summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2007-07-23 02:56:51 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 15:01:16 -0500
commitdc25ec5ce736b21cdcccddff12e6c9d9c0706df8 (patch)
tree4d2cad905540139f8575c7cfb3de34a54dc076e5
parentae0115d8dbf05c52c631ea915f036a2129cd033e (diff)
downloadsamba-dc25ec5ce736b21cdcccddff12e6c9d9c0706df8.tar.gz
samba-dc25ec5ce736b21cdcccddff12e6c9d9c0706df8.tar.bz2
samba-dc25ec5ce736b21cdcccddff12e6c9d9c0706df8.zip
r23995: Work to allow mimir's libnet code to be called from winbind.
We now setup a libnet_ctx for each domain. We should then be able to replace/merge some more of the winbind code with libnet calls, referencing domain->libnet_ctx. Andrew Bartlett (This used to be commit bad2dc14d704be59300f619c84694c11620559e0)
-rw-r--r--source4/winbind/wb_cmd_list_trustdom.c2
-rw-r--r--source4/winbind/wb_cmd_lookupname.c4
-rw-r--r--source4/winbind/wb_cmd_lookupsid.c4
-rw-r--r--source4/winbind/wb_cmd_userdomgroups.c13
-rw-r--r--source4/winbind/wb_cmd_usersids.c4
-rw-r--r--source4/winbind/wb_connect_sam.c10
-rw-r--r--source4/winbind/wb_init_domain.c59
-rw-r--r--source4/winbind/wb_sam_logon.c4
-rw-r--r--source4/winbind/wb_server.h10
9 files changed, 53 insertions, 57 deletions
diff --git a/source4/winbind/wb_cmd_list_trustdom.c b/source4/winbind/wb_cmd_list_trustdom.c
index d849658d7b..83bd517a02 100644
--- a/source4/winbind/wb_cmd_list_trustdom.c
+++ b/source4/winbind/wb_cmd_list_trustdom.c
@@ -81,7 +81,7 @@ static void cmd_list_trustdoms_recv_domain(struct composite_context *ctx)
state->ctx->status = wb_sid2domain_recv(ctx, &domain);
if (!composite_is_ok(state->ctx)) return;
- tree = dcerpc_smb_tree(domain->lsa_pipe->conn);
+ tree = dcerpc_smb_tree(domain->libnet_ctx->lsa.pipe->conn);
if (composite_nomem(tree, state->ctx)) return;
ctx = wb_init_lsa_send(state, domain);
diff --git a/source4/winbind/wb_cmd_lookupname.c b/source4/winbind/wb_cmd_lookupname.c
index 8eed5b2d71..9839e2cd80 100644
--- a/source4/winbind/wb_cmd_lookupname.c
+++ b/source4/winbind/wb_cmd_lookupname.c
@@ -76,8 +76,8 @@ static void lookupname_recv_domain(struct composite_context *ctx)
state->ctx->status = wb_sid2domain_recv(ctx, &domain);
if (!composite_is_ok(state->ctx)) return;
- ctx = wb_lsa_lookupnames_send(state, domain->lsa_pipe,
- domain->lsa_policy_handle, 1, &state->name);
+ ctx = wb_lsa_lookupnames_send(state, domain->libnet_ctx->lsa.pipe,
+ &domain->libnet_ctx->lsa.handle, 1, &state->name);
composite_continue(state->ctx, ctx, lookupname_recv_sids, state);
}
diff --git a/source4/winbind/wb_cmd_lookupsid.c b/source4/winbind/wb_cmd_lookupsid.c
index e555c4ba8c..2d72ae2072 100644
--- a/source4/winbind/wb_cmd_lookupsid.c
+++ b/source4/winbind/wb_cmd_lookupsid.c
@@ -76,8 +76,8 @@ static void lookupsid_recv_domain(struct composite_context *ctx)
state->ctx->status = wb_sid2domain_recv(ctx, &domain);
if (!composite_is_ok(state->ctx)) return;
- ctx = wb_lsa_lookupsids_send(state, domain->lsa_pipe,
- domain->lsa_policy_handle, 1, &state->sid);
+ ctx = wb_lsa_lookupsids_send(state, domain->libnet_ctx->lsa.pipe,
+ &domain->libnet_ctx->lsa.handle, 1, &state->sid);
composite_continue(state->ctx, ctx, lookupsid_recv_names, state);
}
