mirror of
https://github.com/samba-team/samba.git
synced 2025-02-01 05:47:28 +03:00
dsdb: add defines for sessionInfo and networkSessionInfo
Replace uses of the string "sessionInfo" with the constant DSDB_SESSION_INFO, and "networkSessionInfo" with the constant DSDB_NETWORK_SESSION_INFO. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Gary Lockyer
Andrew Bartlett
parent
d4deb800e2
commit
1b07f13372
@ -48,6 +48,7 @@
|
||||
#include "libcli/ldap/ldap_client.h"
|
||||
#include "auth/auth.h"
|
||||
#include "auth/credentials/credentials.h"
|
||||
#include "dsdb/common/util.h"
|
||||
|
||||
struct ildb_private {
|
||||
struct ldap_connection *ldap;
|
||||
@ -833,7 +834,9 @@ static int ildb_connect(struct ldb_context *ldb, const char *url,
|
||||
/* caller can optionally setup credentials using the opaque token 'credentials' */
|
||||
creds = talloc_get_type(ldb_get_opaque(ldb, "credentials"), struct cli_credentials);
|
||||
if (creds == NULL) {
|
||||
struct auth_session_info *session_info = talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info);
|
||||
struct auth_session_info *session_info = talloc_get_type(
|
||||
ldb_get_opaque(ldb, DSDB_SESSION_INFO),
|
||||
struct auth_session_info);
|
||||
if (session_info) {
|
||||
creds = session_info->credentials;
|
||||
}
|
||||
|
||||
@ -361,7 +361,7 @@ static int dsdb_match_for_expunge(struct ldb_context *ldb,
|
||||
}
|
||||
|
||||
session_info
|
||||
= talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"),
|
||||
= talloc_get_type(ldb_get_opaque(ldb, DSDB_SESSION_INFO),
|
||||
struct auth_session_info);
|
||||
if (security_session_user_level(session_info, NULL) != SECURITY_SYSTEM) {
|
||||
return LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS;
|
||||
|
||||
@ -33,6 +33,7 @@
|
||||
#include "lib/ldb-samba/ldif_handlers.h"
|
||||
#include "ldb_wrap.h"
|
||||
#include "dsdb/samdb/samdb.h"
|
||||
#include "dsdb/common/util.h"
|
||||
#include "param/param.h"
|
||||
#include "../lib/util/dlinklist.h"
|
||||
#include "lib/util/util_paths.h"
|
||||
@ -146,7 +147,7 @@ char *wrap_casefold(void *context, void *mem_ctx, const char *s, size_t n)
|
||||
ldb_set_utf8_fns(ldb, NULL, wrap_casefold);
|
||||
|
||||
if (session_info) {
|
||||
if (ldb_set_opaque(ldb, "sessionInfo", session_info)) {
|
||||
if (ldb_set_opaque(ldb, DSDB_SESSION_INFO, session_info)) {
|
||||
talloc_free(ldb);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -29,6 +29,7 @@
|
||||
#include "ldb_wrap.h"
|
||||
#include "lib/ldb-samba/ldif_handlers.h"
|
||||
#include "auth/pyauth.h"
|
||||
#include "source4/dsdb/common/util.h"
|
||||
|
||||
|
||||
static PyObject *pyldb_module;
|
||||
@ -194,7 +195,7 @@ static PyObject *py_ldb_set_session_info(PyObject *self, PyObject *args)
|
||||
|
||||
info = PyAuthSession_AsSession(py_session_info);
|
||||
|
||||
ldb_set_opaque(ldb, "sessionInfo", info);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, info);
|
||||
|
||||
Py_RETURN_NONE;
|
||||
}
|
||||
|
||||
@ -29,6 +29,7 @@
|
||||
#include "auth/auth.h"
|
||||
#include "param/param.h"
|
||||
#include "dsdb/samdb/samdb.h"
|
||||
#include "dsdb/common/util.h"
|
||||
#include "ldb_wrap.h"
|
||||
#include "popt.h"
|
||||
|
||||
@ -84,7 +85,11 @@ static int extensions_hook(struct ldb_context *ldb, enum ldb_module_hook_type t)
|
||||
}
|
||||
gensec_init();
|
||||
|
||||
if (ldb_set_opaque(ldb, "sessionInfo", system_session(cmdline_lp_ctx))) {
