svn commit: samba r22709 - in branches: SAMBA_3_0/source/nsswitch
SAMBA_3_0_26/source/nsswitch
jerry at samba.org
jerry at samba.org
Sun May 6 19:48:13 GMT 2007
Author: jerry
Date: 2007-05-06 19:48:13 +0000 (Sun, 06 May 2007)
New Revision: 22709
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=22709
Log:
we can only use tschannel when commectcing to our primary (might need some fixing here for a Samba DC)
Modified:
branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
branches/SAMBA_3_0_26/source/nsswitch/winbindd_cm.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c 2007-05-06 19:46:03 UTC (rev 22708)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cm.c 2007-05-06 19:48:13 UTC (rev 22709)
@@ -2092,7 +2092,7 @@
return NT_STATUS_OK;
}
- if (!get_trust_pw(domain->name, mach_pwd, &sec_chan_type)) {
+ if (domain->primary && !get_trust_pw(domain->name, mach_pwd, &sec_chan_type)) {
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@@ -2102,6 +2102,12 @@
return result;
}
+ if ( !domain->primary ) {
+ /* Clear the schannel request bit and drop down */
+ neg_flags &= ~NETLOGON_NEG_SCHANNEL;
+ goto no_schannel;
+ }
+
if (lp_client_schannel() != False) {
neg_flags |= NETLOGON_NEG_SCHANNEL;
}
@@ -2146,6 +2152,7 @@
return NT_STATUS_ACCESS_DENIED;
}
+ no_schannel:
if ((lp_client_schannel() == False) ||
((neg_flags & NETLOGON_NEG_SCHANNEL) == 0)) {
/* We're done - just keep the existing connection to NETLOGON
Modified: branches/SAMBA_3_0_26/source/nsswitch/winbindd_cm.c
===================================================================
--- branches/SAMBA_3_0_26/source/nsswitch/winbindd_cm.c 2007-05-06 19:46:03 UTC (rev 22708)
+++ branches/SAMBA_3_0_26/source/nsswitch/winbindd_cm.c 2007-05-06 19:48:13 UTC (rev 22709)
@@ -2092,7 +2092,7 @@
return NT_STATUS_OK;
}
- if (!get_trust_pw(domain->name, mach_pwd, &sec_chan_type)) {
+ if (domain->primary && !get_trust_pw(domain->name, mach_pwd, &sec_chan_type)) {
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
@@ -2102,6 +2102,12 @@
return result;
}
+ if ( !domain->primary ) {
+ /* Clear the schannel request bit and drop down */
+ neg_flags &= ~NETLOGON_NEG_SCHANNEL;
+ goto no_schannel;
+ }
+
if (lp_client_schannel() != False) {
neg_flags |= NETLOGON_NEG_SCHANNEL;
}
@@ -2146,6 +2152,7 @@
return NT_STATUS_ACCESS_DENIED;
}
+ no_schannel:
if ((lp_client_schannel() == False) ||
((neg_flags & NETLOGON_NEG_SCHANNEL) == 0)) {
/* We're done - just keep the existing connection to NETLOGON
More information about the samba-cvs
mailing list