diff --git a/source4/winbind/wb_cmd_userdomgroups.c b/source4/winbind/wb_cmd_userdomgroups.c
index d6091b745e..649fe489cc 100644
--- a/source4/winbind/wb_cmd_userdomgroups.c
+++ b/source4/winbind/wb_cmd_userdomgroups.c
@@ -59,11 +59,12 @@ struct composite_context *wb_cmd_userdomgroups_send(TALLOC_CTX *mem_ctx,
state->user_rid = sid->sub_auths[sid->num_auths-1];
ctx = wb_sid2domain_send(state, service, sid);
- if (ctx == NULL) goto failed;
- ctx->async.fn = userdomgroups_recv_domain;
- ctx->async.private_data = state;
- return result;
+ composite_continue(state->ctx, ctx, userdomgroups_recv_domain, state);
+
+ if (ctx) {
+ return result;
+ }
failed:
talloc_free(result);
@@ -80,8 +81,8 @@ static void userdomgroups_recv_domain(struct composite_context *ctx)
state->ctx->status = wb_sid2domain_recv(ctx, &domain);
if (!composite_is_ok(state->ctx)) return;
- ctx = wb_samr_userdomgroups_send(state, domain->samr_pipe,
- domain->domain_handle,
+ ctx = wb_samr_userdomgroups_send(state, domain->libnet_ctx->samr.pipe,
+ &domain->libnet_ctx->samr.handle,
state->user_rid);
composite_continue(state->ctx, ctx, userdomgroups_recv_rids, state);
diff --git a/source4/winbind/wb_cmd_usersids.c b/source4/winbind/wb_cmd_usersids.c
index f967dc83d9..b414cf6313 100644
--- a/source4/winbind/wb_cmd_usersids.c
+++ b/source4/winbind/wb_cmd_usersids.c
@@ -122,11 +122,11 @@ static void usersids_recv_domain(struct composite_context *ctx)
state->rids.count = 0;
state->rids.ids = NULL;
- state->r.in.domain_handle = domain->domain_handle;
+ state->r.in.domain_handle = &domain->libnet_ctx->samr.handle;
state->r.in.sids = &state->lsa_sids;
state->r.out.rids = &state->rids;
- req = dcerpc_samr_GetAliasMembership_send(domain->samr_pipe, state,
+ req = dcerpc_samr_GetAliasMembership_send(domain->libnet_ctx->samr.pipe, state,
&state->r);
composite_continue_rpc(state->ctx, req, usersids_recv_aliases, state);
}
diff --git a/source4/winbind/wb_connect_sam.c b/source4/winbind/wb_connect_sam.c
index 935ba266d3..e9adce9c19 100644
--- a/source4/winbind/wb_connect_sam.c
+++ b/source4/winbind/wb_connect_sam.c
@@ -70,7 +70,7 @@ struct composite_context *wb_connect_samr_send(TALLOC_CTX *mem_ctx,
ctx = dcerpc_secondary_auth_connection_send(domain->netlogon_pipe,
domain->samr_binding,
&dcerpc_table_samr,
- domain->schannel_creds);
+ domain->libnet_ctx->cred);
composite_continue(state->ctx, ctx, connect_samr_recv_pipe, state);
return result;
@@ -145,8 +145,8 @@ static void connect_samr_recv_open(struct rpc_request *req)
NTSTATUS wb_connect_samr_recv(struct composite_context *c,
TALLOC_CTX *mem_ctx,
struct dcerpc_pipe **samr_pipe,
- struct policy_handle **connect_handle,
- struct policy_handle **domain_handle)
+ struct policy_handle *connect_handle,
+ struct policy_handle *domain_handle)
{
NTSTATUS status = composite_wait(c);
if (NT_STATUS_IS_OK(status)) {
@@ -154,8 +154,8 @@ NTSTATUS wb_connect_samr_recv(struct composite_context *c,
talloc_get_type(c->private_data,
struct connect_samr_state);
*samr_pipe = talloc_steal(mem_ctx, state->samr_pipe);
- *connect_handle = talloc_steal(mem_ctx, state->connect_handle);
- *domain_handle = talloc_steal(mem_ctx, state->domain_handle);
+ *connect_handle = *state->connect_handle;
