From: Stefan Metzmacher Date: Fri, 13 Dec 2024 15:01:27 +0000 (+0100) Subject: s4:rpc_server/netlogon: an RODC is not allowed to call netr_ServerPasswordGet() X-Git-Tag: tdb-1.4.13~203 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ed728597d2abfacf9d6b3253db2c741880fe26d2;p=thirdparty%2Fsamba.git s4:rpc_server/netlogon: an RODC is not allowed to call netr_ServerPasswordGet() Signed-off-by: Stefan Metzmacher Reviewed-by: Jennifer Sutton --- diff --git a/selftest/knownfail.d/samba.tests.krb5.netlogon b/selftest/knownfail.d/samba.tests.krb5.netlogon index 7f551d802b5..f7cea4d5550 100644 --- a/selftest/knownfail.d/samba.tests.krb5.netlogon +++ b/selftest/knownfail.d/samba.tests.krb5.netlogon @@ -1,20 +1,6 @@ # This is not implemented yet ^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_ticket_samlogon # The RODC handling is wrong -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_auth3_01000000 -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_auth3_613fffff -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_auth3_e13fffff -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_00000000 -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_00000004 -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_00004000 -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_01000000 -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_01004004 -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_400001ff -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_413fffff -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_603fbffb -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_613fffff -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_80000000 -^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_check_passwords_rodc_authK_e13fffff ^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_send_to_sam_rodc_auth3_01000000 ^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_send_to_sam_rodc_auth3_613fffff ^samba.tests.krb5.netlogon.*.NetlogonSchannel.test_send_to_sam_rodc_auth3_e13fffff diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 84fd1c6d462..ccf303cff9a 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -3240,7 +3240,6 @@ static NTSTATUS dcesrv_netr_ServerPasswordGet(struct dcesrv_call_state *dce_call ZERO_STRUCT(old_owf_password); switch (r->in.secure_channel_type) { case SEC_CHAN_BDC: - case SEC_CHAN_RODC: break; default: ZERO_STRUCTP(r->out.password);