1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

rpc_netlogon4: Simplify dcesrv_netr_ServerAuthenticate3_helper()

Use a switch/case statement instead of a if/else chain. Easier to read
to me.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Volker Lendecke 2023-10-06 08:26:11 +02:00 committed by Jeremy Allison
parent e2e5ae1eb2
commit 768990ec4d

View File

@ -694,29 +694,49 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3_helper(
return NT_STATUS_NO_TRUST_SAM_ACCOUNT;
}
if (r->in.secure_channel_type == SEC_CHAN_WKSTA) {
switch (r->in.secure_channel_type) {
case SEC_CHAN_WKSTA:
if (!(user_account_control & UF_WORKSTATION_TRUST_ACCOUNT)) {
DEBUG(1, ("Client asked for a workstation secure channel, but is not a workstation (member server) acb flags: 0x%x\n", user_account_control));
DBG_WARNING("Client asked for a workstation "
"secure channel, but is not a workstation "
"(member server) acb flags: 0x%x\n",
user_account_control);
return NT_STATUS_NO_TRUST_SAM_ACCOUNT;
}
} else if (r->in.secure_channel_type == SEC_CHAN_DOMAIN ||
r->in.secure_channel_type == SEC_CHAN_DNS_DOMAIN) {
if (!(user_account_control & UF_INTERDOMAIN_TRUST_ACCOUNT)) {
DEBUG(1, ("Client asked for a trusted domain secure channel, but is not a trusted domain: acb flags: 0x%x\n", user_account_control));
break;
case SEC_CHAN_DOMAIN:
FALL_THROUGH;
case SEC_CHAN_DNS_DOMAIN:
if (!(user_account_control & UF_INTERDOMAIN_TRUST_ACCOUNT)) {
DBG_WARNING("Client asked for a trusted domain "
"secure channel, but is not a trusted "
"domain: acb flags: 0x%x\n",
user_account_control);
return NT_STATUS_NO_TRUST_SAM_ACCOUNT;
}
} else if (r->in.secure_channel_type == SEC_CHAN_BDC) {
break;
case SEC_CHAN_BDC:
if (!(user_account_control & UF_SERVER_TRUST_ACCOUNT)) {
DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", user_account_control));
DBG_WARNING("Client asked for a server "
"secure channel, but is not a server "
"(domain controller): acb flags: 0x%x\n",
user_account_control);
return NT_STATUS_NO_TRUST_SAM_ACCOUNT;
}
} else if (r->in.secure_channel_type == SEC_CHAN_RODC) {
break;
case SEC_CHAN_RODC:
if (!(user_account_control & UF_PARTIAL_SECRETS_ACCOUNT)) {
DEBUG(1, ("Client asked for a RODC secure channel, but is not a RODC: acb flags: 0x%x\n", user_account_control));
DBG_WARNING("Client asked for a RODC secure channel, "
"but is not a RODC: acb flags: 0x%x\n",
user_account_control);
return NT_STATUS_NO_TRUST_SAM_ACCOUNT;
}
} else {
break;
default:
/* we should never reach this */
return NT_STATUS_INTERNAL_ERROR;
}