summaryrefslogtreecommitdiff
path: root/libcli
diff options
context:
space:
mode:
Diffstat (limited to 'libcli')
-rw-r--r--libcli/auth/schannel_state_ldb.c10
-rw-r--r--libcli/auth/schannel_state_proto.h2
2 files changed, 0 insertions, 12 deletions
diff --git a/libcli/auth/schannel_state_ldb.c b/libcli/auth/schannel_state_ldb.c
index ba3d96fcf7..2919ed6369 100644
--- a/libcli/auth/schannel_state_ldb.c
+++ b/libcli/auth/schannel_state_ldb.c
@@ -264,8 +264,6 @@ NTSTATUS schannel_fetch_session_key_ldb(struct ldb_context *ldb,
NTSTATUS schannel_creds_server_step_check_ldb(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
const char *computer_name,
- bool schannel_required_for_call,
- bool schannel_in_use,
struct netr_Authenticator *received_authenticator,
struct netr_Authenticator *return_authenticator,
struct netlogon_creds_CredentialState **creds_out)
@@ -277,14 +275,6 @@ NTSTATUS schannel_creds_server_step_check_ldb(struct ldb_context *ldb,
/* If we are flaged that schannel is required for a call, and
* it is not in use, then make this an error */
- /* It would be good to make this mandetory once schannel is
- * negoiated, but this is not what windows does */
- if (schannel_required_for_call && !schannel_in_use) {
- DEBUG(0,("schannel_creds_server_step_check: client %s not using schannel for netlogon, despite negotiating it\n",
- creds->computer_name ));
- return NT_STATUS_ACCESS_DENIED;
- }
-
ret = ldb_transaction_start(ldb);
if (ret != 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
diff --git a/libcli/auth/schannel_state_proto.h b/libcli/auth/schannel_state_proto.h
index d0a071c876..da5ebb3b7b 100644
--- a/libcli/auth/schannel_state_proto.h
+++ b/libcli/auth/schannel_state_proto.h
@@ -21,8 +21,6 @@ NTSTATUS schannel_fetch_session_key_ldb(struct ldb_context *ldb,
NTSTATUS schannel_creds_server_step_check_ldb(struct ldb_context *ldb,
TALLOC_CTX *mem_ctx,
const char *computer_name,
- bool schannel_required_for_call,
- bool schannel_in_use,
struct netr_Authenticator *received_authenticator,
struct netr_Authenticator *return_authenticator,
struct netlogon_creds_CredentialState **creds_out);