diff options
author | Garming Sam <garming@catalyst.net.nz> | 2017-04-20 16:55:58 +1200 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2017-05-30 08:06:07 +0200 |
commit | 8ae968193b7084af8bb0ccf7d624ff10e39d5715 (patch) | |
tree | f0ca2d52a2ff1e4fe7e8393c90630c64b43ae614 /libcli | |
parent | 29cccff500a74bb474c097eef89db016ce57569d (diff) | |
download | samba-8ae968193b7084af8bb0ccf7d624ff10e39d5715.tar.gz |
netlogon_creds_cli: Do not corrupt authenticator state on application level errors
If the NETLOGON response was an error e.g. NT_STATUS_NOT_IMPLEMENTED, any subsequent
calls failed with NT_STATUS_ACCESS_DENIED. This is likely to be the cause of RODC DNS
updates falling off and never continuing.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'libcli')
-rw-r--r-- | libcli/auth/netlogon_creds_cli.c | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/libcli/auth/netlogon_creds_cli.c b/libcli/auth/netlogon_creds_cli.c index d55142e3ee2..ff30354d60e 100644 --- a/libcli/auth/netlogon_creds_cli.c +++ b/libcli/auth/netlogon_creds_cli.c @@ -2800,19 +2800,20 @@ static void netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords_done(struct tev return; } - if (tevent_req_nterror(req, result)) { - netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords_cleanup(req, result); - return; - } - *state->creds = state->tmp_creds; status = netlogon_creds_cli_store(state->context, &state->creds); + if (tevent_req_nterror(req, status)) { netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords_cleanup(req, status); return; } + if (tevent_req_nterror(req, result)) { + netlogon_creds_cli_DsrUpdateReadOnlyServerDnsRecords_cleanup(req, result); + return; + } + tevent_req_done(req); } @@ -3052,11 +3053,6 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq return; } - if (tevent_req_nterror(req, result)) { - netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, result); - return; - } - cmp = memcmp(state->new_owf_password.hash, zero.hash, sizeof(zero.hash)); if (cmp != 0) { @@ -3078,6 +3074,11 @@ static void netlogon_creds_cli_ServerGetTrustInfo_done(struct tevent_req *subreq return; } + if (tevent_req_nterror(req, result)) { + netlogon_creds_cli_ServerGetTrustInfo_cleanup(req, result); + return; + } + tevent_req_done(req); } @@ -3347,19 +3348,20 @@ static void netlogon_creds_cli_GetForestTrustInformation_done(struct tevent_req return; } - if (tevent_req_nterror(req, result)) { - netlogon_creds_cli_GetForestTrustInformation_cleanup(req, result); - return; - } - *state->creds = state->tmp_creds; status = netlogon_creds_cli_store(state->context, &state->creds); + if (tevent_req_nterror(req, status)) { netlogon_creds_cli_GetForestTrustInformation_cleanup(req, status); return; } + if (tevent_req_nterror(req, result)) { + netlogon_creds_cli_GetForestTrustInformation_cleanup(req, result); + return; + } + tevent_req_done(req); } |