summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-01-07 10:11:24 +0000
committerAndrew Bartlett <abartlet@samba.org>2004-01-07 10:11:24 +0000
commit43a4e1dbf99902e641aca02329f855685f8b01ec (patch)
tree1b1a6ff84a0be2c81b56b47d1dc62425d2e36978 /source3
parenta0fb9600d594df3d163d69030d8f2f03dcb7a1b1 (diff)
downloadsamba-43a4e1dbf99902e641aca02329f855685f8b01ec.tar.gz
samba-43a4e1dbf99902e641aca02329f855685f8b01ec.tar.bz2
samba-43a4e1dbf99902e641aca02329f855685f8b01ec.zip
Don't duplicate pulling the 'IPC' username from secrets.tdb, instead
just use one function for both places. Andrew Bartlett (This used to be commit 85da181e8a0ade839f6d595fabdf4cea606f82e1)
Diffstat (limited to 'source3')
-rw-r--r--source3/nsswitch/wbinfo.c12
-rw-r--r--source3/passdb/secrets.c40
2 files changed, 45 insertions, 7 deletions
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index 7d25524f8e..74f341a490 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -909,14 +909,14 @@ static void wbinfo_get_auth_user(void)
char *user, *domain, *password;
/* Lift data from secrets file */
+
+ secrets_fetch_ipc_userpass(&user, &domain, &password);
- secrets_init();
-
- user = secrets_fetch(SECRETS_AUTH_USER, NULL);
- domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL);
- password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL);
+ if ((!user || !*user) && (!domain || !*domain ) && (!password || !*password)){
- if (!user && !domain && !password) {
+ SAFE_FREE(user);
+ SAFE_FREE(domain);
+ SAFE_FREE(password);
d_printf("No authorised user configured\n");
return;
}
diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index 8a146f0d68..1b545488cd 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -3,7 +3,8 @@
Copyright (C) Andrew Tridgell 1992-2001
Copyright (C) Andrew Bartlett 2002
Copyright (C) Rafal Szczesniak 2002
-
+ Copyright (C) Tim Potter 2001
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
@@ -791,3 +792,40 @@ BOOL secrets_fetch_afs_key(const char *cell, struct afs_key *result)
return True;
}
+
+/******************************************************************************
+ When kerberos is not available, choose between anonymous or
+ authenticated connections.
+
+ We need to use an authenticated connection if DCs have the
+ RestrictAnonymous registry entry set > 0, or the "Additional
+ restrictions for anonymous connections" set in the win2k Local
+ Security Policy.
+
+ Caller to free() result in domain, username, password
+*******************************************************************************/
+void secrets_fetch_ipc_userpass(char **username, char **domain, char **password)
+{
+ *username = secrets_fetch(SECRETS_AUTH_USER, NULL);
+ *domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL);
+ *password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL);
+
+ if (*username && **username) {
+
+ if (!*domain || !**domain)
+ *domain = smb_xstrdup(lp_workgroup());
+
+ if (!*password || !**password)
+ *password = smb_xstrdup("");
+
+ DEBUG(3, ("IPC$ connections done by user %s\\%s\n",
+ *domain, *username));
+
+ } else {
+ DEBUG(3, ("IPC$ connections done anonymously\n"));
+ *username = smb_xstrdup("");
+ *domain = smb_xstrdup("");
+ *password = smb_xstrdup("");
+ }
+}
+