sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-10 13:57:47 +03:00
Code

s4:rpc_server/lsa: remove trustAuthIncoming/trustAuthOutgoing when the related flag is removed.

Browse Source 
When LSA_TRUST_DIRECTION_INBOUND or LSA_TRUST_DIRECTION_OUTBOUND flags is cleared
we should also remove the related credentials.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
This commit is contained in:
Stefan Metzmacher 2014-12-15 16:33:38 +01:00
parent 1d6e9e5e58
commit 2c92545452
1 changed files with 20 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
source4/rpc_server/lsa/dcesrv_lsa.c
View File

@ -1779,11 +1779,15 @@ static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
} }
if (info_ex->trust_direction & LSA_TRUST_DIRECTION_INBOUND) { if (info_ex->trust_direction & LSA_TRUST_DIRECTION_INBOUND) {
if (auth_info != NULL && trustAuthIncoming.length > 0) {
add_incoming = true; add_incoming = true;
} }
}
if (info_ex->trust_direction & LSA_TRUST_DIRECTION_OUTBOUND) { if (info_ex->trust_direction & LSA_TRUST_DIRECTION_OUTBOUND) {
if (auth_info != NULL && trustAuthOutgoing.length > 0) {
add_outgoing = true; add_outgoing = true;
} }
}
if ((origdir & LSA_TRUST_DIRECTION_INBOUND) && if ((origdir & LSA_TRUST_DIRECTION_INBOUND) &&
!(info_ex->trust_direction & LSA_TRUST_DIRECTION_INBOUND)) { !(info_ex->trust_direction & LSA_TRUST_DIRECTION_INBOUND)) {
@ -1830,30 +1834,34 @@ static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
} }
} }
if (add_incoming && trustAuthIncoming.data) { if (add_incoming || del_incoming) {
ret = ldb_msg_add_empty(msg, "trustAuthIncoming", ret = ldb_msg_add_empty(msg, "trustAuthIncoming",
LDB_FLAG_MOD_REPLACE, NULL); LDB_FLAG_MOD_REPLACE, NULL);
if (ret != LDB_SUCCESS) { if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY; return NT_STATUS_NO_MEMORY;
} }
if (add_incoming) {
ret = ldb_msg_add_value(msg, "trustAuthIncoming", ret = ldb_msg_add_value(msg, "trustAuthIncoming",
&trustAuthIncoming, NULL); &trustAuthIncoming, NULL);
if (ret != LDB_SUCCESS) { if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY; return NT_STATUS_NO_MEMORY;
} }
} }
if (add_outgoing && trustAuthOutgoing.data) { }
if (add_outgoing || del_outgoing) {
ret = ldb_msg_add_empty(msg, "trustAuthOutgoing", ret = ldb_msg_add_empty(msg, "trustAuthOutgoing",
LDB_FLAG_MOD_REPLACE, NULL); LDB_FLAG_MOD_REPLACE, NULL);
if (ret != LDB_SUCCESS) { if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY; return NT_STATUS_NO_MEMORY;
} }
if (add_outgoing) {
ret = ldb_msg_add_value(msg, "trustAuthOutgoing", ret = ldb_msg_add_value(msg, "trustAuthOutgoing",
&trustAuthOutgoing, NULL); &trustAuthOutgoing, NULL);
if (ret != LDB_SUCCESS) { if (ret != LDB_SUCCESS) {
return NT_STATUS_NO_MEMORY; return NT_STATUS_NO_MEMORY;
} }
} }
}
/* start transaction */ /* start transaction */
ret = ldb_transaction_start(p_state->sam_ldb); ret = ldb_transaction_start(p_state->sam_ldb);