diff options
-rw-r--r-- | source4/auth/credentials/credentials.c | 4 | ||||
-rw-r--r-- | source4/libcli/smb_composite/sesssetup.c | 53 |
2 files changed, 55 insertions, 2 deletions
diff --git a/source4/auth/credentials/credentials.c b/source4/auth/credentials/credentials.c index 66b6c120cf3..cf54bfe3b54 100644 --- a/source4/auth/credentials/credentials.c +++ b/source4/auth/credentials/credentials.c @@ -58,6 +58,8 @@ struct cli_credentials *cli_credentials_init(TALLOC_CTX *mem_ctx) cred->bind_dn = NULL; + cred->tries = 3; + cli_credentials_set_kerberos_state(cred, CRED_AUTO_USE_KERBEROS); return cred; @@ -233,7 +235,7 @@ const char *cli_credentials_get_password(struct cli_credentials *cred) if (cred->password_obtained == CRED_CALLBACK) { cred->password = cred->password_cb(cred); - cred->password_obtained = CRED_SPECIFIED; + cred->password_obtained = CRED_CALLBACK_RESULT; } return cred->password; diff --git a/source4/libcli/smb_composite/sesssetup.c b/source4/libcli/smb_composite/sesssetup.c index 0f00d5f9c0f..f2d1dcd87dc 100644 --- a/source4/libcli/smb_composite/sesssetup.c +++ b/source4/libcli/smb_composite/sesssetup.c @@ -36,6 +36,18 @@ struct sesssetup_state { struct smbcli_request *req; }; +static NTSTATUS session_setup_old(struct composite_context *c, + struct smbcli_session *session, + struct smb_composite_sesssetup *io, + struct smbcli_request **req); +static NTSTATUS session_setup_nt1(struct composite_context *c, + struct smbcli_session *session, + struct smb_composite_sesssetup *io, + struct smbcli_request **req); +static NTSTATUS session_setup_spnego(struct composite_context *c, + struct smbcli_session *session, + struct smb_composite_sesssetup *io, + struct smbcli_request **req); /* store the user session key for a transport @@ -58,21 +70,60 @@ static void request_handler(struct smbcli_request *req) struct smbcli_session *session = req->session; DATA_BLOB session_key = data_blob(NULL, 0); DATA_BLOB null_data_blob = data_blob(NULL, 0); - NTSTATUS session_key_err; + NTSTATUS session_key_err, nt_status; c->status = smb_raw_sesssetup_recv(req, state, &state->setup); switch (state->setup.old.level) { case RAW_SESSSETUP_OLD: state->io->out.vuid = state->setup.old.out.vuid; + if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state->io->in.credentials)) { + nt_status = session_setup_old(c, session, + state->io, + &state->req); + if (NT_STATUS_IS_OK(nt_status)) { + c->status = nt_status; + state->req->async.fn = request_handler; + state->req->async.private = c; + return; + } + } + } break; case RAW_SESSSETUP_NT1: state->io->out.vuid = state->setup.nt1.out.vuid; + if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state->io->in.credentials)) { + nt_status = session_setup_nt1(c, session, + state->io, + &state->req); + if (NT_STATUS_IS_OK(nt_status)) { + c->status = nt_status; + state->req->async.fn = request_handler; + state->req->async.private = c; + return; + } + } + } break; case RAW_SESSSETUP_SPNEGO: session->vuid = state->io->out.vuid = state->setup.spnego.out.vuid; + if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) { + if (cli_credentials_wrong_password(state->io->in.credentials)) { + nt_status = session_setup_spnego(c, session, + state->io, + &state->req); + if (NT_STATUS_IS_OK(nt_status)) { + c->status = nt_status; + state->req->async.fn = request_handler; + state->req->async.private = c; + return; + } + } + } if (!NT_STATUS_EQUAL(c->status, NT_STATUS_MORE_PROCESSING_REQUIRED) && !NT_STATUS_IS_OK(c->status)) { break; |