s3:passdb: let pdb_get_trust_credentials() try pdb_get_trusteddom_creds() first

NT_STATUS_NOT_IMPLEMENTED lets it fallback to the old get_trust_pw_clear2()
code.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11016

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Dec 18 06:46:05 CET 2014 on sn-devel-104

diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 02f0a78e226ede4da6b9995f46b87663e6de0aab..f071027cc43b58ed7a6b1d5c13adea0c0a6dba45 100644 (file)
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -2523,27 +2523,6 @@ NTSTATUS pdb_get_trust_credentials(const char *netbios_domain,
        struct cli_credentials *creds = NULL;
        bool ok;
 
-       lp_ctx = loadparm_init_s3(frame, loadparm_s3_helpers());
-       if (lp_ctx == NULL) {
-               DEBUG(1, ("loadparm_init_s3 failed\n"));
-               status = NT_STATUS_INTERNAL_ERROR;
-               goto fail;
-       }
-
-       creds = cli_credentials_init(mem_ctx);
-       if (creds == NULL) {
-               status = NT_STATUS_NO_MEMORY;
-               goto fail;
-       }
-
-       cli_credentials_set_conf(creds, lp_ctx);
-
-       ok = cli_credentials_set_domain(creds, netbios_domain, CRED_SPECIFIED);
-       if (!ok) {
-               status = NT_STATUS_NO_MEMORY;
-               goto fail;
-       }
-
        /*
         * If this is our primary trust relationship, use the common
         * code to read the secrets.ldb or secrets.tdb file.
@@ -2557,6 +2536,27 @@ NTSTATUS pdb_get_trust_credentials(const char *netbios_domain,
                        goto fail;
                }
 
+               lp_ctx = loadparm_init_s3(frame, loadparm_s3_helpers());
+               if (lp_ctx == NULL) {
+                       DEBUG(1, ("loadparm_init_s3 failed\n"));
+                       status = NT_STATUS_INTERNAL_ERROR;
+                       goto fail;
+               }
+
+               creds = cli_credentials_init(mem_ctx);
+               if (creds == NULL) {
+                       status = NT_STATUS_NO_MEMORY;
+                       goto fail;
+               }
+
+               cli_credentials_set_conf(creds, lp_ctx);
+
+               ok = cli_credentials_set_domain(creds, netbios_domain, CRED_SPECIFIED);
+               if (!ok) {
+                       status = NT_STATUS_NO_MEMORY;
+                       goto fail;
+               }
+
                status = cli_credentials_set_machine_account_db_ctx(creds,
                                                                    lp_ctx,
                                                                    db_ctx);
@@ -2573,6 +2573,14 @@ NTSTATUS pdb_get_trust_credentials(const char *netbios_domain,
                goto fail;
        }
 
+       status = pdb_get_trusteddom_creds(netbios_domain, mem_ctx, &creds);
+       if (NT_STATUS_IS_OK(status)) {
+               goto done;
+       }
+       if (!NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)) {
+               goto fail;
+       }
+
        ok = get_trust_pw_clear2(netbios_domain,
                                 &_account_name,
                                 &channel,
@@ -2600,6 +2608,21 @@ NTSTATUS pdb_get_trust_credentials(const char *netbios_domain,
                goto fail;
        }
 
+       lp_ctx = loadparm_init_s3(frame, loadparm_s3_helpers());
+       if (lp_ctx == NULL) {
+               DEBUG(1, ("loadparm_init_s3 failed\n"));
+               status = NT_STATUS_INTERNAL_ERROR;
+               goto fail;
+       }
+
+       creds = cli_credentials_init(mem_ctx);
+       if (creds == NULL) {
+               status = NT_STATUS_NO_MEMORY;
+               goto fail;
+       }
+
+       cli_credentials_set_conf(creds, lp_ctx);
+
        cli_credentials_set_secure_channel_type(creds, channel);
        cli_credentials_set_password_last_changed_time(creds, last_set_time);