svn commit: samba r10269 - in branches/SAMBA_3_0/source: libsmb rpc_client rpc_server

Fri, 16 Sep 2005 09:21:31 -0700 

Author: jra
Date: 2005-09-16 16:20:48 +0000 (Fri, 16 Sep 2005)
New Revision: 10269

WebSVN: 
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10269

Log:
Server-side fix for creds change - revert jcmd's change.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/libsmb/credentials.c
   branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c
   branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c


Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/credentials.c
===================================================================
--- branches/SAMBA_3_0/source/libsmb/credentials.c      2005-09-16 16:20:23 UTC 
(rev 10268)
+++ branches/SAMBA_3_0/source/libsmb/credentials.c      2005-09-16 16:20:48 UTC 
(rev 10269)
@@ -208,36 +208,8 @@
        
        DEBUG(5,("deal_with_creds: clnt_cred=%s\n", 
credstr(sto_clnt_cred->challenge.data)));
 
-       /* Bug #2953 - don't store new seed in client credentials 
-          here, because we need to make sure we're moving forward first
-        */
+       /* store new seed in client credentials */
+       SIVAL(sto_clnt_cred->challenge.data, 0, new_cred);
 
        return True;
 }
-
-/*
-  stores new seed in client credentials
-  jmcd - Bug #2953 - moved this functionality out of deal_with_creds, because 
we're
-  not supposed to move to the next step in the chain if a nonexistent user 
tries to logon
-*/
-void reseed_client_creds(DOM_CRED *sto_clnt_cred, DOM_CRED *rcv_clnt_cred)
-{
-       UTIME new_clnt_time;
-       uint32 new_cred;
-
-       /* increment client time by one second */
-       new_clnt_time.time = rcv_clnt_cred->timestamp.time + 1;
-
-       /* first 4 bytes of the new seed is old client 4 bytes + clnt time + 1 
*/
-       new_cred = IVAL(sto_clnt_cred->challenge.data, 0);
-       new_cred += new_clnt_time.time;
-
-       DEBUG(5,("reseed_client_creds: new_cred[0]=%x\n", new_cred));
-       DEBUG(5,("reseed_client_creds: new_clnt_time=%x\n", 
-                new_clnt_time.time));
-       DEBUG(5,("reseed_client_creds: clnt_cred=%s\n", 
-                credstr(sto_clnt_cred->challenge.data)));
-
-       /* store new seed in client credentials */
-       SIVAL(sto_clnt_cred->challenge.data, 0, new_cred);
-}      

Modified: branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c 2005-09-16 16:20:23 UTC 
(rev 10268)
+++ branches/SAMBA_3_0/source/rpc_client/cli_netlogon.c 2005-09-16 16:20:48 UTC 
(rev 10269)
@@ -931,7 +931,6 @@
                {
                        /* report error code */
                        DEBUG(0,("cli_net_srv_pwset: %s\n", 
nt_errstr(nt_status)));
-                       goto done;
                }
 
                /* Update the credentials. */

Modified: branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c
===================================================================
--- branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c        2005-09-16 
16:20:23 UTC (rev 10268)
+++ branches/SAMBA_3_0/source/rpc_server/srv_netlog_nt.c        2005-09-16 
16:20:48 UTC (rev 10269)
@@ -449,7 +449,6 @@
        if (!(p->dc.authenticated && deal_with_creds(p->dc.sess_key, 
&p->dc.clnt_cred, &q_u->clnt_id.cred, &srv_cred)))
                return NT_STATUS_INVALID_HANDLE;
 
-       reseed_client_creds(&p->dc.clnt_cred, &q_u->clnt_id.cred);
        memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
 
        DEBUG(5,("_net_srv_pwset: %d\n", __LINE__));
@@ -547,7 +546,6 @@
                return NT_STATUS_INVALID_HANDLE;
 
        /* what happens if we get a logoff for an unknown user? */
-       reseed_client_creds(&p->dc.clnt_cred, &q_u->sam_id.client.cred);
        memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
 
        /* XXXX maybe we want to say 'no', reject the client's credentials */
@@ -606,6 +604,8 @@
        if (!(p->dc.authenticated && deal_with_creds(p->dc.sess_key, 
&p->dc.clnt_cred, &q_u->sam_id.client.cred, &srv_cred)))
                return NT_STATUS_INVALID_HANDLE;
 
+       memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
+
        r_u->buffer_creds = 1; /* yes, we have valid server credentials */
        memcpy(&r_u->srv_creds, &srv_cred, sizeof(r_u->srv_creds));
 
@@ -729,12 +729,6 @@
                return status;
        }
 
-       /* moved from right after deal_with_creds above, since we weren't
-          supposed to update unless logon was successful */
-
-       reseed_client_creds(&p->dc.clnt_cred, &q_u->sam_id.client.cred);
-       memcpy(&p->dc.srv_cred, &p->dc.clnt_cred, sizeof(p->dc.clnt_cred));
-    
        if (server_info->guest) {
                /* We don't like guest domain logons... */
                DEBUG(5,("_net_sam_logon: Attempted domain logon as GUEST 
denied.\n"));

Reply via email to