treat a blank "password server =" line as a "*" if in domain security
authorAndrew Tridgell <tridge@samba.org>
Wed, 10 May 2000 13:21:32 +0000 (13:21 +0000)
committerAndrew Tridgell <tridge@samba.org>
Wed, 10 May 2000 13:21:32 +0000 (13:21 +0000)
source/nsswitch/winbindd_util.c
source/smbd/password.c

index b3e5780f93210162bf6d47f3d9abdadba8b29c8a..daffb1ef8c78c654f27ca214b28b8241e3561be1 100644 (file)
@@ -26,7 +26,9 @@
 BOOL domain_handles_open(struct winbindd_domain *domain)
 {
        return domain->sam_handle_open &&
-               domain->sam_dom_handle_open;
+               domain->sam_dom_handle_open &&
+               rpc_hnd_ok(&domain->sam_handle) &&
+               rpc_hnd_ok(&domain->sam_dom_handle);
 }
 
 static BOOL resolve_dc_name(char *domain_name, fstring domain_controller)
@@ -36,8 +38,7 @@ static BOOL resolve_dc_name(char *domain_name, fstring domain_controller)
        
        /* if its our primary domain and password server is not '*' then use the
           password server parameter */
-       if (strcmp(domain_name,lp_workgroup()) == 0 && 
-           strcmp(lp_passwordserver(),"*") != 0) {
+       if (strcmp(domain_name,lp_workgroup()) == 0 && !lp_wildcard_dc()) {
                fstrcpy(domain_controller, lp_passwordserver());
                return True;
        }
@@ -124,6 +125,19 @@ static BOOL open_sam_handles(struct winbindd_domain *domain)
                if (!domain->got_domain_info) return False;
        }
 
+       if ((domain->sam_handle_open && !rpc_hnd_ok(&domain->sam_handle)) ||
+           (domain->sam_dom_handle_open && !rpc_hnd_ok(&domain->sam_dom_handle))) {
+               domain->got_domain_info = get_domain_info(domain);
+               if (domain->sam_dom_handle_open) {
+                       samr_close(&domain->sam_dom_handle);
+                       domain->sam_dom_handle_open = False;
+               }
+               if (domain->sam_handle_open) {
+                       samr_close(&domain->sam_handle);
+                       domain->sam_handle_open = False;
+               }
+       }
+
        /* Open sam handle if it isn't already open */
        if (!domain->sam_handle_open) {
                domain->sam_handle_open = 
@@ -187,7 +201,7 @@ void establish_connections(void)
 
        if (!server_state.pwdb_initialised) {
                fstrcpy(server_state.controller, lp_passwordserver());
-               if (strcmp(server_state.controller,"*") == 0) {
+               if (lp_wildcard_dc()) {
                        if (!resolve_dc_name(lp_workgroup(), server_state.controller)) {
                                return;
                        }
index 325600e92e4dbc37e0df82ded6301809ad6a7b9d..3953c5b0e3cc37e52a3ca9696a43106fe22deb14 100644 (file)
@@ -1457,7 +1457,8 @@ BOOL domain_client_validate( char *user, char *domain,
    * PDC/BDC. Contact each in turn and try and authenticate.
    */
 
-  pserver = strdup(lp_passwordserver());
+  pserver = lp_passwordserver();
+  if (! *pserver) pserver = "*";
   p = pserver;
 
   while (!connected_ok &&
@@ -1469,8 +1470,6 @@ BOOL domain_client_validate( char *user, char *domain,
          }
   }
 
-  free(pserver);
-
   if (!connected_ok) {
     DEBUG(0,("domain_client_validate: Domain password server not available.\n"));
     cli_shutdown(&cli);