|
||||
if (ldb_set_opaque(
|
||||
ldb,
|
||||
DSDB_SESSION_INFO,
|
||||
system_session(cmdline_lp_ctx))) {
|
||||
|
||||
return ldb_operr(ldb);
|
||||
}
|
||||
if (ldb_set_opaque(ldb, "credentials",
|
||||
|
||||
@ -1596,7 +1596,10 @@ static bool b9_set_session_info(struct dlz_bind9_data *state, const char *name)
|
||||
return true;
|
||||
}
|
||||
|
||||
ret = ldb_set_opaque(state->samdb, "sessionInfo", state->session_info);
|
||||
ret = ldb_set_opaque(
|
||||
state->samdb,
|
||||
DSDB_SESSION_INFO,
|
||||
state->session_info);
|
||||
if (ret != LDB_SUCCESS) {
|
||||
state->log(ISC_LOG_ERROR, "samba_dlz: unable to set session info");
|
||||
return false;
|
||||
@ -1610,7 +1613,10 @@ static bool b9_set_session_info(struct dlz_bind9_data *state, const char *name)
|
||||
*/
|
||||
static void b9_reset_session_info(struct dlz_bind9_data *state)
|
||||
{
|
||||
ldb_set_opaque(state->samdb, "sessionInfo", system_session(state->lp));
|
||||
ldb_set_opaque(
|
||||
state->samdb,
|
||||
DSDB_SESSION_INFO,
|
||||
system_session(state->lp));
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@ -661,7 +661,10 @@ static WERROR handle_updates(struct dns_server *dns,
|
||||
TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
|
||||
|
||||
if (tkey != NULL) {
|
||||
ret = ldb_set_opaque(dns->samdb, "sessionInfo", tkey->session_info);
|
||||
ret = ldb_set_opaque(
|
||||
dns->samdb,
|
||||
DSDB_SESSION_INFO,
|
||||
tkey->session_info);
|
||||
if (ret != LDB_SUCCESS) {
|
||||
DEBUG(1, ("unable to set session info\n"));
|
||||
werror = DNS_ERR(SERVER_FAILURE);
|
||||
@ -693,8 +696,10 @@ static WERROR handle_updates(struct dns_server *dns,
|
||||
TALLOC_FREE(tmp_ctx);
|
||||
|
||||
if (tkey != NULL) {
|
||||
ldb_set_opaque(dns->samdb, "sessionInfo",
|
||||
system_session(dns->task->lp_ctx));
|
||||
ldb_set_opaque(
|
||||
dns->samdb,
|
||||
DSDB_SESSION_INFO,
|
||||
system_session(dns->task->lp_ctx));
|
||||
}
|
||||
|
||||
return WERR_OK;
|
||||
@ -703,8 +708,10 @@ failed:
|
||||
ldb_transaction_cancel(dns->samdb);
|
||||
|
||||
if (tkey != NULL) {
|
||||
ldb_set_opaque(dns->samdb, "sessionInfo",
|
||||
system_session(dns->task->lp_ctx));
|
||||
ldb_set_opaque(
|
||||
dns->samdb,
|
||||
DSDB_SESSION_INFO,
|
||||
system_session(dns->task->lp_ctx));
|
||||
}
|
||||
|
||||
TALLOC_FREE(tmp_ctx);
|
||||
|
||||
@ -71,6 +71,12 @@ bool is_attr_in_list(const char * const * attrs, const char *attr);
|
||||
"unicodePwd", \
|
||||
"dBCSPwd"
|
||||
|
||||
/*
|
||||
* ldb opaque values used to pass the user session information to ldb modules
|
||||
*/
|
||||
#define DSDB_SESSION_INFO "sessionInfo"
|
||||
#define DSDB_NETWORK_SESSION_INFO "networkSessionInfo"
|
||||
|
||||
struct GUID;
|
||||
|
||||
char *NS_GUID_string(TALLOC_CTX *mem_ctx, const struct GUID *guid);
|
||||
|
||||
@ -39,7 +39,9 @@ struct security_token *acl_user_token(struct ldb_module *module)
|
||||
{
|
||||
struct ldb_context *ldb = ldb_module_get_ctx(module);
|
||||
struct auth_session_info *session_info
|
||||
= (struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo");
|
||||
= (struct auth_session_info *)ldb_get_opaque(
|
||||
ldb,
|
||||
DSDB_SESSION_INFO);
|
||||
if(!session_info) {
|
||||
return NULL;
|
||||
}
|
||||
@ -67,7 +69,9 @@ int dsdb_module_check_access_on_dn(struct ldb_module *module,
|
||||
};
|
||||
struct ldb_context *ldb = ldb_module_get_ctx(module);
|
||||
struct auth_session_info *session_info
