From bb3755968f5e953340edfb0b71997dddc11badb9 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Tue, 29 Apr 2008 13:35:00 +0200
Subject: [PATCH] Remove "nt_user_token" from "struct user_struct" (This used
 to be commit 51d5d512f28eadc74eced43e5e7f4e5bdff3ff69)

---
 source3/include/smb.h             |  2 --
 source3/rpc_server/srv_pipe_hnd.c |  2 +-
 source3/smbd/password.c           |  4 +---
 source3/smbd/service.c            |  6 +++---
 source3/smbd/uid.c                | 14 +++++++-------
 5 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/source3/include/smb.h b/source3/include/smb.h
index 7a228d0d036..bad5857520f 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1789,8 +1789,6 @@ typedef struct user_struct {
 	int n_groups;
 	gid_t *groups;
 
-	NT_USER_TOKEN *nt_user_token;
-
 	DATA_BLOB session_key;
 
 	char *session_keystr; /* used by utmp and pam session code.  
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index 45f649d0cea..92247743800 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -342,7 +342,7 @@ static void *make_internal_rpc_pipe_p(const char *pipe_name,
 	if (vuser) {
 		p->session_key = data_blob(vuser->session_key.data, vuser->session_key.length);
 		p->pipe_user.nt_user_token = dup_nt_token(
-			NULL, vuser->nt_user_token);
+			NULL, vuser->server_info->ptok);
 	}
 
 	/*
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 124bc315fa1..2636438d5d3 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -310,9 +310,7 @@ int register_existing_vuid(uint16 vuid,
 		"Real name: %s\n", vuser->user.unix_name,
 		vuser->user.full_name));
 
-	if (server_info->ptok) {
-		vuser->nt_user_token = dup_nt_token(vuser, server_info->ptok);
-	} else {
+	if (!server_info->ptok) {
 		DEBUG(1, ("register_existing_vuid: server_info does not "
 			"contain a user_token - cannot continue\n"));
 		goto fail;
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index a405ffc9bcc..a286e561c75 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -725,7 +725,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 			}
 		} else {
 			if (!user_ok_token(vuser->user.unix_name,
-					   vuser->nt_user_token, snum)) {
+					   vuser->server_info->ptok, snum)) {
 				DEBUG(2, ("user '%s' (from session setup) not "
 					  "permitted to access this share "
 					  "(%s)\n", vuser->user.unix_name,
@@ -861,7 +861,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 			 * group. vuser has a token to copy */
 			
 			conn->nt_user_token = dup_nt_token(
-				NULL, vuser->nt_user_token);
+				NULL, vuser->server_info->ptok);
 			if (conn->nt_user_token == NULL) {
 				DEBUG(0, ("dup_nt_token failed\n"));
 				conn_free(conn);
@@ -948,7 +948,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 		bool can_write = False;
 		NT_USER_TOKEN *token = conn->nt_user_token ?
 			conn->nt_user_token :
-			(vuser ? vuser->nt_user_token : NULL);
+			(vuser ? vuser->server_info->ptok : NULL);
 
 		/*
 		 * I don't believe this can happen. But the
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index ffa643a8f56..866f954436c 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -97,15 +97,15 @@ static bool check_user_ok(connection_struct *conn, user_struct *vuser,int snum)
 		}
 	}
 
-	if (!user_ok_token(vuser->user.unix_name, vuser->nt_user_token, snum))
+	if (!user_ok_token(vuser->user.unix_name, vuser->server_info->ptok,
+			   snum))
 		return(False);
 
-	readonly_share = is_share_read_only_for_token(vuser->user.unix_name,
-						      vuser->nt_user_token,
-						      SNUM(conn));
+	readonly_share = is_share_read_only_for_token(
+		vuser->user.unix_name, vuser->server_info->ptok, SNUM(conn));
 
 	token = conn->nt_user_token ?
-		conn->nt_user_token : vuser->nt_user_token;
+		conn->nt_user_token : vuser->server_info->ptok;
 
 	if (!readonly_share &&
 	    !share_access_check(token, lp_servicename(snum),
@@ -132,7 +132,7 @@ static bool check_user_ok(connection_struct *conn, user_struct *vuser,int snum)
 	ent->read_only = readonly_share;
 
 	ent->admin_user = token_contains_name_in_list(
-		vuser->user.unix_name, NULL, vuser->nt_user_token,
+		vuser->user.unix_name, NULL, vuser->server_info->ptok,
 		lp_admin_users(SNUM(conn)));
 
 	conn->read_only = ent->read_only;
@@ -204,7 +204,7 @@ bool change_to_user(connection_struct *conn, uint16 vuid)
 		gid = vuser->gid;
 		num_groups = vuser->n_groups;
 		group_list  = vuser->groups;
-		token = vuser->nt_user_token;
+		token = vuser->server_info->ptok;
 	} else {
 		DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
 			 "share %s.\n",vuid, lp_servicename(snum) ));
-- 
2.34.1