From: Stefan Metzmacher <metze@samba.org>
Date: Fri, 15 Nov 2024 16:12:52 +0000 (+0100)
Subject: s4:rpc_server/netlogon: let dcesrv_netr_LogonSamLogon_base_reply handle encryption... 
X-Git-Tag: tdb-1.4.13~383
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=567d4e356a10c5af3b679dcb338ae2bd3ce88b19;p=thirdparty%2Fsamba.git

s4:rpc_server/netlogon: let dcesrv_netr_LogonSamLogon_base_reply handle encryption errors

This might be the better option when we implement
netr_ServerAuthenticateKerberos().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---

diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 3a75e046839..5c7ac435a1c 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -1704,6 +1704,12 @@ static void dcesrv_netr_LogonSamLogon_base_reply(
 			DBG_ERR("netlogon_creds_encrypt_samlogon_validation() "
 				"failed - %s\n",
 				nt_errstr(status));
+			if (r->out.validation != NULL) {
+				ZERO_STRUCTP(r->out.validation);
+			}
+			*r->out.authoritative = true;
+			*r->out.flags = 0;
+			r->out.result = status;
 		}
 	}