|
||||
= (struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo");
|
||||
= (struct auth_session_info *)ldb_get_opaque(
|
||||
ldb,
|
||||
DSDB_SESSION_INFO);
|
||||
if(!session_info) {
|
||||
return ldb_operr(ldb);
|
||||
}
|
||||
@ -231,7 +235,9 @@ const char *acl_user_name(TALLOC_CTX *mem_ctx, struct ldb_module *module)
|
||||
{
|
||||
struct ldb_context *ldb = ldb_module_get_ctx(module);
|
||||
struct auth_session_info *session_info
|
||||
= (struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo");
|
||||
= (struct auth_session_info *)ldb_get_opaque(
|
||||
ldb,
|
||||
DSDB_SESSION_INFO);
|
||||
if (!session_info) {
|
||||
return "UNKNOWN (NULL)";
|
||||
}
|
||||
|
||||
@ -134,7 +134,7 @@ const struct dom_sid *dsdb_audit_get_actual_sid(struct ldb_context *ldb)
|
||||
struct auth_session_info *session = NULL;
|
||||
struct security_token *user_token = NULL;
|
||||
|
||||
opaque_session = ldb_get_opaque(ldb, "networkSessionInfo");
|
||||
opaque_session = ldb_get_opaque(ldb, DSDB_NETWORK_SESSION_INFO);
|
||||
if (opaque_session == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
@ -240,7 +240,7 @@ const struct GUID *dsdb_audit_get_unique_session_token(
|
||||
struct auth_session_info *session_info
|
||||
= (struct auth_session_info *)ldb_get_opaque(
|
||||
ldb,
|
||||
"sessionInfo");
|
||||
DSDB_SESSION_INFO);
|
||||
if(!session_info) {
|
||||
return NULL;
|
||||
}
|
||||
@ -265,7 +265,7 @@ const struct GUID *dsdb_audit_get_actual_unique_session_token(
|
||||
struct auth_session_info *session_info
|
||||
= (struct auth_session_info *)ldb_get_opaque(
|
||||
ldb,
|
||||
"networkSessionInfo");
|
||||
DSDB_NETWORK_SESSION_INFO);
|
||||
if(!session_info) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -256,7 +256,7 @@ static DATA_BLOB *get_new_descriptor(struct ldb_module *module,
|
||||
enum ndr_err_code ndr_err;
|
||||
struct ldb_context *ldb = ldb_module_get_ctx(module);
|
||||
struct auth_session_info *session_info
|
||||
= ldb_get_opaque(ldb, "sessionInfo");
|
||||
= ldb_get_opaque(ldb, DSDB_SESSION_INFO);
|
||||
const struct dom_sid *domain_sid = samdb_domain_sid(ldb);
|
||||
char *sddl_sd;
|
||||
struct dom_sid *default_owner;
|
||||
|
||||
@ -468,7 +468,9 @@ static int rootdse_add_dynamic(struct rootdse_context *ac, struct ldb_message *m
|
||||
if (do_attribute_explicit(attrs, "tokenGroups")) {
|
||||
/* Obtain the user's session_info */
|
||||
struct auth_session_info *session_info
|
||||
= (struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo");
|
||||
= (struct auth_session_info *)ldb_get_opaque(
|
||||
ldb,
|
||||
DSDB_SESSION_INFO);
|
||||
if (session_info && session_info->security_token) {
|
||||
/* The list of groups this user is in */
|
||||
for (i = 0; i < session_info->security_token->num_sids; i++) {
|
||||
@ -734,7 +736,9 @@ static int rootdse_filter_operations(struct ldb_module *module, struct ldb_reque
|
||||
return LDB_SUCCESS;
|
||||
}
|
||||
|
||||
session_info = (struct auth_session_info *)ldb_get_opaque(ldb_module_get_ctx(module), "sessionInfo");
|
||||
session_info = (struct auth_session_info *)ldb_get_opaque(
|
||||
ldb_module_get_ctx(module),
|
||||
DSDB_SESSION_INFO);
|
||||
if (session_info) {
|
||||
is_anonymous = security_token_is_anonymous(session_info->security_token);
|
||||
}
|
||||
@ -1273,7 +1277,9 @@ static int rootdse_enableoptionalfeature(struct ldb_module *module, struct ldb_r
|
||||
