From 8584c6bd6621eefb49aff69581caf28e38b4ceda Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 22 Apr 1998 00:56:38 +0000
Subject: genrand.c: Improved generation of random values, more secure.
 loadparm.c: Started add of 'security=domain' code. password.c: Fix for
 security=server NT bugs. reply.c: Started add of 'security=domain' code.
 server.c: Started add of 'security=domain' code. smb.h: Started add of
 'security=domain' code. Jeremy. (This used to be commit
 e6bda112ebe0d41f54c4249b5c2e1f24011347e1)

---
 source3/smbd/reply.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'source3/smbd/reply.c')

diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 2c4800b1c22..2f3b3660fc5 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -515,7 +515,11 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
     passlen1 = MIN(passlen1, MAX_PASS_LEN);
     passlen2 = MIN(passlen2, MAX_PASS_LEN);
 
-    if(doencrypt || (lp_security() == SEC_SERVER)) {
+#ifdef DOMAIN_CLIENT
+    if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) {
+#else /* DOMAIN_CLIENT */
+    if(doencrypt || lp_security() == SEC_SERVER) {
+#endif /* DOMAIN_CLIENT */
       /* Save the lanman2 password and the NT md4 password. */
       smb_apasslen = passlen1;
       memcpy(smb_apasswd,p,smb_apasslen);
@@ -603,6 +607,12 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
 		  server_validate(user, domain, 
 				  smb_apasswd, smb_apasslen, 
 				  smb_ntpasswd, smb_ntpasslen)) &&
+#ifdef DOMAIN_CLIENT
+                !(lp_security() == SEC_DOMAIN &&
+                  domain_client_validate(user, domain,
+                                  smb_apasswd, smb_apasslen,
+                                  smb_ntpasswd, smb_ntpasslen)) &&
+#endif /* DOMAIN_CLIENT */
       !check_hosts_equiv(user))
     {
 
-- 
cgit