From c4006edf4022e4f80cda5afd427d43997299c890 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Tue, 28 Apr 2009 00:37:16 +0000 Subject: [PATCH] windows-smb-disable-loopback-check-20090427 LICENSE MIT Now that BackConnectionHostNames can be set each time the smb listener threads are stopped and restarted, we need to make sure that we do not clear the DisableLoopbackCheck value if it was set during the same service session because BackConnectionHostName value changes only take effect on a reboot. --- src/WINNT/afsd/smb.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/WINNT/afsd/smb.c b/src/WINNT/afsd/smb.c index 6d34102909..70d5f4bdf8 100644 --- a/src/WINNT/afsd/smb.c +++ b/src/WINNT/afsd/smb.c @@ -9439,6 +9439,9 @@ configureBackConnectionHostNames(void) * Starting in Longhorn Beta 1, an entry in the BackConnectionHostNames value will * force Windows to use the loopback authentication mechanism for the specified * services. + * + * Do not permit the "DisableLoopbackCheck" value to be removed within the same + * service session that set it. */ HKEY hkLsa; HKEY hkMSV10; @@ -9448,6 +9451,7 @@ configureBackConnectionHostNames(void) DWORD dwValue; PBYTE pHostNames = NULL, pName = NULL; BOOL bNameFound = FALSE; + static BOOL bLoopbackCheckDisabled = FALSE; /* BackConnectionHostNames and DisableLoopbackCheck */ if ( RegOpenKeyEx( HKEY_LOCAL_MACHINE, @@ -9521,12 +9525,13 @@ configureBackConnectionHostNames(void) dwSize = sizeof(DWORD); dwValue = 1; RegSetValueEx( hkClient, "RemoveDisableLoopbackCheck", 0, dwType, (LPBYTE)&dwValue, dwSize); + bLoopbackCheckDisabled = TRUE; RegCloseKey(hkClient); } RegCloseKey(hkLsa); } } - } else { + } else if (!bLoopbackCheckDisabled) { if (RegCreateKeyEx( HKEY_LOCAL_MACHINE, AFSREG_CLT_OPENAFS_SUBKEY, 0,