sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-14 19:24:43 +03:00
Code

Try to get security=domain at least slightly working.

Browse Source 
The previous code both had basic logic flaws in it, and some subtle
issues regarding the Win2k info3 response.

I've tested this against Samba (it looks like that was missed last time
due to the 'called name' corruption - which broke my testsuite) and
accomidated what I've seen from a info3 printout jmcd gave me.

I'll get this tested fully as soon as I get my VMware going again.

Andrew Bartlett
(This used to be commit 87eba4c811293d2428bfb9bc36de22e66dce7f8b)
This commit is contained in:
Andrew Bartlett 2002-06-24 01:51:11 +00:00
parent ea7cdc4de0
commit 4f7a02d5de
2 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
source3/auth/auth_domain.c
View File

@ -332,7 +332,8 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
user_info->domain.str, cli->srv_name_slash,
nt_errstr(nt_status)));
} else {
nt_status = make_server_info_info3(mem_ctx, domain, server_info, &info3);
nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str,
user_info->smb_name.str, domain, server_info, &info3);
#if 0
/* The stuff doesn't work right yet */
SMB_ASSERT(sizeof((*server_info)->session_key) == sizeof(info3.user_sess_key));

18
source3/auth/auth_util.c
View File

@ -570,14 +570,16 @@ BOOL make_server_info_guest(auth_serversupplied_info **server_info)
***************************************************************************/
NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
const char *internal_username,
const char *sent_nt_username,
const char *domain,
auth_serversupplied_info **server_info,
NET_USER_INFO_3 *info3)
{
NTSTATUS nt_status = NT_STATUS_OK;
char *nt_domain;
char *nt_username;
const char *nt_domain;
const char *nt_username;
SAM_ACCOUNT *sam_account = NULL;
DOM_SID user_sid;
@ -605,11 +607,13 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
}
if (!(nt_username = unistr2_tdup(mem_ctx, &(info3->uni_user_name)))) {
return NT_STATUS_NO_MEMORY;
/* If the server didn't give us one, just use the one we sent them */
nt_username = sent_nt_username;
}
if (!(nt_domain = unistr2_tdup(mem_ctx, &(info3->uni_logon_dom)))) {
return NT_STATUS_NO_MEMORY;
/* If the server didn't give us one, just use the one we sent them */
domain = domain;
}
if (winbind_sid_to_uid(&uid, &user_sid)
@ -622,7 +626,7 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
dom_user = talloc_asprintf(mem_ctx, "%s%s%s",
nt_domain,
lp_winbind_separator(),
nt_username);
internal_username);
if (!dom_user) {
DEBUG(0, ("talloc_asprintf failed!\n"));
@ -634,10 +638,10 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
domain, we don't want this for
trusted domains */
&& strequal(nt_domain, lp_workgroup())) {
passwd = Get_Pwnam(nt_username);
passwd = Get_Pwnam(internal_username);
}
if (passwd) {
if (!passwd) {
return NT_STATUS_NO_SUCH_USER;
} else {
nt_status = pdb_init_sam_pw(&sam_account, passwd);