git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f3ca3e7)
s3:auth: move add_local_groups() out of finalize_local_nt_token()
authorStefan Metzmacher <metze@samba.org>
Tue, 6 Mar 2018 16:14:34 +0000 (17:14 +0100)
committerRalph Boehme <slow@samba.org>
Thu, 15 Mar 2018 20:54:16 +0000 (21:54 +0100)
finalize_local_nt_token() will be used in another place,
were we don't want to add local groups in a following commit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13328

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
source3/auth/token_util.c patch | blob | history

diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 03c4b646007b8d1f61e6a76aea5938ff6e5cf56a..e5a12db1ba37b0f8e0eab1659a721241610bc8eb 100644 (file)
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -208,6 +208,8 @@ static NTSTATUS add_builtin_administrators(struct security_token *token,
        return NT_STATUS_OK;
 }
 
+static NTSTATUS add_local_groups(struct security_token *result,
+                                bool is_guest);
 static NTSTATUS finalize_local_nt_token(struct security_token *result,
                                        bool is_guest);
 
@@ -323,6 +325,13 @@ NTSTATUS create_local_nt_token_from_info3(TALLOC_CTX *mem_ctx,
                }
        }
 
+       status = add_local_groups(usrtok, is_guest);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(3, ("Failed to add local groups\n"));
+               TALLOC_FREE(usrtok);
+               return status;
+       }
+
        status = finalize_local_nt_token(usrtok, is_guest);
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(3, ("Failed to finalize nt token\n"));
@@ -392,6 +401,12 @@ struct security_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
                }
        }
 
+       status = add_local_groups(result, is_guest);
+       if (!NT_STATUS_IS_OK(status)) {
+               TALLOC_FREE(result);
+               return NULL;
+       }
+
        status = finalize_local_nt_token(result, is_guest);
        if (!NT_STATUS_IS_OK(status)) {
                TALLOC_FREE(result);
@@ -502,13 +517,6 @@ static NTSTATUS finalize_local_nt_token(struct security_token *result,
        NTSTATUS status;
        struct acct_info *info;
 
-       /* Add any local groups. */
-
-       status = add_local_groups(result, is_guest);
-       if (!NT_STATUS_IS_OK(status)) {
-               return status;
-       }
-
        /* Add in BUILTIN sids */
 
        status = add_sid_to_array(result, &global_sid_World,
Samba Shared Repository