Ignore:
Timestamp:
May 12, 2014, 8:58:38 PM (11 years ago)
Author:
Silvan Scherrer
Message:

Samba 3.6: updated vendor to latest version

Location:
vendor/current/source3/auth
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • vendor/current/source3/auth/auth_util.c

    r746 r860  
    121121
    122122        if (!is_trusted_domain(domain) &&
    123             !strequal(domain, my_sam_name()))
     123            !strequal(domain, my_sam_name()) &&
     124            !strequal(domain, get_global_sam_name()))
    124125        {
    125126                if (lp_map_untrusted_to_domain())
     
    902903NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx,
    903904                                       const char *username,
     905                                       bool use_guest_token,
    904906                                       bool is_guest,
    905907                                       struct auth_serversupplied_info **presult)
     
    925927        result->guest = is_guest;
    926928
    927         status = create_local_token(result);
     929        if (use_guest_token) {
     930                status = make_server_info_guest(mem_ctx, &result);
     931        } else {
     932                status = create_local_token(result);
     933        }
    928934
    929935        if (!NT_STATUS_IS_OK(status)) {
     
    11751181                        /* work around 'winbind use default domain = yes' */
    11761182
    1177                         if ( !strchr_m( pw->pw_name, *lp_winbind_separator() ) ) {
     1183                        if ( lp_winbind_use_default_domain() &&
     1184                             !strchr_m( pw->pw_name, *lp_winbind_separator() ) ) {
    11781185                                char *domain;
    11791186

  • vendor/current/source3/auth/auth_winbind.c

    r740 r860  
    6363
    6464        /* Send off request */
    65 
    6665        params.account_name     = user_info->client.account_name;
    67         params.domain_name      = user_info->mapped.domain_name;
     66        /*
     67         * We need to send the domain name from the client to the DC. With
     68         * NTLMv2 the domain name is part of the hashed second challenge,
     69         * if we change the domain name, the DC will fail to verify the
     70         * challenge cause we changed the domain name, this is like a
     71         * man in the middle attack.
     72         */
     73        params.domain_name      = user_info->client.domain_name;
    6874        params.workstation_name = user_info->workstation_name;
    6975

  • vendor/current/source3/auth/check_samsec.c

    r740 r860  
    409409        if (pdb_get_acct_ctrl(sampass) & ACB_AUTOLOCK) {
    410410                DEBUG(3,("check_sam_security: Account for user %s was locked out.\n", username));
     411                TALLOC_FREE(sampass);
    411412                return NT_STATUS_ACCOUNT_LOCKED_OUT;
    412413        }

  • vendor/current/source3/auth/proto.h

    r740 r860  
    150150NTSTATUS make_serverinfo_from_username(TALLOC_CTX *mem_ctx,
    151151                                       const char *username,
     152                                       bool use_guest_token,
    152153                                       bool is_guest,
    153154                                       struct auth_serversupplied_info **presult);

  • vendor/current/source3/auth/server_info.c

    r746 r860  
    609609        if (!info3) return NULL;
    610610
    611         info3->base.last_logon = info->logon_time;
    612         info3->base.last_logoff = info->logoff_time;
    613         info3->base.acct_expiry = info->kickoff_time;
     611        unix_to_nt_time(&info3->base.last_logon, info->logon_time);
     612        unix_to_nt_time(&info3->base.last_logoff, info->logoff_time);
     613        unix_to_nt_time(&info3->base.acct_expiry, info->kickoff_time);
    614614        unix_to_nt_time(&info3->base.last_password_change, info->pass_last_set_time);
    615615        unix_to_nt_time(&info3->base.allow_password_change,

  • vendor/current/source3/auth/user_util.c

    r740 r860  
    426426
    427427        /*
    428          * Setup the last_from and last_to as an optimization so
     428         * If we didn't successfully map a user in the loop above,
     429         * setup the last_from and last_to as an optimization so
    429430         * that we don't scan the file again for the same user.
    430431         */
    431 
    432         set_last_from_to(user_in, user_in);
    433         store_map_in_gencache(ctx, user_in, user_in);
     432        if (!mapped_user) {
     433                DEBUG(8, ("The user '%s' has no mapping. "
     434                          "Skip it next time.\n", user_in));
     435                set_last_from_to(user_in, user_in);
     436                store_map_in_gencache(ctx, user_in, user_in);
     437        }
    434438
    435439        return mapped_user;
Note: See TracChangeset for help on using the changeset viewer.