+ *domain_handle = *state->domain_handle;
}
talloc_free(c);
return status;
diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c
index cdc1491f2b..eabb23dd45 100644
--- a/source4/winbind/wb_init_domain.c
+++ b/source4/winbind/wb_init_domain.c
@@ -142,25 +142,26 @@ struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx,
state->domain->dc_name = dom_info->dcs[0].name;
state->domain->dc_address = dom_info->dcs[0].address;
+ state->domain->libnet_ctx = libnet_context_init(service->task->event_ctx);
+
/* Create a credentials structure */
- state->domain->schannel_creds = cli_credentials_init(state->domain);
- if (state->domain->schannel_creds == NULL) goto failed;
+ state->domain->libnet_ctx->cred = cli_credentials_init(state->domain);
+ if (state->domain->libnet_ctx->cred == NULL) goto failed;
- cli_credentials_set_event_context(state->domain->schannel_creds, service->task->event_ctx);
+ cli_credentials_set_event_context(state->domain->libnet_ctx->cred, service->task->event_ctx);
- cli_credentials_set_conf(state->domain->schannel_creds);
+ cli_credentials_set_conf(state->domain->libnet_ctx->cred);
/* Connect the machine account to the credentials */
state->ctx->status =
- cli_credentials_set_machine_account(state->domain->
- schannel_creds);
+ cli_credentials_set_machine_account(state->domain->libnet_ctx->cred);
if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed;
state->domain->netlogon_binding = init_domain_binding(state, &dcerpc_table_netlogon);
state->domain->netlogon_pipe = NULL;
- if ((!cli_credentials_is_anonymous(state->domain->schannel_creds)) &&
+ if ((!cli_credentials_is_anonymous(state->domain->libnet_ctx->cred)) &&
((lp_server_role() == ROLE_DOMAIN_MEMBER) ||
(lp_server_role() == ROLE_DOMAIN_CONTROLLER)) &&
(dom_sid_equal(state->domain->info->sid,
@@ -179,7 +180,7 @@ struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx,
ctx = dcerpc_pipe_connect_b_send(state, state->domain->netlogon_binding,
&dcerpc_table_netlogon,
- state->domain->schannel_creds,
+ state->domain->libnet_ctx->cred,
service->task->event_ctx);
if (composite_nomem(ctx, state->ctx)) {
@@ -220,14 +221,14 @@ static void init_domain_recv_netlogonpipe(struct composite_context *ctx)
state->domain->lsa_binding->flags |= (DCERPC_SIGN);
}
- state->domain->lsa_pipe = NULL;
+ state->domain->libnet_ctx->lsa.pipe = NULL;
/* this will make the secondary connection on the same IPC$ share,
secured with SPNEGO or NTLMSSP */
ctx = dcerpc_secondary_auth_connection_send(state->domain->netlogon_pipe,
state->domain->lsa_binding,
&dcerpc_table_lsarpc,
- state->domain->schannel_creds
+ state->domain->libnet_ctx->cred
);
composite_continue(state->ctx, ctx, init_domain_recv_lsa_pipe, state);
}
@@ -253,7 +254,7 @@ static bool retry_with_schannel(struct init_domain_state *state,
ctx = dcerpc_secondary_auth_connection_send(state->domain->netlogon_pipe,
binding,
table,
- state->domain->schannel_creds);
+ state->domain->libnet_ctx->cred);
composite_continue(state->ctx, ctx, continuation, state);
return true;
} else {
@@ -271,7 +272,7 @@ static void init_domain_recv_lsa_pipe(struct composite_context *ctx)
struct init_domain_state);
