diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-05-03 14:54:57 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:05:34 -0500 |
commit | ed752c800425ffd3db39a770ddaee3ad2d73c494 (patch) | |
tree | 0d78add2b43ff2f73c21b01b742606e1c2877391 | |
parent | 557c98bd5f4e5268d4793d51037f59ef3482fe8c (diff) | |
download | samba-ed752c800425ffd3db39a770ddaee3ad2d73c494.tar.gz samba-ed752c800425ffd3db39a770ddaee3ad2d73c494.tar.bz2 samba-ed752c800425ffd3db39a770ddaee3ad2d73c494.zip |
r15415: Use Jelmer's new credentials 'wrong password' code to give the user 3
attempts for the password, when talking to a remote CIFS server.
Andrew Bartlett
(This used to be commit 3a4ddc8f5978210ab3ad79f0332cee80a0d6e6c9)
-rw-r--r-- | source4/auth/credentials/credentials.c | 4 | ||||
-rw-r--r-- | source4/libcli/smb_composite/sesssetup.c | 53 |
2 files changed, 55 insertions, 2 deletions
diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c index 66b6c120cf..cf54bfe3b5 100644 --- a/source4/auth/credentials/credentials.c +++ b/source4/auth/credentials/credentials.c @@ -58,6 +58,8 @@ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) cred->bind_dn = NULL; + cred->tries = 3; + cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS); return cred; @@ -233,7 +235,7 @@ const char *cli_credentials_get_password(struct cli_credentials *cred) if (cred->password_obtained == CRED_CALLBACK) { cred->password = cred->password_cb(cred); - cred->password_obtained = CRED_SPECIFIED; + cred->password_obtained = CRED_CALLBACK_RESULT; } return cred->password; diff --git a/source4/libcli/smb_composite/sesssetup.c b/source4/libcli/smb_composite/sesssetup.c index 0f00d5f9c0..f2d1dcd87d 100644 --- a/source4/libcli/smb_composite/sesssetup.c +++ b/source4/libcli/smb_composite/sesssetup.c @@ -36,6 +36,18 @@ struct sesssetup_state { struct smbcli_request *req; }; +static NTSTATUS session_setup_old(struct composite_context *c, + struct smbcli_session *session, + struct smb_composite_sesssetup *io, + struct smbcli_request **req); +static NTSTATUS session_setup_nt1(struct composite_context *c, + struct smbcli_session *session, + struct smb_composite_sesssetup *io, + struct smbcli_request **req); +static NTSTATUS session_setup_spnego(struct composite_context *c, + struct smbcli_session *session, + struct smb_composite_sesssetup *io, + struct smbcli_request **req); /* store the user session key for a transport @@ -58,21 +70,60 @@ static void request_handler(struct smbcli_request *req) struct smbcli_session *session = req->session; DATA_BLOB session_key = data_blob(NULL, 0); DATA_BLOB null_data_blob = data_blob(NULL, 0); - NTSTATUS session_key_err; + NTSTATUS session_key_err, nt_status; c->status = smb_raw_sesssetup_recv(req, state, &state->setup); switch (state->setup.old.level) { case RAW_SESSSETUP_OLD: state->io->out.vuid = state->setup.old.out.vuid; + if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state->io->in.credentials)) { + nt_status = session_setup_old(c, session, + state->io, + &state->req); + if (NT_STATUS_IS_OK(nt_status)) { + c->status = nt_status; + state->req->async.fn = request_handler; + state->req->async.private = c; + return; + } + } + } break; case RAW_SESSSETUP_NT1: state->io->out.vuid = state->setup.nt1.out.vuid; + if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state->io->in.credentials)) { + nt_status = session_setup_nt1(c, session, + state->io, + &state->req); + if (NT_STATUS_IS_OK(nt_status)) { + c->status = nt_status; + state->req->async.fn = request_handler; + state->req->async.private = c; + return; + } + } + } break; case RAW_SESSSETUP_SPNEGO: session->vuid = state->io->out.vuid = state->setup.spnego.out.vuid; + if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state->io->in.credentials)) { + nt_status = session_setup_spnego(c, session, + state->io, + &state->req); + if (NT_STATUS_IS_OK(nt_status)) { + c->status = nt_status; + state->req->async.fn = request_handler; + state->req->async.private = c; + return; + } + } + } if (!NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_IS_OK(c->status)) { break; |