new get_any_dc_name() function allows lookups of trusted domains from

lp_trusted_domains() parameter, so trusted domain logins should work,
right, if you put user = TRUSTED_DOMAIN\NTuser in "domain name map", right?

right - as _long_ as you're not using NTLMv2, because the damn NT username
gets mapped to the damn unix name too early, and NTLMv2 challenge-responses
are based on the client's user name, client's domain name, client's host name
etc damn etc.

so it becomes necessary to stop using char* username because this allows
for massive amounts of confusion as to which username is being referred to.
the underlying unix username on the local unix system that is associated with
the smbd process that represents the NT username?  or the NT username itself?
(This used to be commit dd3ccdd7d996c107766cdad3c403e8b8947b9e65)

diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 712421128673837b1e876158a17743cb897e24c0..5f898a8b0ec44a19ac5b5dfaa81d43b0c86682b1 100644 (file)
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -31,8 +31,18 @@ extern int DEBUGLEVEL;
  * set the port that will be used for connections by the client
  */
 
-void copy_user_creds(struct user_credentials *to, const struct user_credentials *from)
+void copy_user_creds(struct user_credentials *to,
+                               const struct user_credentials *from)
 {
+       if (from == NULL)
+       {
+               to->domain[0] = 0;
+               to->user_name[0] = 0;
+               pwd_set_nullpwd(&to->pwd);
+               to->ntlmssp_flags = 0;
+
+               return;
+       }
        safe_strcpy(to->domain   , from->domain   , sizeof(from->domain   )-1);
        safe_strcpy(to->user_name, from->user_name, sizeof(from->user_name)-1);
        memcpy(&to->pwd, &from->pwd, sizeof(from->pwd));
@@ -2675,18 +2685,7 @@ initialise a client structure
 ****************************************************************************/
 void cli_init_creds(struct cli_state *cli, const struct user_credentials *usr)
 {
-       if (usr != NULL)
-       {
-               copy_user_creds(&cli->usr, usr);
-               cli->ntlmssp_cli_flgs = usr->ntlmssp_flags;
-       }
-       else
-       {
-               cli->usr.domain[0] = 0;
-               cli->usr.user_name[0] = 0;
-               pwd_set_nullpwd(&cli->usr.pwd);
-               cli->ntlmssp_cli_flgs = 0;
-       }
+       copy_user_creds(&cli->usr, usr);
 }
 
 /****************************************************************************
@@ -3336,6 +3335,8 @@ BOOL cli_connect_auth(struct cli_state *cli,
        extern pstring global_myname;
        extern pstring scope;
        struct nmb_name calling, called;
+
+       ZERO_STRUCTP(cli);
        if (!cli_initialise(cli))
        {
                DEBUG(0,("unable to initialise client connection.\n"));
@@ -3412,7 +3413,6 @@ BOOL cli_connect_servers_auth(struct cli_state *cli,
        if (!connected_ok)
        {
                DEBUG(0,("Domain password server not available.\n"));
-               cli_shutdown(cli);
        }
 
        return connected_ok;
@@ -3485,7 +3485,6 @@ BOOL cli_connect_serverlist(struct cli_state *cli, char *p)
        if (!connected_ok)
        {
                DEBUG(0,("cli_connect_serverlist: Domain password server not available.\n"));
-               cli_shutdown(cli);
        }
 
        return connected_ok;

diff --git a/source3/rpc_client/cli_use.c b/source3/rpc_client/cli_use.c
index 5ae722d6adc77f123deaeac1048b34d0b30c44a3..17458ffacdfb4f118ee9be310f0687652f9107c4 100644 (file)
--- a/source3/rpc_client/cli_use.c
+++ b/source3/rpc_client/cli_use.c
@@ -114,6 +114,11 @@ static struct cli_use *cli_find(const char* srv_name,
 {
        int i;
        const char *sv_name = srv_name;
+       struct user_credentials null_usr;
+
+       copy_user_creds(&null_usr, usr_creds);
+       usr_creds = &null_usr;
+               
        if (strnequal("\\\\", sv_name, 2))
        {
                sv_name = &sv_name[2];