summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2023-03-02 14:46:25 +0100
committerJule Anger <janger@samba.org>2023-04-16 15:41:16 +0000
commit5cc3c1b5f6b0289f91c01b20989558badc28fd61 (patch)
treec7877b3593998e047794488a74dc57eaca3b9068
parent4f1d674aa929208a9d623ce933da3d38692f68b8 (diff)
downloadsamba-5cc3c1b5f6b0289f91c01b20989558badc28fd61.tar.gz
net_ads: fill ads->auth.realm from c->creds
We get the realm we use for authentication needs to the realm belonging to the username we use. We derive the username from c->creds, so we need to do the same for the realm. Otherwise we try to authenticate as the wrong user. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15323 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 0ef53b948e13eb36b536228cccd89aa4c2adbb90)
-rw-r--r--selftest/knownfail.d/samba4.blackbox.net_ads_search_server_P1
-rw-r--r--source3/utils/net_ads.c10
2 files changed, 9 insertions, 2 deletions
diff --git a/selftest/knownfail.d/samba4.blackbox.net_ads_search_server_P b/selftest/knownfail.d/samba4.blackbox.net_ads_search_server_P
deleted file mode 100644
index 7f06e3fe738..00000000000
--- a/selftest/knownfail.d/samba4.blackbox.net_ads_search_server_P
+++ /dev/null
@@ -1 +0,0 @@
-^samba4.blackbox.net_ads_search_server_P.trust
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 4bca90d5c8c..9ec884394eb 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -710,7 +710,15 @@ retry:
TALLOC_FREE(ads);
return ADS_ERROR(LDAP_NO_MEMORY);
}
- }
+ } else if (ads->auth.realm == NULL) {
+ const char *c_realm = cli_credentials_get_realm(c->creds);
+
+ ads->auth.realm = talloc_strdup(ads, c_realm);
+ if (ads->auth.realm == NULL) {
+ TALLOC_FREE(ads);
+ return ADS_ERROR(LDAP_NO_MEMORY);
+ }
+ }
status = ads_connect(ads);