s4:rpc_server/lsa: remove trustAuthIncoming/trustAuthOutgoing when the related flag...

[obnox/samba/samba-obnox.git] / source4 / rpc_server / lsa / dcesrv_lsa.c
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c

index 6c09649aaa2fd2917b496aee8fcb0e1b0c4df55a..0aad375ccd9c8d6e7077116609edc8de6404c4f3 100644 (file)
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1600,13 +1600,12 @@ static NTSTATUS update_trust_user(TALLOC_CTX *mem_ctx,
  
  
  static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
-                                         struct dcesrv_handle *p_handle,
+                                         struct lsa_policy_state *p_state,
                                           TALLOC_CTX *mem_ctx,
                                           struct ldb_message *dom_msg,
                                           enum lsa_TrustDomInfoEnum level,
                                           union lsa_TrustedDomainInfo *info)
  {
-       struct lsa_policy_state *p_state = p_handle->data;
         uint32_t *posix_offset = NULL;
         struct lsa_TrustDomainInfoInfoEx *info_ex = NULL;
         struct lsa_TrustDomainInfoAuthInfo *auth_info = NULL;
@@ -1780,10 +1779,14 @@ static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
                 }
  
                 if (info_ex->trust_direction & LSA_TRUST_DIRECTION_INBOUND) {
-                       add_incoming = true;
+                       if (auth_info != NULL && trustAuthIncoming.length > 0) {
+                               add_incoming = true;
+                       }
                 }
                 if (info_ex->trust_direction & LSA_TRUST_DIRECTION_OUTBOUND) {
-                       add_outgoing = true;
+                       if (auth_info != NULL && trustAuthOutgoing.length > 0) {
+                               add_outgoing = true;
+                       }
                 }
  
                 if ((origdir & LSA_TRUST_DIRECTION_INBOUND) &&
@@ -1831,28 +1834,32 @@ static NTSTATUS setInfoTrustedDomain_base(struct dcesrv_call_state *dce_call,
                 }
         }
  
-       if (add_incoming && trustAuthIncoming.data) {
+       if (add_incoming || del_incoming) {
                 ret = ldb_msg_add_empty(msg, "trustAuthIncoming",
                                         LDB_FLAG_MOD_REPLACE, NULL);
                 if (ret != LDB_SUCCESS) {
                         return NT_STATUS_NO_MEMORY;
                 }
-               ret = ldb_msg_add_value(msg, "trustAuthIncoming",
-                                       &trustAuthIncoming, NULL);
-               if (ret != LDB_SUCCESS) {
-                       return NT_STATUS_NO_MEMORY;
+               if (add_incoming) {
+                       ret = ldb_msg_add_value(msg, "trustAuthIncoming",
+                                               &trustAuthIncoming, NULL);
+                       if (ret != LDB_SUCCESS) {
+                               return NT_STATUS_NO_MEMORY;
+                       }
                 }
         }
-       if (add_outgoing && trustAuthOutgoing.data) {
+       if (add_outgoing || del_outgoing) {
                 ret = ldb_msg_add_empty(msg, "trustAuthOutgoing",
                                         LDB_FLAG_MOD_REPLACE, NULL);
                 if (ret != LDB_SUCCESS) {
                         return NT_STATUS_NO_MEMORY;
                 }
-               ret = ldb_msg_add_value(msg, "trustAuthOutgoing",
-                                       &trustAuthOutgoing, NULL);
-               if (ret != LDB_SUCCESS) {
-                       return NT_STATUS_NO_MEMORY;
+               if (add_outgoing) {
+                       ret = ldb_msg_add_value(msg, "trustAuthOutgoing",
+                                               &trustAuthOutgoing, NULL);
+                       if (ret != LDB_SUCCESS) {
+                               return NT_STATUS_NO_MEMORY;
+                       }
                 }
         }
  
@@ -1942,7 +1949,7 @@ static NTSTATUS dcesrv_lsa_SetInformationTrustedDomain(
                 return NT_STATUS_INTERNAL_DB_CORRUPTION;
         }
  
-       return setInfoTrustedDomain_base(dce_call, h, mem_ctx,
+       return setInfoTrustedDomain_base(dce_call, td_state->policy, mem_ctx,
                                          msgs[0], r->in.level, r->in.info);
  }
  
@@ -2160,7 +2167,7 @@ static NTSTATUS dcesrv_lsa_SetTrustedDomainInfoByName(struct dcesrv_call_state *
                 return NT_STATUS_INTERNAL_DB_CORRUPTION;
         }
  
-       return setInfoTrustedDomain_base(dce_call, policy_handle, mem_ctx,
+       return setInfoTrustedDomain_base(dce_call, policy_state, mem_ctx,
                                          msgs[0], r->in.level, r->in.info);
  }