mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
winbindd: Fix crash in cm_connect_sam()
Fix segv when talking to parent DC (joined to child domain). The root cause was (a) storing the parent domain in the cli_state struct caused the NTLMSSP pipe bind to fail which made us fallover to the schannel code path (b) the dcinfo pointer in cm_get_schannel_dcinfo() was returning NULL even though the function indicated success.
This commit is contained in:
parent
b868463015
commit
5ce4a2ae66
@ -875,7 +875,7 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
|
||||
result = ads_ntstatus(ads_status);
|
||||
if (NT_STATUS_IS_OK(result)) {
|
||||
/* Ensure creds are stored for NTLMSSP authenticated pipe access. */
|
||||
cli_init_creds(*cli, machine_account, domain->name, machine_password);
|
||||
cli_init_creds(*cli, machine_account, lp_workgroup(), machine_password);
|
||||
goto session_setup_done;
|
||||
}
|
||||
}
|
||||
@ -900,7 +900,7 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
|
||||
result = ads_ntstatus(ads_status);
|
||||
if (NT_STATUS_IS_OK(result)) {
|
||||
/* Ensure creds are stored for NTLMSSP authenticated pipe access. */
|
||||
cli_init_creds(*cli, machine_account, domain->name, machine_password);
|
||||
cli_init_creds(*cli, machine_account, lp_workgroup(), machine_password);
|
||||
goto session_setup_done;
|
||||
}
|
||||
}
|
||||
@ -1927,6 +1927,10 @@ static bool cm_get_schannel_dcinfo(struct winbindd_domain *domain,
|
||||
/* Return a pointer to the struct dcinfo from the
|
||||
netlogon pipe. */
|
||||
|
||||
if (!domain->conn.netlogon_pipe->dc) {
|
||||
return false;
|
||||
}
|
||||
|
||||
*ppdc = domain->conn.netlogon_pipe->dc;
|
||||
return True;
|
||||
}
|
||||
@ -1953,6 +1957,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
|
||||
goto done;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* No SAMR pipe yet. Attempt to get an NTLMSSP SPNEGO authenticated
|
||||
* sign and sealed pipe using the machine account password by
|
||||
|
Loading…
Reference in New Issue
Block a user