samba-cvs.cvs
[Top] [All Lists]

svn commit: samba r13549 - in trunk/source: passdb rpc_server

Subject: svn commit: samba r13549 - in trunk/source: passdb rpc_server
From:
Date: Fri, 17 Feb 2006 21:32:36 +0000 GMT
Author: jra
Date: 2006-02-17 21:32:34 +0000 (Fri, 17 Feb 2006)
New Revision: 13549

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13549

Log:
Always use the get_remote_macinhe_name() as the key
for the creds store. This should fix the problems
Jerry reported (but I have still to run tests :-).
Jeremy.

Modified:
   trunk/source/passdb/secrets.c
   trunk/source/rpc_server/srv_netlog_nt.c


Changeset:
Modified: trunk/source/passdb/secrets.c
===================================================================
--- trunk/source/passdb/secrets.c       2006-02-17 21:32:31 UTC (rev 13548)
+++ trunk/source/passdb/secrets.c       2006-02-17 21:32:34 UTC (rev 13549)
@@ -930,13 +930,15 @@
  Note we must be root here.
 
*******************************************************************************/
 
-BOOL secrets_store_schannel_session_info(TALLOC_CTX *mem_ctx, const struct 
dcinfo *pdc)
+BOOL secrets_store_schannel_session_info(TALLOC_CTX *mem_ctx,
+                               const char *remote_machine,
+                               const struct dcinfo *pdc)
 {
        TDB_CONTEXT *tdb_sc = NULL;
        TDB_DATA value;
        BOOL ret;
        char *keystr = talloc_asprintf(mem_ctx, "%s/%s", SECRETS_SCHANNEL_STATE,
-                               pdc->remote_machine);
+                               remote_machine);
        if (!keystr) {
                return False;
        }

Modified: trunk/source/rpc_server/srv_netlog_nt.c
===================================================================
--- trunk/source/rpc_server/srv_netlog_nt.c     2006-02-17 21:32:31 UTC (rev 
13548)
+++ trunk/source/rpc_server/srv_netlog_nt.c     2006-02-17 21:32:34 UTC (rev 
13549)
@@ -281,10 +281,6 @@
                        q_u->uni_logon_clnt.buffer,
                        sizeof(fstring),q_u->uni_logon_clnt.uni_str_len*2,0);
 
-       /* Remember the workstation name. This is what we'll use to look
-          up the secrets.tdb record later. */
-       fstrcpy(p->wks, p->dc->remote_machine);
-
        /* Save the client challenge to the server. */
        memcpy(p->dc->clnt_chal.data, q_u->clnt_chal.data, 
sizeof(q_u->clnt_chal.data));
 
@@ -448,7 +444,9 @@
 
        /* Store off the state so we can continue after client disconnect. */
        become_root();
-       secrets_store_schannel_session_info(p->mem_ctx, p->dc);
+       secrets_store_schannel_session_info(p->mem_ctx,
+                                       get_remote_machine_name(),
+                                       p->dc);
        unbecome_root();
 
        return r_u->status;
@@ -480,7 +478,7 @@
                /* Restore the saved state of the netlogon creds. */
                become_root();
                ret = 
secrets_restore_schannel_session_info(p->pipe_state_mem_ctx,
-                                                       workstation,
+                                                       
get_remote_machine_name(),
                                                        &p->dc);
                unbecome_root();
                if (!ret) {
@@ -505,7 +503,9 @@
 
        /* We must store the creds state after an update. */
        become_root();
-       secrets_store_schannel_session_info(p->pipe_state_mem_ctx, p->dc);
+       secrets_store_schannel_session_info(p->pipe_state_mem_ctx,
+                                               get_remote_machine_name(),
+                                               p->dc);
        pdb_init_sam(&sampass);
        ret=pdb_getsampwnam(sampass, p->dc->mach_acct);
        unbecome_root();
@@ -579,8 +579,6 @@
 
 NTSTATUS _net_sam_logoff(pipes_struct *p, NET_Q_SAM_LOGOFF *q_u, 
NET_R_SAM_LOGOFF *r_u)
 {
-       fstring workstation;
-
        if (!get_valid_user_struct(p->vuid))
                return NT_STATUS_NO_SUCH_USER;
 
@@ -588,12 +586,10 @@
                /* Restore the saved state of the netlogon creds. */
                BOOL ret;
 
-               *workstation = '\0';
-               rpcstr_pull_unistr2_fstring(workstation, 
&q_u->sam_id.client.login.uni_comp_name);
-
                become_root();
-               ret = secrets_restore_schannel_session_info(
-                       p->pipe_state_mem_ctx, workstation, &p->dc);
+               ret = 
secrets_restore_schannel_session_info(p->pipe_state_mem_ctx,
+                                               get_remote_machine_name(),
+                                               &p->dc);
                unbecome_root();
                if (!ret) {
                        return NT_STATUS_INVALID_HANDLE;
@@ -616,7 +612,9 @@
 
        /* We must store the creds state after an update. */
        become_root();
-       secrets_store_schannel_session_info(p->pipe_state_mem_ctx, p->dc);
+       secrets_store_schannel_session_info(p->pipe_state_mem_ctx,
+                                       get_remote_machine_name(),
+                                       p->dc);
        unbecome_root();
 
        r_u->status = NT_STATUS_OK;
@@ -694,44 +692,15 @@
        if (!get_valid_user_struct(p->vuid))
                return NT_STATUS_NO_SUCH_USER;
 
