mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
Enable net ads commands to use existing tickets if the user doesn't specify a username on the commandline. Also don't continue past the kinit if a password is entered and fails because existing tickets would be used, which may not be desired if the username was specified.
This commit is contained in:
parent
248770d730
commit
7e5d7dfa83
@ -31,6 +31,7 @@
|
||||
ADS_STATUS ads_connect(ADS_STRUCT *ads)
|
||||
{
|
||||
int version = LDAP_VERSION3;
|
||||
int code;
|
||||
ADS_STATUS status;
|
||||
|
||||
ads->last_attempt = time(NULL);
|
||||
@ -48,7 +49,8 @@ ADS_STATUS ads_connect(ADS_STRUCT *ads)
|
||||
ldap_set_option(ads->ld, LDAP_OPT_PROTOCOL_VERSION, &version);
|
||||
|
||||
if (ads->password) {
|
||||
ads_kinit_password(ads);
|
||||
if ((code = ads_kinit_password(ads)))
|
||||
return ADS_ERROR_KRB5(code);
|
||||
}
|
||||
|
||||
return ads_sasl_bind(ads);
|
||||
|
@ -61,6 +61,7 @@ char *opt_requester_name = NULL;
|
||||
char *opt_host = NULL;
|
||||
char *opt_password = NULL;
|
||||
char *opt_user_name = NULL;
|
||||
BOOL opt_user_specified = False;
|
||||
char *opt_workgroup = NULL;
|
||||
int opt_long_list_entries = 0;
|
||||
int opt_reboot = 0;
|
||||
@ -394,6 +395,7 @@ static struct functable net_func[] = {
|
||||
opt_have_ip = True;
|
||||
break;
|
||||
case 'U':
|
||||
opt_user_specified = True;
|
||||
opt_user_name = strdup(opt_user_name);
|
||||
p = strchr(opt_user_name,'%');
|
||||
if (p) {
|
||||
|
@ -75,8 +75,12 @@ static ADS_STRUCT *ads_startup(void)
|
||||
{
|
||||
ADS_STRUCT *ads;
|
||||
ADS_STATUS status;
|
||||
BOOL need_password = False;
|
||||
BOOL second_time = False;
|
||||
extern char *opt_password;
|
||||
extern char *opt_user_name;
|
||||
extern BOOL opt_user_specified;
|
||||
|
||||
|
||||
ads = ads_init(NULL, NULL, NULL, NULL);
|
||||
|
||||
@ -84,19 +88,30 @@ static ADS_STRUCT *ads_startup(void)
|
||||
opt_user_name = "administrator";
|
||||
}
|
||||
|
||||
if (!opt_password) {
|
||||
if (opt_user_specified)
|
||||
need_password = True;
|
||||
|
||||
retry:
|
||||
if (!opt_password && need_password) {
|
||||
char *prompt;
|
||||
asprintf(&prompt,"%s password: ", opt_user_name);
|
||||
opt_password = getpass(prompt);
|
||||
free(prompt);
|
||||
ads->password = strdup(opt_password);
|
||||
}
|
||||
ads->password = strdup(opt_password);
|
||||
|
||||
ads->user_name = strdup(opt_user_name);
|
||||
|
||||
status = ads_connect(ads);
|
||||
if (!ADS_ERR_OK(status)) {
|
||||
d_printf("ads_connect: %s\n", ads_errstr(status));
|
||||
return NULL;
|
||||
if (!need_password && !second_time) {
|
||||
need_password = True;
|
||||
second_time = True;
|
||||
goto retry;
|
||||
} else {
|
||||
d_printf("ads_connect: %s\n", ads_errstr(status));
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
return ads;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user