hmmm... have to add client-side support in domain_client_validate() to

_use_ user session key.
(This used to be commit be6a6b13939798a9c7242b38864f0ce842391a74)

1 files changed, 6 insertions, 4 deletions

diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 79b24a986c..da72c9f3b5 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -499,8 +499,9 @@ static BOOL check_server_security(char *orig_user, char *domain,
 ****************************************************************************/
 
 static BOOL check_domain_security(char *orig_user, char *domain, 
-                                  char *smb_apasswd, int smb_apasslen,
-                                  char *smb_ntpasswd, int smb_ntpasslen)
+				char *smb_apasswd, int smb_apasslen,
+				char *smb_ntpasswd, int smb_ntpasslen,
+				uchar user_sess_key[16])
 {
 	fstring acct_name;
 	uint16 acct_type = 0;
@@ -557,7 +558,8 @@ static BOOL check_domain_security(char *orig_user, char *domain,
 	return domain_client_validate(orig_user, domain, server_list,
 	                        acct_name, acct_type,
 	                        smb_apasswd, smb_apasslen,
-	                        smb_ntpasswd, smb_ntpasslen);
+	                        smb_ntpasswd, smb_ntpasslen,
+	                        user_sess_key);
 }
 
 /****************************************************************************
@@ -768,7 +770,7 @@ user %s attempted down-level SMB connection\n", user));
                              smb_ntpasswd, smb_ntpasslen) &&
       !check_domain_security(orig_user, domain,
                              smb_apasswd, smb_apasslen,
-                             smb_ntpasswd, smb_ntpasslen) &&
+                             smb_ntpasswd, smb_ntpasslen, user_sess_key) &&
       !check_hosts_equiv(user)
      )
   {