r10810: This adds the hooks required to communicate the current user from the

[abartlet/samba.git/.git] / source4 / dsdb / samdb / samdb_privilege.c

diff --git a/source4/dsdb/samdb/samdb_privilege.c b/source4/dsdb/samdb/samdb_privilege.c
index 059d612225e290621dbb1d8ebf38f18a01239fe5..55dfef04aa23118ef7024043bd7261add7112e03 100644 (file)
--- a/source4/dsdb/samdb/samdb_privilege.c
+++ b/source4/dsdb/samdb/samdb_privilege.c
@@ -75,11 +75,23 @@ static NTSTATUS samdb_privilege_setup_sid(void *samctx, TALLOC_CTX *mem_ctx,
 NTSTATUS samdb_privilege_setup(struct security_token *token)
 {
        void *samctx;
-       TALLOC_CTX *mem_ctx = talloc_new(token);
+       TALLOC_CTX *mem_ctx;
        int i;
        NTSTATUS status;
 
-       samctx = samdb_connect(mem_ctx);
+       /* Shortcuts to prevent recursion and avoid lookups */
+       if (is_system_token(token)) {
+               token->privilege_mask = ~0;
+               return NT_STATUS_OK;
+       }
+
+       if (is_anonymous_token(token)) {
+               token->privilege_mask = 0;
+               return NT_STATUS_OK;
+       }
+
+       mem_ctx = talloc_new(token);
+       samctx = samdb_connect(mem_ctx, system_session(mem_ctx));
        if (samctx == NULL) {
                talloc_free(mem_ctx);
                return NT_STATUS_INTERNAL_DB_CORRUPTION;