s3: Remove redundant flag checks

[abartlet/samba.git/.git] / source3 / winbindd / winbindd_pam.c

diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index e2c1d0d1b985a381c445d59a671981681394d923..2d2f466f80b86923727dbe3367d76b71aa361fa9 100644 (file)
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -303,7 +303,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3,
        }
 
        status = sid_array_from_info3(talloc_tos(), info3,
-                                     &token->user_sids,
+                                     &token->sids,
                                      &token->num_sids,
                                      true, false);
        if (!NT_STATUS_IS_OK(status)) {
@@ -1133,8 +1133,6 @@ static NTSTATUS winbindd_dual_auth_passdb(TALLOC_CTX *mem_ctx,
                                          struct netr_SamInfo3 **pinfo3)
 {
        struct auth_usersupplied_info *user_info = NULL;
-       struct auth_serversupplied_info *server_info = NULL;
-       struct netr_SamInfo3 *info3;
        NTSTATUS status;
 
        status = make_user_info(&user_info, user, user, domain, domain,
@@ -1145,30 +1143,13 @@ static NTSTATUS winbindd_dual_auth_passdb(TALLOC_CTX *mem_ctx,
                return status;
        }
 
-       status = check_sam_security(challenge, talloc_tos(), user_info,
-                                   &server_info);
-       free_user_info(&user_info);
-
-       if (!NT_STATUS_IS_OK(status)) {
-               DEBUG(10, ("check_ntlm_password failed: %s\n",
-                          nt_errstr(status)));
-               return status;
-       }
-
-       info3 = TALLOC_ZERO_P(mem_ctx, struct netr_SamInfo3);
-       if (info3 == NULL) {
-               return NT_STATUS_NO_MEMORY;
-       }
-
-       status = serverinfo_to_SamInfo3(server_info, NULL, 0, info3);
-       if (!NT_STATUS_IS_OK(status)) {
-               DEBUG(10, ("serverinfo_to_SamInfo3 failed: %s\n",
-                          nt_errstr(status)));
-               return status;
-       }
+       /* We don't want any more mapping of the username */
+       user_info->mapped_state = True;
 
+       status = check_sam_security_info3(challenge, talloc_tos(), user_info,
+                                         pinfo3);
+       free_user_info(&user_info);
        DEBUG(10, ("Authenticated user %s\\%s successfully\n", domain, user));
-       *pinfo3 = info3;
        return NT_STATUS_OK;
 }
 
@@ -1448,11 +1429,6 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain,
        DEBUG(3, ("[%5lu]: dual pam auth %s\n", (unsigned long)state->pid,
                  state->request->data.auth.user));
 
-       if (!check_request_flags(state->request->flags)) {
-               result = NT_STATUS_INVALID_PARAMETER_MIX;
-               goto done;
-       }
-
        /* Parse domain and username */
 
        name_map_status = normalize_name_unmap(state->mem_ctx,
@@ -1478,7 +1454,7 @@ enum winbindd_result winbindd_dual_pam_auth(struct winbindd_domain *domain,
                             sizeof(state->request->data.auth.user)-1 );
        }
 
-       if (domain->online == false) {
+       if (!domain->online) {
                result = NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND;
                if (domain->startup) {
                        /* Logons are very important to users. If we're offline and
@@ -1643,7 +1619,7 @@ process_result:
                                                      state->mem_ctx,
                                                      state->request->data.auth.user,
                                                      state->request->data.auth.pass,
-                                                     info3, NULL);
+                                                     info3);
                        }
                }
 
@@ -1712,11 +1688,6 @@ enum winbindd_result winbindd_dual_pam_auth_crap(struct winbindd_domain *domain,
        state->request->data.auth_crap.user[sizeof(state->request->data.auth_crap.user)-1]=0;
        state->request->data.auth_crap.domain[sizeof(state->request->data.auth_crap.domain)-1]=0;
 
-       if (!check_request_flags(state->request->flags)) {
-               result = NT_STATUS_INVALID_PARAMETER_MIX;
-               goto done;
-       }
-
        name_user = state->request->data.auth_crap.user;
 
        if (*state->request->data.auth_crap.domain) {