diff options
| author | Jeremy Allison <jra@samba.org> | 2006-02-15 23:15:55 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:10:09 -0500 |
| commit | 80f4868944d349015d2b64c2414b06466a8194aa (patch) | |
| tree | 8ade3f2deefdef9df0e4cdc90f0a911e19ffe4a6 /source/libsmb | |
| parent | d0efb435e51ee4d5454b55aee1596355ecc4a2c6 (diff) | |
| download | samba-80f4868944d349015d2b64c2414b06466a8194aa.tar.gz samba-80f4868944d349015d2b64c2414b06466a8194aa.tar.xz samba-80f4868944d349015d2b64c2414b06466a8194aa.zip | |
r13519: Fix the credentials chaining across netlogon pipe disconnects.
I mean it this time :-).
Jeremy.
Diffstat (limited to 'source/libsmb')
| -rw-r--r-- | source/libsmb/credentials.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/source/libsmb/credentials.c b/source/libsmb/credentials.c index 795c30d12d6..5026f513ab7 100644 --- a/source/libsmb/credentials.c +++ b/source/libsmb/credentials.c @@ -183,17 +183,30 @@ static void creds_reseed(struct dcinfo *dc) BOOL creds_server_step(struct dcinfo *dc, const DOM_CRED *received_cred, DOM_CRED *cred_out) { - dc->sequence = received_cred->timestamp.time; + BOOL ret; + struct dcinfo tmp_dc = *dc; - creds_step(dc); + /* Do all operations on a temporary copy of the dc, + which we throw away if the checks fail. */ + + tmp_dc.sequence = received_cred->timestamp.time; + + creds_step(&tmp_dc); /* Create the outgoing credentials */ - cred_out->timestamp.time = dc->sequence + 1; - cred_out->challenge = dc->srv_chal; + cred_out->timestamp.time = tmp_dc.sequence + 1; + cred_out->challenge = tmp_dc.srv_chal; - creds_reseed(dc); + creds_reseed(&tmp_dc); - return creds_server_check(dc, &received_cred->challenge); + ret = creds_server_check(&tmp_dc, &received_cred->challenge); + if (!ret) { + return False; + } + + /* creds step succeeded - replace the current creds. */ + *dc = tmp_dc; + return True; } /**************************************************************************** |