From 3c3725a340ffe20ab679cf2f9d41ccd0b51b4b3a Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 6 Oct 2009 17:46:25 +0200 Subject: s3-winbindd: libwbclient: implement secure channel verification for specific domains in wbcCheckTrustCredentials(). Guenther --- source3/winbindd/winbindd_check_machine_acct.c | 11 ++++++++++- source3/winbindd/winbindd_dual_srv.c | 8 ++++---- 2 files changed, 14 insertions(+), 5 deletions(-) (limited to 'source3') diff --git a/source3/winbindd/winbindd_check_machine_acct.c b/source3/winbindd/winbindd_check_machine_acct.c index e3505cb352..610e9edfaa 100644 --- a/source3/winbindd/winbindd_check_machine_acct.c +++ b/source3/winbindd/winbindd_check_machine_acct.c @@ -42,7 +42,16 @@ struct tevent_req *winbindd_check_machine_acct_send(TALLOC_CTX *mem_ctx, return NULL; } - domain = find_our_domain(); + if (request->domain_name[0] == '0') { + /* preserve old behavior, when no domain name is given */ + domain = find_our_domain(); + } else { + domain = find_domain_from_name(request->domain_name); + } + if (domain == NULL) { + tevent_req_nterror(req, NT_STATUS_NO_SUCH_DOMAIN); + return tevent_req_post(req, ev); + } if (domain->internal) { /* * Internal domains are passdb based, we can always diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 179a771066..337486107f 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -437,13 +437,13 @@ again: /* Pass back result code - zero for success, other values for specific failures. */ - DEBUG(3, ("secret is %s\n", NT_STATUS_IS_OK(status) ? - "good" : "bad")); + DEBUG(3,("domain %s secret is %s\n", domain->name, + NT_STATUS_IS_OK(status) ? "good" : "bad")); done: DEBUG(NT_STATUS_IS_OK(status) ? 5 : 2, - ("Checking the trust account password returned %s\n", - nt_errstr(status))); + ("Checking the trust account password for domain %s returned %s\n", + domain->name, nt_errstr(status))); return status; } -- cgit