBUG(0, ("talloc_new failed\n"));
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       groupname = talloc_strdup(mem_ctx, lp_force_group(snum));
+       groupname = talloc_strdup(talloc_tos(), lp_force_group(snum));
        if (groupname == NULL) {
                DEBUG(1, ("talloc_strdup failed\n"));
                result = NT_STATUS_NO_MEMORY;
@@ -589,10 +583,10 @@ static NTSTATUS find_forced_group(bool force_user,
                groupname += 1;
        }
 
-       groupname = talloc_string_sub(mem_ctx, groupname,
+       groupname = talloc_string_sub(talloc_tos(), groupname,
                                      "%S", lp_servicename(snum));
 
-       if (!lookup_name_smbconf(mem_ctx, groupname,
+       if (!lookup_name_smbconf(talloc_tos(), groupname,
                         LOOKUP_NAME_ALL|LOOKUP_NAME_GROUP,
                         NULL, NULL, &group_sid, &type)) {
                DEBUG(10, ("lookup_name_smbconf(%s) failed\n",
@@ -641,7 +635,7 @@ static NTSTATUS find_forced_group(bool force_user,
 
        result = NT_STATUS_OK;
  done:
-       TALLOC_FREE(mem_ctx);
+       TALLOC_FREE(frame);
        return result;
 }
 
@@ -689,7 +683,7 @@ static connection_struct *make_connection_snum(int snum, 
user_struct *vuser,
                char *found_username = NULL;
 
                guest = True;
-               pass = getpwnam_alloc(NULL, guestname);
+               pass = getpwnam_alloc(talloc_tos(), guestname);
                if (!pass) {
                        DEBUG(0,("make_connection_snum: Invalid guest "
                                 "account %s??\n",guestname));
diff --git a/source/smbd/sesssetup.c b/source/smbd/sesssetup.c
index b9219ab..9076949 100644
--- a/source/smbd/sesssetup.c
+++ b/source/smbd/sesssetup.c
@@ -530,9 +530,7 @@ static void reply_spnego_kerberos(struct smb_request *req,
                }
        }
 
-       if (username_was_mapped) {
-               server_info->was_mapped = username_was_mapped;
-       }
+       server_info->nss_token |= username_was_mapped;
 
        /* we need to build the token for the user. make_server_info_guest()
           already does this */


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-2326-gb121a5a

Reply via email to