s3-auth Avoid redundant copies in create_local_token()

These values were not read before being overwritten again.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index e27153e445449e8dda1bb10a0d8eb75324bef061..c227a1cf834f8b17ef3b8088cef9b18d23523681 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -475,7 +475,7 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
                return NT_STATUS_NO_MEMORY;
        }
 
-       session_info->unix_token = talloc(session_info, struct security_unix_token);
+       session_info->unix_token = talloc_zero(session_info, struct security_unix_token);
        if (!session_info->unix_token) {
                TALLOC_FREE(session_info);
                return NT_STATUS_NO_MEMORY;
@@ -483,25 +483,6 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
 
        session_info->unix_token->uid = server_info->utok.uid;
        session_info->unix_token->gid = server_info->utok.gid;
-       session_info->unix_token->ngroups = server_info->utok.ngroups;
-       if (server_info->utok.ngroups != 0) {
-               session_info->unix_token->groups = (gid_t *)talloc_memdup(
-                       session_info->unix_token, server_info->utok.groups,
-                       sizeof(gid_t)*session_info->unix_token->ngroups);
-       } else {
-               session_info->unix_token->groups = NULL;
-       }
-
-       if (server_info->security_token) {
-               session_info->security_token = dup_nt_token(session_info, server_info->security_token);
-               if (!session_info->security_token) {
-                       TALLOC_FREE(session_info);
-                       return NT_STATUS_NO_MEMORY;
-               }
-       }
-
-       session_info->session_key = data_blob_talloc( session_info, server_info->session_key.data,
-                                               server_info->session_key.length);
 
        session_info->info3 = copy_netr_SamInfo3(session_info, server_info->info3);
        if (!session_info->info3) {
@@ -538,6 +519,9 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
                if (!session_info->session_key.data && session_key->length) {
                        return NT_STATUS_NO_MEMORY;
                }
+       } else {
+               session_info->session_key = data_blob_talloc( session_info, server_info->session_key.data,
+                                                             server_info->session_key.length);
        }
 
        if (session_info->security_token) {
@@ -545,6 +529,22 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx,
                 * (nasty hack to support a cached guest session_info,
                 * and a possible strategy for auth_samba4 to pass in
                 * a finalised session) */
+
+               session_info->security_token = dup_nt_token(session_info, server_info->security_token);
+               if (!session_info->security_token) {
+                       TALLOC_FREE(session_info);
+                       return NT_STATUS_NO_MEMORY;
+               }
+
+               session_info->unix_token->ngroups = server_info->utok.ngroups;
+               if (server_info->utok.ngroups != 0) {
+                       session_info->unix_token->groups = (gid_t *)talloc_memdup(
+                               session_info->unix_token, server_info->utok.groups,
+                               sizeof(gid_t)*session_info->unix_token->ngroups);
+               } else {
+                       session_info->unix_token->groups = NULL;
+               }
+
                *session_info_out = session_info;
                return NT_STATUS_OK;
        }