#include "librpc/gen_ndr/ndr_misc.h"
#include "librpc/rpc/dcerpc_proto.h"
#include "auth/credentials/credentials.h"
+#include "auth/gensec/gensec.h"
#include "param/param.h"
#include "librpc/rpc/rpc_common.h"
const struct ndr_interface_table *table;
struct loadparm_context *lp_ctx;
struct cli_credentials *credentials;
+ unsigned int logon_retries;
};
composite_continue(c, sec_conn_req, continue_ntlmssp_connection, c);
return;
} else if (NT_STATUS_EQUAL(c->status, NT_STATUS_LOGON_FAILURE)) {
- if (cli_credentials_wrong_password(s->credentials)) {
+ const char *principal;
+
+ principal = gensec_get_target_principal(s->pipe->conn->security_state.generic_state);
+ if (principal == NULL) {
+ const char *hostname = gensec_get_target_hostname(s->pipe->conn->security_state.generic_state);
+ const char *service = gensec_get_target_service(s->pipe->conn->security_state.generic_state);
+ if (hostname != NULL && service != NULL) {
+ principal = talloc_asprintf(c, "%s/%s", service, hostname);
+ }
+ }
+
+ if (cli_credentials_failed_kerberos_login(s->credentials, principal, &s->logon_retries) ||
+ cli_credentials_wrong_password(s->credentials)) {
/*
* Retry SPNEGO with a better password
* send a request for secondary rpc connection
git.samba.org / obnox / samba / samba-obnox.git / commitdiff