summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2011-01-07 17:28:29 +0100
committerStefan Metzmacher <metze@samba.org>2011-02-04 18:11:04 +0100
commitf60398d7b20869d7b09d81854f3727fdcd897430 (patch)
tree92b2938c802cba41ae0ed83a8e4af76ab7f1f2a5 /source3/auth
parentac4127a9f432f762cb728c161d7fbf80de31b60e (diff)
downloadsamba-f60398d7b20869d7b09d81854f3727fdcd897430.tar.gz
samba-f60398d7b20869d7b09d81854f3727fdcd897430.tar.bz2
samba-f60398d7b20869d7b09d81854f3727fdcd897430.zip
s3-winbindd: let winbind try to use samlogon validation level 6. (bug #7945)
The benefit of this that it makes us more robust to secure channel resets triggered from tools outside the winbind process. Long term we need to have a shared tdb secure channel store though as well. Guenther Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Feb 4 18:11:04 CET 2011 on sn-devel-104
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_domain.c1
-rw-r--r--source3/auth/auth_netlogond.c1
2 files changed, 2 insertions, 0 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 0f541cd1e7..05421debbb 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -309,6 +309,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
user_info->client.domain_name, /* domain name */
user_info->workstation_name, /* workstation name */
chal, /* 8 byte challenge. */
+ 3, /* validation level */
user_info->password.response.lanman, /* lanman 24 byte response */
user_info->password.response.nt, /* nt 24 byte response */
&info3); /* info3 out */
diff --git a/source3/auth/auth_netlogond.c b/source3/auth/auth_netlogond.c
index 889371c722..1e3ccb1189 100644
--- a/source3/auth/auth_netlogond.c
+++ b/source3/auth/auth_netlogond.c
@@ -88,6 +88,7 @@ static NTSTATUS netlogond_validate(TALLOC_CTX *mem_ctx,
user_info->client.domain_name, /* domain name */
user_info->workstation_name, /* workstation name */
(uchar *)auth_context->challenge.data, /* 8 byte challenge. */
+ 3, /* validation level */
user_info->password.response.lanman, /* lanman 24 byte response */
user_info->password.response.nt, /* nt 24 byte response */
&info3); /* info3 out */