diff options
author | Jeremy Allison <jra@samba.org> | 2014-06-16 23:15:21 -0700 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2015-07-11 21:59:25 +0200 |
commit | 4bdfb15ecd6c3fe154130d252fb7d392dd46323c (patch) | |
tree | c651aae205c8a0e1c900ebf242af0f52daaee7f4 | |
parent | 02bda079a0a22a62b05689f571da34f232caace4 (diff) | |
download | samba-4bdfb15ecd6c3fe154130d252fb7d392dd46323c.tar.gz |
s3: auth: Change auth3_generate_session_info_pac() to use a copy of the info3 struct from the struct PAC_LOGON_INFO.
Call create_info3_from_pac_logon_info() to add in any resource SIDs
from the struct PAC_LOGON_INFO to the info3.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-by: Simo Sorce <idra@samba.org>
(cherry picked from commit 0e5a9f44e4b08b93bc4b501d1e14b59ed7b3647c)
-rw-r--r-- | source3/auth/auth_generic.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/source3/auth/auth_generic.c b/source3/auth/auth_generic.c index 2880bc9e019..f841f0cdc24 100644 --- a/source3/auth/auth_generic.c +++ b/source3/auth/auth_generic.c @@ -44,6 +44,7 @@ static NTSTATUS auth3_generate_session_info_pac(struct auth4_context *auth_ctx, { TALLOC_CTX *tmp_ctx; struct PAC_LOGON_INFO *logon_info = NULL; + struct netr_SamInfo3 *info3_copy = NULL; bool is_mapped; bool is_guest; char *ntuser; @@ -101,7 +102,13 @@ static NTSTATUS auth3_generate_session_info_pac(struct auth4_context *auth_ctx, /* save the PAC data if we have it */ if (logon_info) { - netsamlogon_cache_store(ntuser, &logon_info->info3); + status = create_info3_from_pac_logon_info(tmp_ctx, + logon_info, + &info3_copy); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + netsamlogon_cache_store(ntuser, info3_copy); } /* setup the string used by %U */ @@ -112,7 +119,7 @@ static NTSTATUS auth3_generate_session_info_pac(struct auth4_context *auth_ctx, status = make_session_info_krb5(mem_ctx, ntuser, ntdomain, username, pw, - &logon_info->info3, is_guest, is_mapped, NULL /* No session key for now, caller will sort it out */, + info3_copy, is_guest, is_mapped, NULL /* No session key for now, caller will sort it out */, session_info); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("Failed to map kerberos pac to server info (%s)\n", |