The Samba-Bugzilla – Attachment 3281 Details for
Bug 5451
get_trust_creds() returns incorrect credentials when connecting to a trusted domain
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Temp patch
0001-Use-machine-account-and-machine-password-from-our-do.patch (text/x-patch), 1.66 KB, created by
Steven Danneman
on 2008-05-08 21:13:44 UTC
(
hide
)
Description:
Temp patch
Filename:
MIME Type:
Creator:
Steven Danneman
Created:
2008-05-08 21:13:44 UTC
Size:
1.66 KB
patch
obsolete
>From 7d1cdeb5b2d5da3f93fa4314cd37e44fd2ad8c01 Mon Sep 17 00:00:00 2001 >From: Steven Danneman <sdanneman@isilon.com> >Date: Thu, 8 May 2008 13:34:49 -0700 >Subject: [PATCH] Use machine account and machine password from our domain when contacting trusted domains. > >--- > source/nsswitch/winbindd_cm.c | 6 +++--- > source/passdb/secrets.c | 2 +- > 2 files changed, 4 insertions(+), 4 deletions(-) > >diff --git a/source/nsswitch/winbindd_cm.c b/source/nsswitch/winbindd_cm.c >index 91c8c46..6582554 100644 >--- a/source/nsswitch/winbindd_cm.c >+++ b/source/nsswitch/winbindd_cm.c >@@ -607,12 +607,12 @@ static NTSTATUS get_trust_creds(const struct winbindd_domain *domain, > return NT_STATUS_NO_MEMORY; > } > >- /* this is at least correct when domain is our domain, >- * which is the only case, when this is currently used: */ >+ /* For now assume our machine account only exists in our >+ * domain */ > if (machine_krb5_principal != NULL) > { > if (asprintf(machine_krb5_principal, "%s$@%s", >- account_name, domain->alt_name) == -1) >+ account_name, lp_realm()) == -1) > { > return NT_STATUS_NO_MEMORY; > } >diff --git a/source/passdb/secrets.c b/source/passdb/secrets.c >index cd6c751..73ee57e 100644 >--- a/source/passdb/secrets.c >+++ b/source/passdb/secrets.c >@@ -705,7 +705,7 @@ BOOL get_trust_pw_clear(const char *domain, char **ret_pwd, > /* Just get the account for the requested domain. In the future this > * might also cover to be member of more than one domain. */ > >- pwd = secrets_fetch_machine_password(domain, &last_set_time, channel); >+ pwd = secrets_fetch_machine_password(lp_workgroup(), &last_set_time, channel); > > if (pwd != NULL) { > *ret_pwd = pwd; >-- >1.5.2.5 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3281">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 5451
: 3281 |
3313