From 85e9412c4786ede6f94d879185d493756d37eebe Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Sun, 1 May 2005 19:29:00 +0000
Subject: r6565: Cludge, cludge, cludge...

We need to pass the 'secure channel type' to the NETLOGON layer, which
must match the account type.

(Yes, jelmer objects to this inclusion of the kitchen sink ;-)

Andrew Bartlett
(This used to be commit 8ee208a926d2b15fdc42753b1f9ee586564c6248)
---
 source4/lib/credentials.c | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

(limited to 'source4/lib')

diff --git a/source4/lib/credentials.c b/source4/lib/credentials.c
index db796cde35..64e3b9958d 100644
--- a/source4/lib/credentials.c
+++ b/source4/lib/credentials.c
@@ -465,6 +465,7 @@ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred)
 	const char *password;
 	const char *domain;
 	const char *realm;
+	enum netr_SchannelType sct;
 	
 	/* ok, we are going to get it now, don't recurse back here */
 	cred->machine_account_pending = False;
@@ -510,6 +511,15 @@ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred)
 		return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
 	}
 	
+	sct = ldb_msg_find_int(msgs[0], "secureChannelType", 0);
+	if (!sct) {
+		cli_credentials_set_secure_channel_type(cred, sct);
+	} else {
+		DEBUG(1, ("Domain join for acocunt %s did not have a secureChannelType set!\n",
+			  machine_account));
+		return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
+	}
+	
 	domain = ldb_msg_find_string(msgs[0], "flatname", NULL);
 	if (domain) {
 		cli_credentials_set_domain(cred, domain, CRED_SPECIFIED);
@@ -519,7 +529,7 @@ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred)
 	if (realm) {
 		cli_credentials_set_realm(cred, realm, CRED_SPECIFIED);
 	}
-	
+
 	cli_credentials_set_username(cred, machine_account, CRED_SPECIFIED);
 	cli_credentials_set_password(cred, password, CRED_SPECIFIED);
 	talloc_free(mem_ctx);
@@ -560,6 +570,25 @@ struct creds_CredentialState *cli_credentials_get_netlogon_creds(struct cli_cred
 	return cred->netlogon_creds;
 }
 
+/** 
+ * Set NETLOGON secure channel type
+ */
+
+void cli_credentials_set_secure_channel_type(struct cli_credentials *cred,
+					     enum netr_SchannelType secure_channel_type)
+{
+	cred->secure_channel_type = secure_channel_type;
+}
+
+/**
+ * Return NETLOGON secure chanel type
+ */
+
+enum netr_SchannelType cli_credentials_get_secure_channel_type(struct cli_credentials *cred)
+{
+	return cred->secure_channel_type;
+}
+
 /**
  * Fill in a credentials structure as the anonymous user
  */
-- 
cgit