From 128ae06a619b2c50cc9379053abb18277e814747 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 18 Jul 2011 12:58:25 +1000 Subject: [PATCH] s3-auth use auth_user_info not netr_SamInfo3 in auth3_session_info This makes auth3_session_info identical to auth_session_info The logic to convert the info3 to a struct auth_user_info is essentially moved up the stack from the named pipe proxy in source3/rpc_server to create_local_token(). Andrew Bartlett Signed-off-by: Andrew Tridgell --- librpc/idl/auth.idl | 4 +- source3/auth/auth_util.c | 27 ++++++-- source3/modules/vfs_expand_msdfs.c | 2 +- source3/modules/vfs_full_audit.c | 2 +- source3/modules/vfs_recycle.c | 2 +- source3/modules/vfs_smb_traffic_analyzer.c | 6 +- source3/printing/nt_printing.c | 2 +- source3/printing/printing.c | 2 +- source3/rpc_server/lsa/srv_lsa_nt.c | 2 +- source3/rpc_server/netlogon/srv_netlog_nt.c | 2 +- source3/rpc_server/rpc_ncacn_np.c | 17 +---- source3/rpc_server/rpc_server.c | 71 ++++++++------------- source3/rpc_server/spoolss/srv_spoolss_nt.c | 12 ++-- source3/smbd/lanman.c | 6 +- source3/smbd/password.c | 6 +- source3/smbd/process.c | 2 +- source3/smbd/service.c | 12 ++-- source3/smbd/smb2_server.c | 2 +- source3/smbd/uid.c | 6 +- 19 files changed, 84 insertions(+), 101 deletions(-) diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl index 962383d1756..a14b2412544 100644 --- a/librpc/idl/auth.idl +++ b/librpc/idl/auth.idl @@ -9,7 +9,7 @@ */ -import "misc.idl", "security.idl", "lsa.idl", "krb5pac.idl", "netlogon.idl"; +import "misc.idl", "security.idl", "lsa.idl", "krb5pac.idl"; [ pyhelper("librpc/ndr/py_auth.c"), helper("../librpc/ndr/ndr_auth.h"), @@ -103,7 +103,7 @@ interface auth typedef [public] struct { security_token *security_token; security_unix_token *unix_token; - netr_SamInfo3 *info3; + auth_user_info *info; auth_user_info_unix *unix_info; [value(NULL), ignore] auth_user_info_torture *torture; diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index eb804c5f13b..1839f3d422c 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -31,6 +31,7 @@ #include "lib/winbind_util.h" #include "passdb.h" #include "../librpc/gen_ndr/ndr_auth.h" +#include "../auth/auth_sam_reply.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_AUTH @@ -464,6 +465,8 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, struct dom_sid tmp_sid; struct auth3_session_info *session_info; struct wbcUnixId *ids; + struct auth_user_info_dc *user_info_dc; + union netr_Validation val; /* Ensure we can't possible take a code path leading to a * null defref. */ @@ -485,12 +488,6 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, session_info->unix_token->uid = server_info->utok.uid; session_info->unix_token->gid = server_info->utok.gid; - session_info->info3 = copy_netr_SamInfo3(session_info, server_info->info3); - if (!session_info->info3) { - TALLOC_FREE(session_info); - return NT_STATUS_NO_MEMORY; - } - session_info->unix_info = talloc_zero(session_info, struct auth_user_info_unix); if (!session_info->unix_info) { TALLOC_FREE(session_info); @@ -550,6 +547,22 @@ NTSTATUS create_local_token(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } + val.sam3 = server_info->info3; + + /* Convert into something we can build a struct + * auth_session_info from. Most of the work here + * will be to convert the SIDS, which we will then ignore, but + * this is the easier way to handle it */ + status = make_user_info_dc_netlogon_validation(talloc_tos(), "", 3, &val, &user_info_dc); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("conversion of info3 into user_info_dc failed!\n")); + TALLOC_FREE(session_info); + return status; + } + + session_info->info = talloc_move(session_info, &user_info_dc->info); + talloc_free(user_info_dc); + /* * If winbind is not around, we can not make much use of the SIDs the * domain controller provided us with. Likewise if the user name was @@ -872,7 +885,7 @@ static NTSTATUS make_new_session_info_guest(struct auth3_session_info **session_ all zeros! */ (*session_info)->session_key = data_blob(zeros, sizeof(zeros)); - alpha_strcpy(tmp, (*session_info)->info3->base.account_name.string, + alpha_strcpy(tmp, (*server_info)->info3->base.account_name.string, ". _-$", sizeof(tmp)); (*session_info)->unix_info->sanitized_username = talloc_strdup(*session_info, tmp); diff --git a/source3/modules/vfs_expand_msdfs.c b/source3/modules/vfs_expand_msdfs.c index c857c1a4242..a0d0d3d12af 100644 --- a/source3/modules/vfs_expand_msdfs.c +++ b/source3/modules/vfs_expand_msdfs.c @@ -161,7 +161,7 @@ static char *expand_msdfs_target(TALLOC_CTX *ctx, conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, targethost); DEBUG(10, ("Expanded targethost to %s\n", targethost)); diff --git a/source3/modules/vfs_full_audit.c b/source3/modules/vfs_full_audit.c index da285510462..9471e6d8c2b 100644 --- a/source3/modules/vfs_full_audit.c +++ b/source3/modules/vfs_full_audit.c @@ -410,7 +410,7 @@ static char *audit_prefix(TALLOC_CTX *ctx, connection_struct *conn) conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, prefix); TALLOC_FREE(prefix); return result; diff --git a/source3/modules/vfs_recycle.c b/source3/modules/vfs_recycle.c index 65de114b831..03da571d1a4 100644 --- a/source3/modules/vfs_recycle.c +++ b/source3/modules/vfs_recycle.c @@ -447,7 +447,7 @@ static int recycle_unlink(vfs_handle_struct *handle, conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, recycle_repository(handle)); ALLOC_CHECK(repository, done); /* shouldn't we allow absolute path names here? --metze */ diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c index fb36c4c99ea..5f05fa68d1e 100644 --- a/source3/modules/vfs_smb_traffic_analyzer.c +++ b/source3/modules/vfs_smb_traffic_analyzer.c @@ -373,8 +373,8 @@ static char *smb_traffic_analyzer_create_string( TALLOC_CTX *ctx, (unsigned int) strlen(service_name), service_name, (unsigned int) - strlen(handle->conn->session_info->info3->base.domain.string), - handle->conn->session_info->info3->base.domain.string, + strlen(handle->conn->session_info->info->domain_name), + handle->conn->session_info->info->domain_name, (unsigned int) strlen(timestr), timestr, (unsigned int) strlen(raddr), @@ -490,7 +490,7 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, "\"%04d-%02d-%02d %02d:%02d:%02d.%03d\"\n", (unsigned int) s_data->len, username, - handle->conn->session_info->info3->base.domain.string, + handle->conn->session_info->info->domain_name, Write ? 'W' : 'R', handle->conn->connectpath, s_data->filename, diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 0023515bb13..7e2eaaf3045 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -1803,7 +1803,7 @@ bool print_access_check(const struct auth3_session_info *session_info, if (!NT_STATUS_IS_OK(status) && (token_contains_name_in_list(uidtoname(session_info->unix_token->uid), - session_info->info3->base.domain.string, + session_info->info->domain_name, NULL, session_info->security_token, lp_printer_admin(snum)))) { talloc_destroy(mem_ctx); diff --git a/source3/printing/printing.c b/source3/printing/printing.c index a2d5c5373bc..07aaea20c69 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -2843,7 +2843,7 @@ WERROR print_job_start(const struct auth3_session_info *server_info, standard_sub_advanced(sharename, server_info->unix_info->sanitized_username, path, server_info->unix_token->gid, server_info->unix_info->sanitized_username, - server_info->info3->base.domain.string, + server_info->info->domain_name, pjob.user, sizeof(pjob.user)-1); /* ensure NULL termination */ pjob.user[sizeof(pjob.user)-1] = '\0'; diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c index 309e2aa5f63..8aea353679e 100644 --- a/source3/rpc_server/lsa/srv_lsa_nt.c +++ b/source3/rpc_server/lsa/srv_lsa_nt.c @@ -2412,7 +2412,7 @@ NTSTATUS _lsa_GetUserName(struct pipes_struct *p, } } else { username = p->session_info->unix_info->sanitized_username; - domname = p->session_info->info3->base.domain.string; + domname = p->session_info->info->domain_name; } account_name = talloc(p->mem_ctx, struct lsa_String); diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index 82f83319951..4ff6f909d64 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -209,7 +209,7 @@ WERROR _netr_LogonControl2Ex(struct pipes_struct *p, return WERR_INVALID_PARAM; } - acct_ctrl = p->session_info->info3->base.acct_flags; + acct_ctrl = p->session_info->info->acct_flags; switch (r->in.function_code) { case NETLOGON_CONTROL_TC_VERIFY: diff --git a/source3/rpc_server/rpc_ncacn_np.c b/source3/rpc_server/rpc_ncacn_np.c index f43d0b81bc4..25435b8ea41 