sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Code

s3:winbindd: fix the valid usage anonymous smb authentication

Browse Source 
If we are in a situation where we don't have credentials to contact the
remote domain or against an NT4 with the following settings:

  workgroup = NT4DOM
  security = domain
  require strong key = no
  client use spnego = no
  client ipc signing = auto

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12587

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This commit is contained in:
Stefan Metzmacher 2017-02-22 19:18:04 +01:00
parent b845f16d3c
commit c97a29bdfd
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
source3/winbindd/winbindd_cm.c
View File

@ -1107,6 +1107,10 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
machine_domain, machine_account,
machine_principal, machine_realm));
if (cli_credentials_is_anonymous(creds)) {
goto anon_fallback;
}
winbindd_set_locator_kdc_envs(domain);
result = cli_session_setup_creds(*cli, creds);
@ -1125,10 +1129,6 @@ static NTSTATUS cm_prepare_connection(struct winbindd_domain *domain,
|| NT_STATUS_EQUAL(result, NT_STATUS_NO_LOGON_SERVERS)
|| NT_STATUS_EQUAL(result, NT_STATUS_LOGON_FAILURE))
{
if (cli_credentials_is_anonymous(creds)) {
goto done;
}
if (!cm_is_ipc_credentials(creds)) {
goto ipc_fallback;
}