summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-05-03 14:54:57 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:05:34 -0500
commited752c800425ffd3db39a770ddaee3ad2d73c494 (patch)
tree0d78add2b43ff2f73c21b01b742606e1c2877391 /source4
parent557c98bd5f4e5268d4793d51037f59ef3482fe8c (diff)
downloadsamba-ed752c800425ffd3db39a770ddaee3ad2d73c494.tar.gz
samba-ed752c800425ffd3db39a770ddaee3ad2d73c494.tar.bz2
samba-ed752c800425ffd3db39a770ddaee3ad2d73c494.zip
r15415: Use Jelmer's new credentials 'wrong password' code to give the user 3
attempts for the password, when talking to a remote CIFS server. Andrew Bartlett (This used to be commit 3a4ddc8f5978210ab3ad79f0332cee80a0d6e6c9)
Diffstat (limited to 'source4')
-rw-r--r--source4/auth/credentials/credentials.c4
-rw-r--r--source4/libcli/smb_composite/sesssetup.c53
2 files changed, 55 insertions, 2 deletions
diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c
index 66b6c120cf..cf54bfe3b5 100644
--- a/source4/auth/credentials/credentials.c
+++ b/source4/auth/credentials/credentials.c
@@ -58,6 +58,8 @@ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx)
cred->bind_dn = NULL;
+ cred->tries = 3;
+
cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS);
return cred;
@@ -233,7 +235,7 @@ const char *cli_credentials_get_password(struct cli_credentials *cred)
if (cred->password_obtained == CRED_CALLBACK) {
cred->password = cred->password_cb(cred);
- cred->password_obtained = CRED_SPECIFIED;
+ cred->password_obtained = CRED_CALLBACK_RESULT;
}
return cred->password;
diff --git a/source4/libcli/smb_composite/sesssetup.c b/source4/libcli/smb_composite/sesssetup.c
index 0f00d5f9c0..f2d1dcd87d 100644
--- a/source4/libcli/smb_composite/sesssetup.c
+++ b/source4/libcli/smb_composite/sesssetup.c
@@ -36,6 +36,18 @@ struct sesssetup_state {
struct smbcli_request *req;
};
+static NTSTATUS session_setup_old(struct composite_context *c,
+ struct smbcli_session *session,
+ struct smb_composite_sesssetup *io,
+ struct smbcli_request **req);
+static NTSTATUS session_setup_nt1(struct composite_context *c,
+ struct smbcli_session *session,
+ struct smb_composite_sesssetup *io,
+ struct smbcli_request **req);
+static NTSTATUS session_setup_spnego(struct composite_context *c,
+ struct smbcli_session *session,
+ struct smb_composite_sesssetup *io,
+ struct smbcli_request **req);
/*
store the user session key for a transport
@@ -58,21 +70,60 @@ static void request_handler(struct smbcli_request *req)
struct smbcli_session *session = req->session;
DATA_BLOB session_key = data_blob(NULL, 0);
DATA_BLOB null_data_blob = data_blob(NULL, 0);
- NTSTATUS session_key_err;
+ NTSTATUS session_key_err, nt_status;
c->status = smb_raw_sesssetup_recv(req, state, &state->setup);
switch (state->setup.old.level) {
case RAW_SESSSETUP_OLD:
state->io->out.vuid = state->setup.old.out.vuid;
+ if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) {
+ if (cli_credentials_wrong_password(state->io->in.credentials)) {
+ nt_status = session_setup_old(c, session,
+ state->io,
+ &state->req);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ c->status = nt_status;
+ state->req->async.fn = request_handler;
+ state->req->async.private = c;
+ return;
+ }
+ }
+ }
break;
case RAW_SESSSETUP_NT1:
state->io->out.vuid = state->setup.nt1.out.vuid;
+ if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) {
+ if (cli_credentials_wrong_password(state->io->in.credentials)) {
+ nt_status = session_setup_nt1(c, session,
+ state->io,
+ &state->req);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ c->status = nt_status;
+ state->req->async.fn = request_handler;
+ state->req->async.private = c;
+ return;
+ }
+ }
+ }
break;
case RAW_SESSSETUP_SPNEGO:
session->vuid = state->io->out.vuid = state->setup.spnego.out.vuid;
+ if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) {
+ if (cli_credentials_wrong_password(state->io->in.credentials)) {
+ nt_status = session_setup_spnego(c, session,
+ state->io,
+ &state->req);
+ if (NT_STATUS_IS_OK(nt_status)) {
+ c->status = nt_status;
+ state->req->async.fn = request_handler;
+ state->req->async.private = c;
+ return;
+ }
+ }
+ }
if (!NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED) &&
!NT_STATUS_IS_OK(c->status)) {
break;