diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2004-01-07 10:11:24 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2004-01-07 10:11:24 +0000 |
| commit | 43a4e1dbf99902e641aca02329f855685f8b01ec (patch) | |
| tree | 1b1a6ff84a0be2c81b56b47d1dc62425d2e36978 /source3 | |
| parent | a0fb9600d594df3d163d69030d8f2f03dcb7a1b1 (diff) | |
Don't duplicate pulling the 'IPC' username from secrets.tdb, instead
just use one function for both places.
Andrew Bartlett
(This used to be commit 85da181e8a0ade839f6d595fabdf4cea606f82e1)
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/nsswitch/wbinfo.c | 12 | ||||
| -rw-r--r-- | source3/passdb/secrets.c | 40 |
2 files changed, 45 insertions, 7 deletions
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index 7d25524f8e..74f341a490 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -909,14 +909,14 @@ static void wbinfo_get_auth_user(void) char *user, *domain, *password; /* Lift data from secrets file */ + + secrets_fetch_ipc_userpass(&user, &domain, &password); - secrets_init(); - - user = secrets_fetch(SECRETS_AUTH_USER, NULL); - domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL); - password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL); + if ((!user || !*user) && (!domain || !*domain ) && (!password || !*password)){ - if (!user && !domain && !password) { + SAFE_FREE(user); + SAFE_FREE(domain); + SAFE_FREE(password); d_printf("No authorised user configured\n"); return; } diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index 8a146f0d68..1b545488cd 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -3,7 +3,8 @@ Copyright (C) Andrew Tridgell 1992-2001 Copyright (C) Andrew Bartlett 2002 Copyright (C) Rafal Szczesniak 2002 - + Copyright (C) Tim Potter 2001 + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or @@ -791,3 +792,40 @@ BOOL secrets_fetch_afs_key(const char *cell, struct afs_key *result) return True; } + +/****************************************************************************** + When kerberos is not available, choose between anonymous or + authenticated connections. + + We need to use an authenticated connection if DCs have the + RestrictAnonymous registry entry set > 0, or the "Additional + restrictions for anonymous connections" set in the win2k Local + Security Policy. + + Caller to free() result in domain, username, password +*******************************************************************************/ +void secrets_fetch_ipc_userpass(char **username, char **domain, char **password) +{ + *username = secrets_fetch(SECRETS_AUTH_USER, NULL); + *domain = secrets_fetch(SECRETS_AUTH_DOMAIN, NULL); + *password = secrets_fetch(SECRETS_AUTH_PASSWORD, NULL); + + if (*username && **username) { + + if (!*domain || !**domain) + *domain = smb_xstrdup(lp_workgroup()); + + if (!*password || !**password) + *password = smb_xstrdup(""); + + DEBUG(3, ("IPC$ connections done by user %s\\%s\n", + *domain, *username)); + + } else { + DEBUG(3, ("IPC$ connections done anonymously\n")); + *username = smb_xstrdup(""); + *domain = smb_xstrdup(""); + *password = smb_xstrdup(""); + } +} + |