diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/proto.h | 1 | ||||
-rw-r--r-- | source3/lib/util.c | 34 | ||||
-rw-r--r-- | source3/smbd/reply.c | 36 |
3 files changed, 41 insertions, 30 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index eb898c44de..ff74fd90e1 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -484,6 +484,7 @@ int set_maxfiles(int requested_max); void reg_get_subkey(char *full_keyname, char *key_name, char *subkey_name); BOOL reg_split_key(const char *full_keyname, uint32 *reg_type, char *key_name); BOOL become_user_permanently(uid_t uid, gid_t gid); +char *get_trusted_serverlist(const char* domain); /*The following definitions come from lib/util_array.c */ diff --git a/source3/lib/util.c b/source3/lib/util.c index 9bcbe1a9c7..b0d6e82970 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -3228,3 +3228,37 @@ BOOL become_user_permanently(uid_t uid, gid_t gid) return(True); } +char *get_trusted_serverlist(const char* domain) +{ + pstring tmp; + static char *server_list = NULL; + static pstring srv_list; + char *trusted_list = lp_trusted_domains(); + + if (strequal(lp_workgroup(), domain)) + { + DEBUG(10,("local domain server list: %s\n", server_list)); + pstrcpy(srv_list, lp_passwordserver()); + return srv_list; + } + + if (!next_token(&trusted_list, tmp, NULL, sizeof(tmp))) + { + return NULL; + } + + do + { + fstring trust_dom; + split_at_first_component(tmp, trust_dom, '=', srv_list); + + if (strequal(domain, trust_dom)) + { + return srv_list; + DEBUG(10,("trusted: %s\n", server_list)); + } + + } while (next_token(NULL, tmp, NULL, sizeof(tmp))); + + return NULL; +} diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d5d0884436..5cf2ac2a7a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -507,49 +507,25 @@ static BOOL check_domain_security(char *orig_user, char *domain, uint16 acct_type = 0; char *server_list = NULL; - pstring srv_list; - char *trusted_list = lp_trusted_domains(); if (lp_security() == SEC_SHARE || lp_security() == SEC_SERVER) { return False; } - if (lp_security() == SEC_DOMAIN) + if (lp_security() == SEC_DOMAIN && strequal(domain, global_myworkgroup)) { fstrcpy(acct_name, global_myname); acct_type = SEC_CHAN_WKSTA; - if (strequal(lp_workgroup(), domain)) - { - DEBUG(10,("local domain server list: %s\n", server_list)); - pstrcpy(srv_list, lp_passwordserver()); - server_list = srv_list; - } } - - if (server_list == NULL) + else { - pstring tmp; - if (next_token(&trusted_list, tmp, NULL, sizeof(tmp))) - { - do - { - fstring trust_dom; - split_at_first_component(tmp, trust_dom, '=', srv_list); - - if (strequal(domain, trust_dom)) - { - DEBUG(10,("trusted domain server list: %s\n", server_list)); - fstrcpy(acct_name, global_myworkgroup); - acct_type = SEC_CHAN_DOMAIN; - server_list = srv_list; - break; - } - - } while (next_token(NULL, tmp, NULL, sizeof(tmp))); - } + fstrcpy(acct_name, global_myworkgroup); + acct_type = SEC_CHAN_DOMAIN; } + server_list = get_trusted_serverlist(domain); + if (server_list == NULL) { return False; |