sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-10 13:57:47 +03:00
Code

r8799: disabling schannel on samr and lsa until I figure out

Browse Source 
the latest MS changes in 2003 sp1 and 2004 sp4 sr1
This commit is contained in:
Gerald Carter 2005-07-27 17:30:23 +00:00 committed by Gerald (Jerry) Carter
parent 404b817d72
commit 7588c32baa
1 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
source/nsswitch/winbindd_cm.c
View File

@ -64,8 +64,17 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
/* Global list of connections. Initially a DLIST but can become a hash
table or whatever later. */
/******************************************************************
Disabling schannl on the LSA pipe for now since
both Win2K-SP4 SR1 & Win2K3-SP1 fail the open_policy()
call (return codes 0xc0020042 and 0xc0020041 respectively).
We really need to fix this soon. Had to disable on the
SAMR pipe as well for now. --jerry
******************************************************************/
#define DISABLE_SCHANNEL_WIN2K3_SP1 1
/* Choose between anonymous or authenticated connections. We need to use
an authenticated connection if DCs have the RestrictAnonymous registry
@ -984,6 +993,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
conn = &domain->conn;
if (conn->samr_pipe == NULL) {
#ifdef DISABLE_SCHANNEL_WIN2K3_SP1
unsigned char *session_key;
if (cm_get_schannel_key(domain, mem_ctx, &session_key))
@ -992,6 +1002,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
session_key,
domain->name);
else
#endif /* DISABLE_SCHANNEL_WIN2K3_SP1 */
conn->samr_pipe = cli_rpc_open_noauth(conn->cli,
PI_SAMR);
@ -1038,12 +1049,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
conn = &domain->conn;
if (conn->lsa_pipe == NULL) {
#if 0
/* disabling schannl on the LSA pipe for now since
both Win2K-SP4 SR1 & Win2K3-SP1 fail the open_policy()
call (return codes 0xc0020042 and 0xc0020041 respectively).
We really need to fix this soon. --jerry */
#ifdef DISABLE_SCHANNEL_WIN2K3_SP1
unsigned char *session_key;
if (cm_get_schannel_key(domain, mem_ctx, &session_key))
@ -1052,7 +1058,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
session_key,
domain->name);
else
#endif
#endif /* DISABLE_SCHANNEL_WIN2K3_SP1 */
conn->lsa_pipe = cli_rpc_open_noauth(conn->cli,
PI_LSARPC);