-       /* We need the workstation name for the creds lookup. */
-    
-       switch (q_u->sam_id.logon_level) {
-       case INTERACTIVE_LOGON_TYPE:
-               uni_samlogon_user = &ctr->auth.id1.uni_user_name;
-               uni_samlogon_domain = &ctr->auth.id1.uni_domain_name;
-
-                uni_samlogon_workstation = &ctr->auth.id1.uni_wksta_name;
-            
-               DEBUG(3,("SAM Logon (Interactive). Domain:[%s].  ", 
lp_workgroup()));
-               break;
-       case NET_LOGON_TYPE:
-               uni_samlogon_user = &ctr->auth.id2.uni_user_name;
-               uni_samlogon_domain = &ctr->auth.id2.uni_domain_name;
-               uni_samlogon_workstation = &ctr->auth.id2.uni_wksta_name;
-            
-               DEBUG(3,("SAM Logon (Network). Domain:[%s].  ", 
lp_workgroup()));
-               break;
-       default:
-               DEBUG(2,("SAM Logon: unsupported switch value\n"));
-               return NT_STATUS_INVALID_INFO_CLASS;
-       } /* end switch */
-
-       
rpcstr_pull(nt_username,uni_samlogon_user->buffer,sizeof(nt_username),uni_samlogon_user->uni_str_len*2,0);
-       
rpcstr_pull(nt_domain,uni_samlogon_domain->buffer,sizeof(nt_domain),uni_samlogon_domain->uni_str_len*2,0);
-       
rpcstr_pull(nt_workstation,uni_samlogon_workstation->buffer,sizeof(nt_workstation),uni_samlogon_workstation->uni_str_len*2,0);
-
-       DEBUG(3,("User:[%s@%s] Requested Domain:[%s]\n", nt_username, 
nt_workstation, nt_domain));
-
        if (process_creds) {
                if (!p->dc) {
                        /* Restore the saved state of the netlogon creds. */
                        BOOL ret;
 
                        become_root();
-                       ret = secrets_restore_schannel_session_info(
-                               p->pipe_state_mem_ctx, nt_workstation,
-                               &p->dc);
+                       ret = 
secrets_restore_schannel_session_info(p->pipe_state_mem_ctx,
+                                       get_remote_machine_name(),
+                                       &p->dc);
                        unbecome_root();
                        if (!ret) {
                                return NT_STATUS_INVALID_HANDLE;
@@ -748,7 +717,7 @@
                   schannel, the client did offer it in auth2, but
                   obviously did not use it. */
                DEBUG(0,("_net_sam_logon: client %s not using schannel for 
netlogon\n",
-                       p->dc->remote_machine ));
+                       get_remote_machine_name() ));
                return NT_STATUS_ACCESS_DENIED;
        }
 
@@ -763,10 +732,39 @@
 
                /* We must store the creds state after an update. */
                become_root();
-               secrets_store_schannel_session_info(p->pipe_state_mem_ctx, 
p->dc);
+               secrets_store_schannel_session_info(p->pipe_state_mem_ctx,
+                                       get_remote_machine_name(),
+                                       p->dc);
                unbecome_root();
        }
 
+
+       switch (q_u->sam_id.logon_level) {
+       case INTERACTIVE_LOGON_TYPE:
+               uni_samlogon_user = &ctr->auth.id1.uni_user_name;
+               uni_samlogon_domain = &ctr->auth.id1.uni_domain_name;
+
+                uni_samlogon_workstation = &ctr->auth.id1.uni_wksta_name;
+            
+               DEBUG(3,("SAM Logon (Interactive). Domain:[%s].  ", 
lp_workgroup()));
+               break;
+       case NET_LOGON_TYPE:
+               uni_samlogon_user = &ctr->auth.id2.uni_user_name;
+               uni_samlogon_domain = &ctr->auth.id2.uni_domain_name;
+               uni_samlogon_workstation = &ctr->auth.id2.uni_wksta_name;
+            
+               DEBUG(3,("SAM Logon (Network). Domain:[%s].  ", 
lp_workgroup()));
+               break;
+       default:
+               DEBUG(2,("SAM Logon: unsupported switch value\n"));
+               return NT_STATUS_INVALID_INFO_CLASS;
+       } /* end switch */
+
+       
rpcstr_pull(nt_username,uni_samlogon_user->buffer,sizeof(nt_username),uni_samlogon_user->uni_str_len*2,0);
+       
rpcstr_pull(nt_domain,uni_samlogon_domain->buffer,sizeof(nt_domain),uni_samlogon_domain->uni_str_len*2,0);
+       
rpcstr_pull(nt_workstation,uni_samlogon_workstation->buffer,sizeof(nt_workstation),uni_samlogon_workstation->uni_str_len*2,0);
+
+       DEBUG(3,("User:[%s@%s] Requested Domain:[%s]\n", nt_username, 
nt_workstation, nt_domain));
        fstrcpy(current_user_info.smb_name, nt_username);
        sub_set_smb_name(nt_username);
      

<Prev in Thread] Current Thread [Next in Thread>
  • svn commit: samba r13549 - in trunk/source: passdb rpc_server, jra <=