diff options
| author | Luke Leighton <lkcl@samba.org> | 1999-11-20 20:54:29 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 1999-11-20 20:54:29 +0000 |
| commit | 24a069eac302069559c6347b24276e7f1a04cc91 (patch) | |
| tree | d49a94cde47a03b2b8d2c988f418f3cf1de01876 /source3/smbd/password.c | |
| parent | a56bea383b4813f77478f9859dc33c90a564f540 (diff) | |
| download | samba-24a069eac302069559c6347b24276e7f1a04cc91.tar.gz samba-24a069eac302069559c6347b24276e7f1a04cc91.tar.bz2 samba-24a069eac302069559c6347b24276e7f1a04cc91.zip | |
modified domain_client_validate to take trust account name / type. this
is to pass DOMAIN_NAME$ and SEC_CHAN_DOMAIN instead of WKSTA_NAME$ and
SEC_CHAN_WKSTA.
modified check_domain_security to determine if domain name is own domain,
and to use wksta trust account if so, otherwise check "trusting domains"
parameter and use inter-domain trust account if so, otherwise return
False.
(This used to be commit 97ec74e1fa99d773812d2df402251fafb76b181c)
Diffstat (limited to 'source3/smbd/password.c')
| -rw-r--r-- | source3/smbd/password.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 1612b8264f..f74cc49eca 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -1095,7 +1095,8 @@ use this machine as the password server.\n")); key from the workstation trust account password. ************************************************************************/ -BOOL domain_client_validate( char *user, char *domain, +BOOL domain_client_validate( char *user, char *domain, char *server_list, + char *acct_name, uint16 acct_type, char *smb_apasswd, int smb_apasslen, char *smb_ntpasswd, int smb_ntpasslen) { @@ -1108,6 +1109,10 @@ BOOL domain_client_validate( char *user, char *domain, NET_USER_INFO_3 info3; struct cli_state cli; uint32 smb_uid_low; + fstring trust_acct; + + fstrcpy(trust_acct, acct_name); + fstrcat(trust_acct, "$"); /* * Check that the requested domain is not our own machine name. @@ -1126,7 +1131,7 @@ BOOL domain_client_validate( char *user, char *domain, */ if(((smb_apasslen != 24) && (smb_apasslen != 0)) || - ((smb_ntpasslen != 24) && (smb_ntpasslen != 0))) + ((smb_ntpasslen <= 24) && (smb_ntpasslen != 0))) { /* * Not encrypted - do so. @@ -1158,7 +1163,7 @@ BOOL domain_client_validate( char *user, char *domain, /* * Get the workstation trust account password. */ - if (!trust_get_passwd( trust_passwd, global_myworkgroup, global_myname)) + if (!trust_get_passwd( trust_passwd, domain, acct_name)) { return False; } @@ -1171,7 +1176,7 @@ BOOL domain_client_validate( char *user, char *domain, * see if they were valid. */ - if (!cli_connect_serverlist(&cli, lp_passwordserver())) + if (!cli_connect_serverlist(&cli, server_list)) { DEBUG(0,("domain_client_validate: Domain password server not available.\n")); return False; @@ -1192,7 +1197,7 @@ BOOL domain_client_validate( char *user, char *domain, } if(cli_nt_setup_creds(&cli, nt_pipe_fnum, - cli.mach_acct, global_myname, trust_passwd, SEC_CHAN_WKSTA) != 0x0) + trust_acct, global_myname, trust_passwd, acct_type) != 0x0) { DEBUG(0,("domain_client_validate: unable to setup the PDC credentials to machine \ %s. Error was : %s.\n", cli.desthost, cli_errstr(&cli))); |