state->ctx->status = dcerpc_secondary_auth_connection_recv(ctx, state->domain,
- &state->domain->lsa_pipe);
+ &state->domain->libnet_ctx->lsa.pipe);
if (NT_STATUS_EQUAL(state->ctx->status, NT_STATUS_LOGON_FAILURE)) {
if (retry_with_schannel(state, state->domain->lsa_binding,
&dcerpc_table_lsarpc,
@@ -281,21 +282,19 @@ static void init_domain_recv_lsa_pipe(struct composite_context *ctx)
}
if (!composite_is_ok(state->ctx)) return;
- talloc_steal(state->domain, state->domain->lsa_pipe);
- talloc_steal(state->domain->lsa_pipe, state->domain->lsa_binding);
-
- state->domain->lsa_policy_handle = talloc(state, struct policy_handle);
- if (composite_nomem(state->domain->lsa_policy_handle, state->ctx)) return;
+ talloc_steal(state->domain->libnet_ctx, state->domain->libnet_ctx->lsa.pipe);
+ talloc_steal(state->domain->libnet_ctx->lsa.pipe, state->domain->lsa_binding);
+ ZERO_STRUCT(state->domain->libnet_ctx->lsa.handle);
state->lsa_openpolicy.in.system_name =
talloc_asprintf(state, "\\\\%s",
- dcerpc_server_name(state->domain->lsa_pipe));
+ dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe));
ZERO_STRUCT(state->objectattr);
state->lsa_openpolicy.in.attr = &state->objectattr;
state->lsa_openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- state->lsa_openpolicy.out.handle = state->domain->lsa_policy_handle;
+ state->lsa_openpolicy.out.handle = &state->domain->libnet_ctx->lsa.handle;
- req = dcerpc_lsa_OpenPolicy2_send(state->domain->lsa_pipe, state,
+ req = dcerpc_lsa_OpenPolicy2_send(state->domain->libnet_ctx->lsa.pipe, state,
&state->lsa_openpolicy);
composite_continue_rpc(state->ctx, req, init_domain_recv_lsa_policy, state);
@@ -323,10 +322,10 @@ static void init_domain_recv_lsa_policy(struct rpc_request *req)
state->ctx->status = state->lsa_openpolicy.out.result;
if (!composite_is_ok(state->ctx)) return;
- state->queryinfo.in.handle = state->domain->lsa_policy_handle;
+ state->queryinfo.in.handle = &state->domain->libnet_ctx->lsa.handle;
state->queryinfo.in.level = LSA_POLICY_INFO_ACCOUNT_DOMAIN;
- req = dcerpc_lsa_QueryInfoPolicy_send(state->domain->lsa_pipe, state,
+ req = dcerpc_lsa_QueryInfoPolicy_send(state->domain->libnet_ctx->lsa.pipe, state,
&state->queryinfo);
composite_continue_rpc(state->ctx, req,
init_domain_recv_queryinfo, state);
@@ -349,7 +348,7 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
if (strcasecmp(state->domain->info->name, dominfo->name.string) != 0) {
DEBUG(2, ("Expected domain name %s, DC %s said %s\n",
state->domain->info->name,
- dcerpc_server_name(state->domain->lsa_pipe),
+ dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe),
dominfo->name.string));
composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
return;
@@ -358,7 +357,7 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
if (!dom_sid_equal(state->domain->info->sid, dominfo->sid)) {
DEBUG(2, ("Expected domain sid %s, DC %s said %s\n",
dom_sid_string(state, state->domain->info->sid),
- dcerpc_server_name(state->domain->lsa_pipe),
+ dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe),
dom_sid_string(state, dominfo->sid)));
composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
return;
@@ -370,7 +369,7 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
