Remove "nt_user_token" from "struct user_struct"

source/include/smb.h

@@ -1789,8 +1789,6 @@ typedef struct user_struct {
 	int n_groups;
 	gid_t *groups;
 
-	NT_USER_TOKEN *nt_user_token;
-
 	DATA_BLOB session_key;
 
 	char *session_keystr; /* used by utmp and pam session code.  

source/rpc_server/srv_pipe_hnd.c

@@ -342,7 +342,7 @@ static void *make_internal_rpc_pipe_p(const char *pipe_name,
 	if (vuser) {
 		p->session_key = data_blob(vuser->session_key.data, vuser->session_key.length);
 		p->pipe_user.nt_user_token = dup_nt_token(
-			NULL, vuser->nt_user_token);
+			NULL, vuser->server_info->ptok);
 	}
 
 	/*

source/smbd/password.c

@@ -310,9 +310,7 @@ int register_existing_vuid(uint16 vuid,
 		"Real name: %s\n", vuser->user.unix_name,
 		vuser->user.full_name));
 
-	if (server_info->ptok) {
+	if (!server_info->ptok) {
-		vuser->nt_user_token = dup_nt_token(vuser, server_info->ptok);
-	} else {
 		DEBUG(1, ("register_existing_vuid: server_info does not "
 			"contain a user_token - cannot continue\n"));
 		goto fail;

source/smbd/service.c

@@ -725,7 +725,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 			}
 		} else {
 			if (!user_ok_token(vuser->user.unix_name,
-					   vuser->nt_user_token, snum)) {
+					   vuser->server_info->ptok, snum)) {
 				DEBUG(2, ("user '%s' (from session setup) not "
 					  "permitted to access this share "
 					  "(%s)\n", vuser->user.unix_name,
@@ -861,7 +861,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 			 * group. vuser has a token to copy */
 			
 			conn->nt_user_token = dup_nt_token(
-				NULL, vuser->nt_user_token);
+				NULL, vuser->server_info->ptok);
 			if (conn->nt_user_token == NULL) {
 				DEBUG(0, ("dup_nt_token failed\n"));
 				conn_free(conn);
@@ -948,7 +948,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser,
 		bool can_write = False;
 		NT_USER_TOKEN *token = conn->nt_user_token ?
 			conn->nt_user_token :
-			(vuser ? vuser->nt_user_token : NULL);
+			(vuser ? vuser->server_info->ptok : NULL);
 
 		/*
 		 * I don't believe this can happen. But the

source/smbd/uid.c

@@ -97,15 +97,15 @@ static bool check_user_ok(connection_struct *conn, user_struct *vuser,int snum)
 		}
 	}
 
-	if (!user_ok_token(vuser->user.unix_name, vuser->nt_user_token, snum))
+	if (!user_ok_token(vuser->user.unix_name, vuser->server_info->ptok,
+			   snum))
 		return(False);
 
-	readonly_share = is_share_read_only_for_token(vuser->user.unix_name,
+	readonly_share = is_share_read_only_for_token(
-						      vuser->nt_user_token,
+		vuser->user.unix_name, vuser->server_info->ptok, SNUM(conn));
-						      SNUM(conn));
 
 	token = conn->nt_user_token ?
-		conn->nt_user_token : vuser->nt_user_token;
+		conn->nt_user_token : vuser->server_info->ptok;
 
 	if (!readonly_share &&
 	    !share_access_check(token, lp_servicename(snum),
@@ -132,7 +132,7 @@ static bool check_user_ok(connection_struct *conn, user_struct *vuser,int snum)
 	ent->read_only = readonly_share;
 
 	ent->admin_user = token_contains_name_in_list(
-		vuser->user.unix_name, NULL, vuser->nt_user_token,
+		vuser->user.unix_name, NULL, vuser->server_info->ptok,
 		lp_admin_users(SNUM(conn)));
 
 	conn->read_only = ent->read_only;
@@ -204,7 +204,7 @@ bool change_to_user(connection_struct *conn, uint16 vuid)
 		gid = vuser->gid;
 		num_groups = vuser->n_groups;
 		group_list  = vuser->groups;
-		token = vuser->nt_user_token;
+		token = vuser->server_info->ptok;
 	} else {
 		DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
 			 "share %s.\n",vuid, lp_servicename(snum) ));