100644 --- a/source3/rpc_server/rpc_ncacn_np.c +++ b/source3/rpc_server/rpc_ncacn_np.c @@ -629,8 +629,6 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, struct tevent_req *subreq; struct auth_session_info_transport *session_info_t; struct auth_session_info *session_info_npa; - struct auth_user_info_dc *user_info_dc; - union netr_Validation val; NTSTATUS status; bool ok; int ret; @@ -685,20 +683,7 @@ struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx, session_info_npa->unix_token = session_info->unix_token; session_info_npa->unix_info = session_info->unix_info; - val.sam3 = session_info->info3; - - /* Convert into something we can build a struct - * auth_session_info from. Most of the work here - * will be to convert the SIDS, which we will then ignore, but - * this is the easier way to handle it */ - status = make_user_info_dc_netlogon_validation(talloc_tos(), "", 3, &val, &user_info_dc); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("conversion of info3 into user_info_dc failed!\n")); - goto fail; - } - - session_info_npa->info = talloc_move(session_info_npa, &user_info_dc->info); - talloc_free(user_info_dc); + session_info_npa->info = session_info->info; session_info_t = talloc_zero(talloc_tos(), struct auth_session_info_transport); if (session_info_npa == NULL) { diff --git a/source3/rpc_server/rpc_server.c b/source3/rpc_server/rpc_server.c index 7e383e84c19..eb9def9a9af 100644 --- a/source3/rpc_server/rpc_server.c +++ b/source3/rpc_server/rpc_server.c @@ -40,8 +40,6 @@ static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx, { struct auth_session_info *i; struct auth3_session_info *s; - struct auth_user_info_dc *u; - union netr_Validation val; NTSTATUS status; i = talloc_zero(mem_ctx, struct auth_session_info); @@ -56,20 +54,7 @@ static NTSTATUS auth_anonymous_session_info(TALLOC_CTX *mem_ctx, i->security_token = s->security_token; i->session_key = s->session_key; - - val.sam3 = s->info3; - - status = make_user_info_dc_netlogon_validation(mem_ctx, - "", - 3, - &val, - &u); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("conversion of info3 into user_info_dc failed!\n")); - return status; - } - i->info = talloc_move(i, &u->info); - talloc_free(u); + i->info = s->info; *session_info = i; @@ -88,8 +73,6 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, struct pipes_struct **_p, int *perrno) { - struct netr_SamInfo3 *info3; - struct auth_user_info_dc *auth_user_info_dc; struct pipes_struct *p; NTSTATUS status; @@ -114,30 +97,6 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, p->endian = RPC_LITTLE_ENDIAN; - /* Fake up an auth_user_info_dc for now, to make an info3, to make the session_info structure */ - auth_user_info_dc = talloc_zero(p, struct auth_user_info_dc); - if (!auth_user_info_dc) { - TALLOC_FREE(p); - *perrno = ENOMEM; - return -1; - } - - auth_user_info_dc->num_sids = session_info->security_token->num_sids; - auth_user_info_dc->sids = session_info->security_token->sids; - auth_user_info_dc->info = session_info->info; - auth_user_info_dc->user_session_key = session_info->session_key; - - /* This creates the input structure that make_server_info_info3 is looking for */ - status = auth_convert_user_info_dc_saminfo3(p, auth_user_info_dc, - &info3); - - if (!NT_STATUS_IS_OK(status)) { - DEBUG(1, ("Failed to convert auth_user_info_dc into netr_SamInfo3\n")); - TALLOC_FREE(p); - *perrno = EINVAL; - return -1; - } - if (session_info->unix_token && session_info->unix_info && session_info->security_token) { /* Don't call create_local_token(), we already have the full details here */ p->session_info = talloc_zero(p, struct auth3_session_info); @@ -149,12 +108,38 @@ static int make_server_pipes_struct(TALLOC_CTX *mem_ctx, p->session_info->security_token = talloc_move(p->session_info, &session_info->security_token); p->session_info->unix_token = talloc_move(p->session_info, &session_info->unix_token); p->session_info->unix_info = talloc_move(p->session_info, &session_info->unix_info); - p->session_info->info3 = talloc_move(p->session_info, &info3); + p->session_info->info = talloc_move(p->session_info, &session_info->info); p->session_info->session_key = session_info->session_key; p->session_info->session_key.data = talloc_move(p->session_info, &session_info->session_key.data); } else { + struct auth_user_info_dc *auth_user_info_dc; struct auth_serversupplied_info *server_info; + struct netr_SamInfo3 *info3; + + /* Fake up an auth_user_info_dc for now, to make an info3, to make the session_info structure */ + auth_user_info_dc = talloc_zero(p, struct auth_user_info_dc); + if (!auth_user_info_dc) { + TALLOC_FREE(p); + *perrno = ENOMEM; + return -1; + } + + auth_user_info_dc->num_sids = session_info->security_token->num_sids; + auth_user_info_dc->sids = session_info->security_token->sids; + auth_user_info_dc->info = session_info->info; + auth_user_info_dc->user_session_key = session_info->session_key; + + /* This creates the input structure that make_server_info_info3 is looking for */ + status = auth_convert_user_info_dc_saminfo3(p, auth_user_info_dc, + &info3); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Failed to convert auth_user_info_dc into netr_SamInfo3\n")); + TALLOC_FREE(p); + *perrno = EINVAL; + return -1; + } status = make_server_info_info3(p, info3->base.account_name.string, diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c index 12dcc27615d..71ae93766a2 100644 --- a/source3/rpc_server/spoolss/srv_spoolss_nt.c +++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c @@ -1832,7 +1832,7 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, !nt_token_check_sid(&global_sid_Builtin_Print_Operators, p->session_info->security_token) && !token_contains_name_in_list( uidtoname(p->session_info->unix_token->uid), - p->session_info->info3->base.domain.string, + p->session_info->info->domain_name, NULL, p->session_info->security_token, lp_printer_admin(snum))) { @@ -2095,7 +2095,7 @@ WERROR _spoolss_DeletePrinterDriver(struct pipes_struct *p, && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list( uidtoname(p->session_info->unix_token->uid), - p->session_info->info3->base.domain.string, + p->session_info->info->domain_name, NULL, p->session_info->security_token, lp_printer_admin(-1)) ) @@ -2199,7 +2199,7 @@ WERROR _spoolss_DeletePrinterDriverEx(struct pipes_struct *p, && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list( uidtoname(p->session_info->unix_token->uid), - p->session_info->info3->base.domain.string, + p->session_info->info->domain_name, NULL, p->session_info->security_token, lp_printer_admin(-1)) ) { @@ -8553,7 +8553,7 @@ WERROR _spoolss_AddForm(struct pipes_struct *p, if ((p->session_info->unix_token->uid != sec_initial_uid()) && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid), - p->session_info->info3->base.domain.string, + p->session_info->info->domain_name, NULL, p->session_info->security_token, lp_printer_admin(snum))) { @@ -8626,7 +8626,7 @@ WERROR _spoolss_DeleteForm(struct pipes_struct *p, if ((p->session_info->unix_token->uid != sec_initial_uid()) && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid), - p->session_info->info3->base.domain.string, + p->session_info->info->domain_name, NULL, p->session_info->security_token, lp_printer_admin(snum))) { @@ -8695,7 +8695,7 @@ WERROR _spoolss_SetForm(struct pipes_struct *p, if ((p->session_info->unix_token->uid != sec_initial_uid()) && !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list(uidtoname(p->session_info->unix_token->uid), - p->session_info->info3->base.domain.string, + p->session_info->info->domain_name, NULL, p->session_info->security_token, lp_printer_admin(snum))) { diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index c1b7ab6077f..4f905cf9b1c 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -121,7 +121,7 @@ static int CopyExpanded(connection_struct *conn, conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, buf); if (!buf) { *p_space_remaining = 0; @@ -172,7 +172,7 @@ static int StrlenExpanded(connection_struct *conn, int snum, char *s) conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, buf); if (!buf) { return 0; @@ -4696,7 +4696,7 @@ static bool api_WWkstaUserLogon(struct smbd_server_connection *sconn, PACKS(&desc,"z",lp_workgroup());/* domain */ PACKS(&desc,"z", vuser ? - vuser->session_info->info3->base.logon_script.string + vuser->session_info->info->logon_script : ""); /* script path */ PACKI(&desc,"D",0x00000000); /* reserved */ } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 9daecaf48ec..c4329bc000f 