svn commit: samba r10241 - in trunk/source/rpc_client: .
jra at samba.org
jra at samba.org
Thu Sep 15 17:28:39 GMT 2005
Author: jra
Date: 2005-09-15 17:28:38 +0000 (Thu, 15 Sep 2005)
New Revision: 10241
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10241
Log:
Inspired by bug #1447 - make sure we check creds at the correct time
as this can disrupt the chain if we don't.
Jeremy.
Modified:
trunk/source/rpc_client/cli_netlogon.c
Changeset:
Modified: trunk/source/rpc_client/cli_netlogon.c
===================================================================
--- trunk/source/rpc_client/cli_netlogon.c 2005-09-15 16:30:09 UTC (rev 10240)
+++ trunk/source/rpc_client/cli_netlogon.c 2005-09-15 17:28:38 UTC (rev 10241)
@@ -611,8 +611,8 @@
result = r.status;
- if (!NT_STATUS_IS_ERR(result)) {
- /* Check returned credentials. */
+ if (r.buffer_creds) {
+ /* Check returned credentials if present. */
if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
DEBUG(0,("rpccli_netlogon_sam_logon: credentials chain check failed\n"));
return NT_STATUS_ACCESS_DENIED;
@@ -724,8 +724,8 @@
result = r.status;
- if (!NT_STATUS_IS_ERR(result)) {
- /* Check returned credentials. */
+ if (r.buffer_creds) {
+ /* Check returned credentials if present. */
if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) {
DEBUG(0,("rpccli_netlogon_sam_network_logon: credentials chain check failed\n"));
return NT_STATUS_ACCESS_DENIED;
@@ -774,12 +774,10 @@
DEBUG(0,("cli_net_srv_pwset: %s\n", nt_errstr(result)));
}
- if (!NT_STATUS_IS_ERR(result)) {
- /* Check returned credentials. */
- if (!creds_client_check(cli->dc, &r.srv_cred.challenge)) {
- DEBUG(0,("rpccli_net_srv_pwset: credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
+ /* Always check returned credentials. */
+ if (!creds_client_check(cli->dc, &r.srv_cred.challenge)) {
+ DEBUG(0,("rpccli_net_srv_pwset: credentials chain check failed\n"));
+ return NT_STATUS_ACCESS_DENIED;
}
return result;
More information about the samba-cvs
mailing list