diff options
| author | Luke Leighton <lkcl@samba.org> | 1999-11-20 20:54:29 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 1999-11-20 20:54:29 +0000 |
| commit | 24a069eac302069559c6347b24276e7f1a04cc91 (patch) | |
| tree | d49a94cde47a03b2b8d2c988f418f3cf1de01876 /source3/smbd/reply.c | |
| parent | a56bea383b4813f77478f9859dc33c90a564f540 (diff) | |
| download | samba-24a069eac302069559c6347b24276e7f1a04cc91.tar.gz samba-24a069eac302069559c6347b24276e7f1a04cc91.tar.xz samba-24a069eac302069559c6347b24276e7f1a04cc91.zip | |
modified domain_client_validate to take trust account name / type. this
is to pass DOMAIN_NAME$ and SEC_CHAN_DOMAIN instead of WKSTA_NAME$ and
SEC_CHAN_WKSTA.
modified check_domain_security to determine if domain name is own domain,
and to use wksta trust account if so, otherwise check "trusting domains"
parameter and use inter-domain trust account if so, otherwise return
False.
(This used to be commit 97ec74e1fa99d773812d2df402251fafb76b181c)
Diffstat (limited to 'source3/smbd/reply.c')
| -rw-r--r-- | source3/smbd/reply.c | 61 |
1 files changed, 56 insertions, 5 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0c4fb2003c..79b24a986c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -39,6 +39,7 @@ extern BOOL case_preserve; extern BOOL short_case_preserve; extern pstring sesssetup_user; extern fstring global_myworkgroup; +extern fstring global_myname; extern int Client; extern int global_oplock_break; uint32 global_client_caps = 0; @@ -501,12 +502,62 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *smb_apasswd, int smb_apasslen, char *smb_ntpasswd, int smb_ntpasslen) { - if(lp_security() != SEC_DOMAIN) - return False; + fstring acct_name; + uint16 acct_type = 0; + + char *server_list = NULL; + pstring srv_list; + char *trusted_list = lp_trusted_domains(); + + if (lp_security() == SEC_SHARE || lp_security() == SEC_SERVER) + { + return False; + } + + if (lp_security() == SEC_DOMAIN) + { + fstrcpy(acct_name, global_myname); + acct_type = SEC_CHAN_WKSTA; + if (strequal(lp_workgroup(), domain)) + { + DEBUG(10,("local domain server list: %s\n", server_list)); + pstrcpy(srv_list, lp_passwordserver()); + server_list = srv_list; + } + } + + if (server_list == NULL) + { + pstring tmp; + if (next_token(&trusted_list, tmp, NULL, sizeof(tmp))) + { + do + { + fstring trust_dom; + split_at_first_component(tmp, trust_dom, '=', srv_list); + + if (strequal(domain, trust_dom)) + { + DEBUG(10,("trusted domain server list: %s\n", server_list)); + fstrcpy(acct_name, global_myworkgroup); + acct_type = SEC_CHAN_DOMAIN; + server_list = srv_list; + break; + } + + } while (next_token(NULL, tmp, NULL, sizeof(tmp))); + } + } + + if (server_list == NULL) + { + return False; + } - return domain_client_validate(orig_user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen); + return domain_client_validate(orig_user, domain, server_list, + acct_name, acct_type, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen); } /**************************************************************************** |