diff options
author | Günther Deschner <gd@samba.org> | 2010-08-09 14:31:24 +0200 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2010-08-09 16:36:22 +0200 |
commit | be396411a4e1f3a174f8a44b6c062d834135e70a (patch) | |
tree | 40ecaded27765eb3b5a79f79e2868854465ee9cb /source4 | |
parent | 46bcb627803caa83c59f8ca9c1064e399000e64d (diff) | |
download | samba-be396411a4e1f3a174f8a44b6c062d834135e70a.tar.gz samba-be396411a4e1f3a174f8a44b6c062d834135e70a.tar.bz2 samba-be396411a4e1f3a174f8a44b6c062d834135e70a.zip |
s3-winbind: Fix Bug #7568: Make sure cm_connect_lsa_tcp does not reset the secure channel.
This is an important fix as the following could and is happening:
* winbind authenticates a user via schannel secured netlogon samlogonex call,
current secure channel cred state is stored in winbind state, winbind
sucessfully decrypts session key from the info3
* winbind sets up a new schannel ncacn_ip_tcp lsa pipe (and thereby resets the
secure channel on the dc)
* subsequent samlogonex calls use the new secure channel creds on the dc to
encrypt info3 session key, while winbind tries to use old schannel creds for
decryption
Guenther
Diffstat (limited to 'source4')
0 files changed, 0 insertions, 0 deletions