1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

Enable net ads commands to use existing tickets if the user doesn't specify a username on the commandline. Also don't continue past the kinit if a password is entered and fails because existing tickets would be used, which may not be desired if the username was specified.

This commit is contained in:
Jim McDonough 0001-01-01 00:00:00 +00:00
parent 248770d730
commit 7e5d7dfa83
3 changed files with 24 additions and 5 deletions

View File

@ -31,6 +31,7 @@
ADS_STATUS ads_connect(ADS_STRUCT *ads)
{
int version = LDAP_VERSION3;
int code;
ADS_STATUS status;
ads->last_attempt = time(NULL);
@ -48,7 +49,8 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads)
ldap_set_option(ads->ld, LDAP_OPT_PROTOCOL_VERSION, &version);
if (ads->password) {
ads_kinit_password(ads);
if ((code = ads_kinit_password(ads)))
return ADS_ERROR_KRB5(code);
}
return ads_sasl_bind(ads);

View File

@ -61,6 +61,7 @@ char *opt_requester_name = NULL;
char *opt_host = NULL;
char *opt_password = NULL;
char *opt_user_name = NULL;
BOOL opt_user_specified = False;
char *opt_workgroup = NULL;
int opt_long_list_entries = 0;
int opt_reboot = 0;
@ -394,6 +395,7 @@ static struct functable net_func[] = {
opt_have_ip = True;
break;
case 'U':
opt_user_specified = True;
opt_user_name = strdup(opt_user_name);
p = strchr(opt_user_name,'%');
if (p) {

View File

@ -75,8 +75,12 @@ static ADS_STRUCT *ads_startup(void)
{
ADS_STRUCT *ads;
ADS_STATUS status;
BOOL need_password = False;
BOOL second_time = False;
extern char *opt_password;
extern char *opt_user_name;
extern BOOL opt_user_specified;
ads = ads_init(NULL, NULL, NULL, NULL);
@ -84,19 +88,30 @@ static ADS_STRUCT *ads_startup(void)
opt_user_name = "administrator";
}
if (!opt_password) {
if (opt_user_specified)
need_password = True;
retry:
if (!opt_password && need_password) {
char *prompt;
asprintf(&prompt,"%s password: ", opt_user_name);
opt_password = getpass(prompt);
free(prompt);
ads->password = strdup(opt_password);
}
ads->password = strdup(opt_password);
ads->user_name = strdup(opt_user_name);
status = ads_connect(ads);
if (!ADS_ERR_OK(status)) {
d_printf("ads_connect: %s\n", ads_errstr(status));
return NULL;
if (!need_password && !second_time) {
need_password = True;
second_time = True;
goto retry;
} else {
d_printf("ads_connect: %s\n", ads_errstr(status));
return NULL;
}
}
return ads;
}