sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

* fixed volker's wbinfo -a lockup again. This one was my fault.

Browse Source 
It was caused by the winbind_ping() call in is_trusted_domain()

  o if we are a DC then we check our own direct trust relationships
    we have to rely on winbindd to update the truatdom_cache
  o if we are a domain member, then we can update the trustdom_cache
    ourselves if winbindd is not there
(This used to be commit 22dfcafb37)
This commit is contained in:
Gerald Carter 2003-07-01 17:51:52 +00:00
parent 125ab5463b
commit 814968d41b
2 changed files with 63 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
source3/auth/auth_util.c
View File

@ -1258,4 +1258,47 @@ NTSTATUS nt_status_squash(NTSTATUS nt_status)
}
/**
* Verify whether or not given domain is trusted.
*
* @param domain_name name of the domain to be verified
* @return true if domain is one of the trusted once or
* false if otherwise
**/
BOOL is_trusted_domain(const char* dom_name)
{
DOM_SID trustdom_sid;
char *pass = NULL;
time_t lct;
BOOL ret;
/* if we are a DC, then check for a direct trust relationships */
if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) {
become_root();
ret = secrets_fetch_trusted_domain_password(dom_name, &pass, &trustdom_sid, &lct);
unbecome_root();
SAFE_FREE(pass);
if (ret)
return True;
}
else {
/* if winbindd is not up and we are a domain member) then we need to update the
trustdom_cache ourselves */
if ( !winbind_ping() )
update_trustdom_cache();
}
/* now the trustdom cache should be available a DC could still
* have a transitive trust so fall back to the cache of trusted
* domains (like a domain member would use */
if ( trustdom_cache_fetch(dom_name, &trustdom_sid) ) {
return True;
}
return False;
}

41
source3/libsmb/trusts_util.c
View File

@ -188,44 +188,3 @@ done:
return NT_STATUS_IS_OK(result);
}
/**
* Verify whether or not given domain is trusted.
*
* @param domain_name name of the domain to be verified
* @return true if domain is one of the trusted once or
* false if otherwise
**/
BOOL is_trusted_domain(const char* dom_name)
{
DOM_SID trustdom_sid;
char *pass = NULL;
time_t lct;
BOOL ret;
/* if we are a DC, then check for a direct trust relationships */
if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) {
ret = secrets_fetch_trusted_domain_password(dom_name, &pass, &trustdom_sid, &lct);
SAFE_FREE(pass);
if (ret)
return True;
}
/* if winbindd is not up then we need to update the trustdom_cache ourselves */
if ( !winbind_ping() )
update_trustdom_cache();
/* now the trustdom cache should be available a DC could still
* have a transitive trust so fall back to the cache of trusted
* domains (like a domain member would use */
if ( trustdom_cache_fetch(dom_name, &trustdom_sid) ) {
return True;
}
return False;
}