From fdfa760c8575c0813d137f8122d0c358e44a8b8d Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Sun, 7 Oct 2007 00:57:12 +0200 Subject: [PATCH] secur32: ntlm_auth returns BH if the connection to winbindd fails. --- dlls/secur32/ntlm.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/dlls/secur32/ntlm.c b/dlls/secur32/ntlm.c index 4ae00a4952f..e7003735b59 100644 --- a/dlls/secur32/ntlm.c +++ b/dlls/secur32/ntlm.c @@ -1138,6 +1138,10 @@ static SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext( TRACE("Reply from ntlm_auth: %s\n", debugstr_a(buffer)); + /* At this point, we get a NA if the user didn't authenticate, but a BH + * if ntlm_auth could not connect to winbindd. Apart from running Wine + * as root, there is no way to fix this for now, so just handle this as + * a failed login. */ if(strncmp(buffer, "AF ", 3) != 0) { if(strncmp(buffer, "NA ", 3) == 0) @@ -1147,7 +1151,18 @@ static SECURITY_STATUS SEC_ENTRY ntlm_AcceptSecurityContext( } else { - ret = SEC_E_INTERNAL_ERROR; + size_t ntlm_pipe_err_len = strlen("BH NT_STATUS_ACCESS_DENIED"); + + if( (buffer_len >= ntlm_pipe_err_len) && + (strncmp(buffer, "BH NT_STATUS_ACCESS_DENIED", + ntlm_pipe_err_len) == 0)) + { + TRACE("Connection to winbindd failed\n"); + ret = SEC_E_LOGON_DENIED; + } + else + ret = SEC_E_INTERNAL_ERROR; + goto asc_end; } }