struct ldb_dn *op_feature_scope_dn;
|
||||
struct ldb_message *op_feature_msg;
|
||||
struct auth_session_info *session_info =
|
||||
(struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo");
|
||||
(struct auth_session_info *)ldb_get_opaque(
|
||||
ldb,
|
||||
DSDB_SESSION_INFO);
|
||||
TALLOC_CTX *tmp_ctx = talloc_new(ldb);
|
||||
int ret;
|
||||
const char *guid_string;
|
||||
@ -1549,7 +1555,9 @@ static int rootdse_become_master(struct ldb_module *module,
|
||||
struct fsmo_transfer_state *fsmo;
|
||||
struct tevent_req *treq;
|
||||
|
||||
session_info = (struct auth_session_info *)ldb_get_opaque(ldb_module_get_ctx(module), "sessionInfo");
|
||||
session_info = (struct auth_session_info *)ldb_get_opaque(
|
||||
ldb_module_get_ctx(module),
|
||||
DSDB_SESSION_INFO);
|
||||
level = security_session_user_level(session_info, NULL);
|
||||
if (level < SECURITY_ADMINISTRATOR) {
|
||||
return ldb_error(ldb, LDB_ERR_INSUFFICIENT_ACCESS_RIGHTS, "Denied rootDSE modify for non-administrator");
|
||||
|
||||
@ -444,7 +444,7 @@ static void test_operation_json(void **state)
|
||||
sess->security_token = token;
|
||||
GUID_from_string(SESSION, &session_id);
|
||||
sess->unique_session_token = session_id;
|
||||
ldb_set_opaque(ldb, "sessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
|
||||
msg = talloc_zero(ctx, struct ldb_message);
|
||||
dn = ldb_dn_new(ctx, ldb, DN);
|
||||
@ -639,7 +639,7 @@ static void test_as_system_operation_json(void **state)
|
||||
sess->security_token = token;
|
||||
GUID_from_string(SESSION, &session_id);
|
||||
sess->unique_session_token = session_id;
|
||||
ldb_set_opaque(ldb, "networkSessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_NETWORK_SESSION_INFO, sess);
|
||||
|
||||
sys_sess = talloc_zero(ctx, struct auth_session_info);
|
||||
sys_token = talloc_zero(ctx, struct security_token);
|
||||
@ -648,7 +648,7 @@ static void test_as_system_operation_json(void **state)
|
||||
sys_sess->security_token = sys_token;
|
||||
GUID_from_string(SYS_SESSION, &sys_session_id);
|
||||
sess->unique_session_token = sys_session_id;
|
||||
ldb_set_opaque(ldb, "sessionInfo", sys_sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sys_sess);
|
||||
|
||||
msg = talloc_zero(ctx, struct ldb_message);
|
||||
dn = ldb_dn_new(ctx, ldb, DN);
|
||||
@ -913,7 +913,7 @@ static void test_password_change_json(void **state)
|
||||
sess->security_token = token;
|
||||
GUID_from_string(SESSION, &session_id);
|
||||
sess->unique_session_token = session_id;
|
||||
ldb_set_opaque(ldb, "sessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
|
||||
msg = talloc_zero(ctx, struct ldb_message);
|
||||
dn = ldb_dn_new(ctx, ldb, DN);
|
||||
@ -1512,7 +1512,7 @@ static void test_operation_hr(void **state)
|
||||
sess->security_token = token;
|
||||
GUID_from_string(SESSION, &session_id);
|
||||
sess->unique_session_token = session_id;
|
||||
ldb_set_opaque(ldb, "sessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
|
||||
msg = talloc_zero(ctx, struct ldb_message);
|
||||
dn = ldb_dn_new(ctx, ldb, DN);
|
||||
@ -1614,7 +1614,7 @@ static void test_as_system_operation_hr(void **state)
|
||||
sess->security_token = token;
|
||||
GUID_from_string(SESSION, &session_id);
|
||||
sess->unique_session_token = session_id;
|
||||
ldb_set_opaque(ldb, "networkSessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_NETWORK_SESSION_INFO, sess);
|
||||
|
||||
