From 53484d0d98475f55ae3bd02e1a86b9c45b20e33d Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 15 Jan 2018 14:24:47 +0100 Subject: [PATCH] winbindd: fix LSA connections via DCERPC_AUTH_SCHANNEL Bug: https://bugzilla.samba.org/show_bug.cgi?id=13231 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme --- source3/winbindd/winbindd.h | 1 - source3/winbindd/winbindd_cm.c | 9 --------- 2 files changed, 10 deletions(-) diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h index b60094bafcd..43c90445e87 100644 --- a/source3/winbindd/winbindd.h +++ b/source3/winbindd/winbindd.h @@ -100,7 +100,6 @@ struct winbindd_cm_conn { struct rpc_pipe_client *netlogon_pipe; struct netlogon_creds_cli_context *netlogon_creds_ctx; - uint32_t netlogon_flags; bool netlogon_force_reauth; }; diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 4d3a372dd25..2aca5f374f6 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2039,7 +2039,6 @@ void invalidate_cm_connection(struct winbindd_domain *domain) conn->auth_level = DCERPC_AUTH_LEVEL_PRIVACY; conn->netlogon_force_reauth = false; - conn->netlogon_flags = 0; TALLOC_FREE(conn->netlogon_creds_ctx); if (conn->cli) { @@ -2620,9 +2619,6 @@ static NTSTATUS cm_get_schannel_creds(struct winbindd_domain *domain, } if (domain->conn.netlogon_creds_ctx != NULL) { - if (!(domain->conn.netlogon_flags & NETLOGON_NEG_AUTHENTICATED_RPC)) { - return NT_STATUS_TRUSTED_DOMAIN_FAILURE; - } *ppdc = domain->conn.netlogon_creds_ctx; return NT_STATUS_OK; } @@ -2636,10 +2632,6 @@ static NTSTATUS cm_get_schannel_creds(struct winbindd_domain *domain, return NT_STATUS_TRUSTED_DOMAIN_FAILURE; } - if (!(domain->conn.netlogon_flags & NETLOGON_NEG_AUTHENTICATED_RPC)) { - return NT_STATUS_TRUSTED_DOMAIN_FAILURE; - } - *ppdc = domain->conn.netlogon_creds_ctx; return NT_STATUS_OK; } @@ -3234,7 +3226,6 @@ static NTSTATUS cm_connect_netlogon_transport(struct winbindd_domain *domain, } TALLOC_FREE(conn->netlogon_pipe); - conn->netlogon_flags = 0; TALLOC_FREE(conn->netlogon_creds_ctx); result = get_trust_credentials(domain, talloc_tos(), true, &creds); -- 2.47.3