From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 27 Feb 2024 08:53:04 +0000 (+0100)
Subject: s3:winbindd: make use of winbindd_get_trust_credentials() in _winbind_LogonControl_TC... 
X-Git-Tag: tdb-1.4.11~759
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ed75331f525b7e7cb71bab88aa08832c2716a610;p=thirdparty%2Fsamba.git

s3:winbindd: make use of winbindd_get_trust_credentials() in _winbind_LogonControl_TC_VERIFY()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---

diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c
index bbdaf6e5807..0c7e9dd5491 100644
--- a/source3/winbindd/winbindd_dual_srv.c
+++ b/source3/winbindd/winbindd_dual_srv.c
@@ -1384,15 +1384,6 @@ static WERROR _winbind_LogonControl_TC_VERIFY(struct pipes_struct *p,
 		goto check_return;
 	}
 
-	status = pdb_get_trust_credentials(domain->name,
-					   domain->alt_name,
-					   frame,
-					   &creds);
-	if (NT_STATUS_IS_OK(status)) {
-		cur_nt_hash = cli_credentials_get_nt_hash(creds, frame);
-		TALLOC_FREE(creds);
-	}
-
 	if (!domain->primary) {
 		union lsa_TrustedDomainInfo *tdi = NULL;
 
@@ -1489,6 +1480,15 @@ reconnect:
 	check_result = WERR_OK;
 	b = netlogon_pipe->binding_handle;
 
+	status = winbindd_get_trust_credentials(domain,
+						frame,
+						true, /* netlogon */
+						false, /* ipc_fallback */
+						&creds);
+	if (NT_STATUS_IS_OK(status)) {
+		cur_nt_hash = cli_credentials_get_nt_hash(creds, frame);
+		TALLOC_FREE(creds);
+	}
 	if (cur_nt_hash == NULL) {
 		verify_result = WERR_NO_TRUST_LSA_SECRET;
 		goto verify_return;