r22978: Don't use current_user to prep the security ctx in change_to_user

since any SID/uid/gid translation calls will reset the struct when
popping the security ctx.  This should fix the standalone server
configuration issues reported by David Rankin (thanks for the logs).
(This used to be commit 63cb25bad19d9600399a6ee2221497d71e805320)

diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 85885803222f66d66a067a8cc094f8db3260d0bb..c6d4e3329c8b9ff8513c20c8eed2dd257dc51e7c 100644 (file)
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -156,7 +156,9 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid)
        char group_c;
        BOOL must_free_token = False;
        NT_USER_TOKEN *token = NULL;
-
+       int num_groups = 0;
+       gid_t *group_list = NULL;
+       
        if (!conn) {
                DEBUG(2,("change_to_user: Connection not open\n"));
                return(False);
@@ -195,14 +197,14 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid)
        if (conn->force_user) /* security = share sets this too */ {
                uid = conn->uid;
                gid = conn->gid;
-               current_user.ut.groups = conn->groups;
-               current_user.ut.ngroups = conn->ngroups;
+               group_list = conn->groups;
+               num_groups = conn->ngroups;
                token = conn->nt_user_token;
        } else if (vuser) {
                uid = conn->admin_user ? 0 : vuser->uid;
                gid = vuser->gid;
-               current_user.ut.ngroups = vuser->n_groups;
-               current_user.ut.groups  = vuser->groups;
+               num_groups = vuser->n_groups;
+               group_list  = vuser->groups;
                token = vuser->nt_user_token;
        } else {
                DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
@@ -235,8 +237,8 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid)
                         */
 
                        int i;
-                       for (i = 0; i < current_user.ut.ngroups; i++) {
-                               if (current_user.ut.groups[i] == conn->gid) {
+                       for (i = 0; i < num_groups; i++) {
+                               if (group_list[i] == conn->gid) {
                                        gid = conn->gid;
                                        gid_to_sid(&token->user_sids[1], gid);
                                        break;
@@ -248,6 +250,12 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid)
                }
        }
        
+       /* Now set current_user since we will immediately also call
+          set_sec_ctx() */
+
+       current_user.ut.ngroups = num_groups;
+       current_user.ut.groups  = group_list;   
+
        set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups,
                    token);