sys_sess = talloc_zero(ctx, struct auth_session_info);
|
||||
sys_token = talloc_zero(ctx, struct security_token);
|
||||
@ -1623,7 +1623,7 @@ static void test_as_system_operation_hr(void **state)
|
||||
sys_sess->security_token = sys_token;
|
||||
GUID_from_string(SYS_SESSION, &sys_session_id);
|
||||
sess->unique_session_token = sys_session_id;
|
||||
ldb_set_opaque(ldb, "sessionInfo", sys_sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sys_sess);
|
||||
|
||||
msg = talloc_zero(ctx, struct ldb_message);
|
||||
dn = ldb_dn_new(ctx, ldb, DN);
|
||||
@ -1770,7 +1770,7 @@ static void test_password_change_hr(void **state)
|
||||
sess->security_token = token;
|
||||
GUID_from_string(SESSION, &session_id);
|
||||
sess->unique_session_token = session_id;
|
||||
ldb_set_opaque(ldb, "sessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
|
||||
msg = talloc_zero(ctx, struct ldb_message);
|
||||
dn = ldb_dn_new(ctx, ldb, DN);
|
||||
|
||||
@ -557,7 +557,7 @@ static void test_dsdb_audit_get_user_sid(void **state)
|
||||
/*
|
||||
* Now add a NULL session info
|
||||
*/
|
||||
ldb_set_opaque(ldb, "sessionInfo", NULL);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
sid = dsdb_audit_get_user_sid(module);
|
||||
assert_null(sid);
|
||||
|
||||
@ -565,7 +565,7 @@ static void test_dsdb_audit_get_user_sid(void **state)
|
||||
* Now add a session info with no user sid
|
||||
*/
|
||||
sess = talloc_zero(ctx, struct auth_session_info);
|
||||
ldb_set_opaque(ldb, "sessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
sid = dsdb_audit_get_user_sid(module);
|
||||
assert_null(sid);
|
||||
|
||||
@ -636,7 +636,7 @@ static void test_dsdb_audit_get_actual_sid(void **state)
|
||||
/*
|
||||
* Now add a NULL session info
|
||||
*/
|
||||
ldb_set_opaque(ldb, "networkSessionInfo", NULL);
|
||||
ldb_set_opaque(ldb, DSDB_NETWORK_SESSION_INFO, NULL);
|
||||
sid = dsdb_audit_get_actual_sid(ldb);
|
||||
assert_null(sid);
|
||||
|
||||
@ -644,7 +644,7 @@ static void test_dsdb_audit_get_actual_sid(void **state)
|
||||
* Now add a session info with no user sid
|
||||
*/
|
||||
sess = talloc_zero(ctx, struct auth_session_info);
|
||||
ldb_set_opaque(ldb, "networkSessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_NETWORK_SESSION_INFO, sess);
|
||||
sid = dsdb_audit_get_actual_sid(ldb);
|
||||
assert_null(sid);
|
||||
|
||||
@ -716,14 +716,14 @@ static void test_dsdb_audit_is_system_session(void **state)
|
||||
/*
|
||||
* Now add a NULL session info
|
||||
*/
|
||||
ldb_set_opaque(ldb, "sessionInfo", NULL);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, NULL);
|
||||
assert_false(dsdb_audit_is_system_session(module));
|
||||
|
||||
/*
|
||||
* Now add a session info with no user sid
|
||||
*/
|
||||
sess = talloc_zero(ctx, struct auth_session_info);
|
||||
ldb_set_opaque(ldb, "sessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
assert_false(dsdb_audit_is_system_session(module));
|
||||
|
||||
/*
|
||||
@ -805,7 +805,7 @@ static void test_dsdb_audit_get_unique_session_token(void **state)
|
||||
/*
|
||||
* Now add a NULL session info
|
||||
*/
|
||||
ldb_set_opaque(ldb, "sessionInfo", NULL);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, NULL);
|
||||
guid = dsdb_audit_get_unique_session_token(module);
|
||||
assert_null(guid);
|
||||
|
||||
@ -815,7 +815,7 @@ static void test_dsdb_audit_get_unique_session_token(void **state)
|
||||
* probably off.
