s3: net: Do not set NET_FLAGS_ANONYMOUS with -k

This affects net rpc getsid and net rpc changetrustpw commands.
This avoids an anonymous IPC connection being made when -k is used,
this only affects net rpc getsid and net rpc changetrustpw commands.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13726

Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Noel Power <npower@samba.org>

diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 6d5a10437928f14929c3e2cef16e9aa70e5245a3..c300b8a4b3da7fcc95553870121dc78a76e79a9b 100644 (file)
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -316,6 +316,12 @@ static NTSTATUS rpc_changetrustpw_internals(struct net_context *c,
 
 int net_rpc_changetrustpw(struct net_context *c, int argc, const char **argv)
 {
+       int conn_flags = NET_FLAGS_PDC;
+
+       if (!c->opt_user_specified && !c->opt_kerberos) {
+               conn_flags |= NET_FLAGS_ANONYMOUS;
+       }
+
        if (c->display_usage) {
                d_printf(  "%s\n"
                           "net rpc changetrustpw\n"
@@ -326,7 +332,7 @@ int net_rpc_changetrustpw(struct net_context *c, int argc, const char **argv)
        }
 
        return run_rpc_command(c, NULL, &ndr_table_netlogon,
-                              NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
+                              conn_flags,
                               rpc_changetrustpw_internals,
                               argc, argv);
 }
@@ -863,7 +869,7 @@ int net_rpc_getsid(struct net_context *c, int argc, const char **argv)
 {
        int conn_flags = NET_FLAGS_PDC;
 
-       if (!c->opt_user_specified) {
+       if (!c->opt_user_specified && !c->opt_kerberos) {
                conn_flags |= NET_FLAGS_ANONYMOUS;
        }