* it needed schannel, then we need that here too) */
state->domain->samr_binding->flags = state->domain->lsa_binding->flags;
- state->domain->samr_pipe = NULL;
+ state->domain->libnet_ctx->samr.pipe = NULL;
ctx = wb_connect_samr_send(state, state->domain);
composite_continue(state->ctx, ctx, init_domain_recv_samr, state);
@@ -387,12 +386,12 @@ static void init_domain_recv_samr(struct composite_context *ctx)
state->ctx->status = wb_connect_samr_recv(
ctx, state->domain,
- &state->domain->samr_pipe,
- &state->domain->samr_handle,
- &state->domain->domain_handle);
+ &state->domain->libnet_ctx->samr.pipe,
+ &state->domain->libnet_ctx->samr.handle,
+ &state->domain->libnet_ctx->samr.handle);
if (!composite_is_ok(state->ctx)) return;
- talloc_steal(state->domain->samr_pipe, state->domain->samr_binding);
+ talloc_steal(state->domain->libnet_ctx->samr.pipe, state->domain->samr_binding);
state->domain->ldap_conn =
ldap4_new_connection(state->domain, state->ctx->event_ctx);
@@ -419,7 +418,7 @@ static void init_domain_recv_ldapconn(struct composite_context *ctx)
state->domain->dc_name);
state->ctx->status =
ldap_bind_sasl(state->domain->ldap_conn,
- state->domain->schannel_creds);
+ state->domain->libnet_ctx->cred);
DEBUG(0, ("ldap_bind returned %s\n",
nt_errstr(state->ctx->status)));
}
diff --git a/source4/winbind/wb_sam_logon.c b/source4/winbind/wb_sam_logon.c
index 669d63f791..c9203c8bec 100644
--- a/source4/winbind/wb_sam_logon.c
+++ b/source4/winbind/wb_sam_logon.c
@@ -85,14 +85,14 @@ static void wb_sam_logon_recv_domain(struct composite_context *creq)
s->ctx->status = wb_sid2domain_recv(creq, &domain);
if (!composite_is_ok(s->ctx)) return;
- s->creds_state = cli_credentials_get_netlogon_creds(domain->schannel_creds);
+ s->creds_state = cli_credentials_get_netlogon_creds(domain->libnet_ctx->cred);
creds_client_authenticator(s->creds_state, &s->auth1);
s->r.in.server_name = talloc_asprintf(s, "\\\\%s",
dcerpc_server_name(domain->netlogon_pipe));
if (composite_nomem(s->r.in.server_name, s->ctx)) return;
- s->r.in.computer_name = cli_credentials_get_workstation(domain->schannel_creds);
+ s->r.in.computer_name = cli_credentials_get_workstation(domain->libnet_ctx->cred);
s->r.in.credential = &s->auth1;
s->r.in.return_authenticator = &s->auth2;
s->r.in.logon_level = s->req->in.logon_level;
diff --git a/source4/winbind/wb_server.h b/source4/winbind/wb_server.h
index 47ebcb2371..a9b63dd266 100644
--- a/source4/winbind/wb_server.h
+++ b/source4/winbind/wb_server.h
@@ -21,7 +21,7 @@
#include "nsswitch/winbind_nss_config.h"
#include "nsswitch/winbindd_nss.h"
-
+#include "libnet/libnet.h"
#define WINBINDD_SAMBA3_SOCKET "pipe"
@@ -62,20 +62,16 @@ struct wbsrv_domain {
const char *dc_address;
const char *dc_name;
- struct dcerpc_pipe *lsa_pipe;
- struct policy_handle *lsa_policy_handle;
+ struct libnet_context *libnet_ctx;
+
struct dcerpc_binding *lsa_binding;
- struct dcerpc_pipe *samr_pipe;
- struct policy_handle *samr_handle;
- struct policy_handle *domain_handle;
struct dcerpc_binding *samr_binding;
struct ldap_connection *ldap_conn;
struct dcerpc_pipe *netlogon_pipe;
struct dcerpc_binding *netlogon_binding;
- struct cli_credentials *schannel_creds;
};
/*