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -293,12 +293,12 @@ int register_existing_vuid(struct smbd_server_connection *sconn, (unsigned int)vuser->session_info->unix_token->gid, vuser->session_info->unix_info->unix_name, vuser->session_info->unix_info->sanitized_username, - vuser->session_info->info3->base.domain.string, + vuser->session_info->info->domain_name, vuser->session_info->unix_info->guest )); DEBUG(3, ("register_existing_vuid: User name: %s\t" "Real name: %s\n", vuser->session_info->unix_info->unix_name, - vuser->session_info->info3->base.full_name.string)); + vuser->session_info->info->full_name)); if (!vuser->session_info->security_token) { DEBUG(1, ("register_existing_vuid: session_info does not " @@ -346,7 +346,7 @@ int register_existing_vuid(struct smbd_server_connection *sconn, set_current_user_info( vuser->session_info->unix_info->sanitized_username, vuser->session_info->unix_info->unix_name, - vuser->session_info->info3->base.domain.string); + vuser->session_info->info->domain_name); return vuser->vuid; diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 66c7d083830..0e198ee0e56 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1414,7 +1414,7 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in set_current_user_info( vuser->session_info->unix_info->sanitized_username, vuser->session_info->unix_info->unix_name, - vuser->session_info->info3->base.domain.string); + vuser->session_info->info->domain_name); } } } diff --git a/source3/smbd/service.c b/source3/smbd/service.c index d5a757c61fc..2ac462f9300 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -403,7 +403,7 @@ static NTSTATUS create_connection_session_info(struct smbd_server_connection *sc } } else { if (!user_ok_token(vuid_serverinfo->unix_info->unix_name, - vuid_serverinfo->info3->base.domain.string, + vuid_serverinfo->info->domain_name, vuid_serverinfo->security_token, snum)) { DEBUG(2, ("user '%s' (from session setup) not " "permitted to access this share " @@ -617,7 +617,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, lp_pathname(snum)); if (!s) { *pstatus = NT_STATUS_NO_MEMORY; @@ -739,7 +739,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, lp_rootpreexec(snum)); DEBUG(5,("cmd=%s\n",cmd)); ret = smbrun(cmd,NULL); @@ -777,7 +777,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, lp_preexec(snum)); ret = smbrun(cmd,NULL); TALLOC_FREE(cmd); @@ -1097,7 +1097,7 @@ void close_cnum(connection_struct *conn, uint16 vuid) conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, lp_postexec(SNUM(conn))); smbrun(cmd,NULL); TALLOC_FREE(cmd); @@ -1113,7 +1113,7 @@ void close_cnum(connection_struct *conn, uint16 vuid) conn->connectpath, conn->session_info->unix_token->gid, conn->session_info->unix_info->sanitized_username, - conn->session_info->info3->base.domain.string, + conn->session_info->info->domain_name, lp_rootpostexec(SNUM(conn))); smbrun(cmd,NULL); TALLOC_FREE(cmd); diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index 7e181ef5dda..11b5ed8bf03 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -1190,7 +1190,7 @@ static NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req) set_current_user_info(session->session_info->unix_info->sanitized_username, session->session_info->unix_info->unix_name, - session->session_info->info3->base.domain.string); + session->session_info->info->domain_name); req->session = session; diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 47c9786116e..7b6b644dcc5 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -110,13 +110,13 @@ static bool check_user_ok(connection_struct *conn, } if (!user_ok_token(session_info->unix_info->unix_name, - session_info->info3->base.domain.string, + session_info->info->domain_name, session_info->security_token, snum)) return(False); readonly_share = is_share_read_only_for_token( session_info->unix_info->unix_name, - session_info->info3->base.domain.string, + session_info->info->domain_name, session_info->security_token, conn); @@ -141,7 +141,7 @@ static bool check_user_ok(connection_struct *conn, admin_user = token_contains_name_in_list( session_info->unix_info->unix_name, - session_info->info3->base.domain.string, + session_info->info->domain_name, NULL, session_info->security_token, lp_admin_users(snum)); if (valid_vuid) { -- 2.34.1