|
||||
*/
|
||||
sess = talloc_zero(ctx, struct auth_session_info);
|
||||
ldb_set_opaque(ldb, "sessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
guid = dsdb_audit_get_unique_session_token(module);
|
||||
/*
|
||||
* We will get a GUID, but it's contents will be undefined
|
||||
@ -861,7 +861,7 @@ static void test_dsdb_audit_get_actual_unique_session_token(void **state)
|
||||
/*
|
||||
* Now add a NULL session info
|
||||
*/
|
||||
ldb_set_opaque(ldb, "networkSessionInfo", NULL);
|
||||
ldb_set_opaque(ldb, DSDB_NETWORK_SESSION_INFO, NULL);
|
||||
guid = dsdb_audit_get_actual_unique_session_token(ldb);
|
||||
assert_null(guid);
|
||||
|
||||
@ -871,7 +871,7 @@ static void test_dsdb_audit_get_actual_unique_session_token(void **state)
|
||||
* probably off.
|
||||
*/
|
||||
sess = talloc_zero(ctx, struct auth_session_info);
|
||||
ldb_set_opaque(ldb, "networkSessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_NETWORK_SESSION_INFO, sess);
|
||||
guid = dsdb_audit_get_actual_unique_session_token(ldb);
|
||||
/*
|
||||
* We will get a GUID, but it's contents will be undefined
|
||||
|
||||
@ -198,7 +198,7 @@ static void add_session_data(
|
||||
sess->security_token = token;
|
||||
GUID_from_string(session, &session_id);
|
||||
sess->unique_session_token = session_id;
|
||||
ldb_set_opaque(ldb, "sessionInfo", sess);
|
||||
ldb_set_opaque(ldb, DSDB_SESSION_INFO, sess);
|
||||
}
|
||||
|
||||
static void test_get_transaction_id(void **state)
|
||||
|
||||
@ -1050,7 +1050,9 @@ bool dsdb_module_am_system(struct ldb_module *module)
|
||||
{
|
||||
struct ldb_context *ldb = ldb_module_get_ctx(module);
|
||||
struct auth_session_info *session_info
|
||||
= talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info);
|
||||
= talloc_get_type(
|
||||
ldb_get_opaque(ldb, DSDB_SESSION_INFO),
|
||||
struct auth_session_info);
|
||||
return security_session_user_level(session_info, NULL) == SECURITY_SYSTEM;
|
||||
}
|
||||
|
||||
@ -1058,7 +1060,9 @@ bool dsdb_module_am_administrator(struct ldb_module *module)
|
||||
{
|
||||
struct ldb_context *ldb = ldb_module_get_ctx(module);
|
||||
struct auth_session_info *session_info
|
||||
= talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info);
|
||||
= talloc_get_type(
|
||||
ldb_get_opaque(ldb, DSDB_SESSION_INFO),
|
||||
struct auth_session_info);
|
||||
return security_session_user_level(session_info, NULL) == SECURITY_ADMINISTRATOR;
|
||||
}
|
||||
|
||||
|
||||
@ -23,6 +23,7 @@
|
||||
#include "librpc/gen_ndr/srvsvc.h"
|
||||
#include "rpc_server/dcerpc_server.h"
|
||||
#include "dsdb/samdb/samdb.h"
|
||||
#include "dsdb/common/util.h"
|
||||
#include "auth/auth.h"
|
||||
#include "param/param.h"
|
||||
#include "rpc_server/common/common.h"
|
||||
@ -207,7 +208,7 @@ struct ldb_context *dcesrv_samdb_connect_as_system(
|
||||
if (samdb) {
|
||||
ldb_set_opaque(
|
||||
samdb,
|
||||
"networkSessionInfo",
|
||||
DSDB_NETWORK_SESSION_INFO,
|
||||
dce_call->conn->auth_state.session_info);
|
||||
}
|
||||
return samdb;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user