diff options
| author | Andrew Tridgell <tridge@samba.org> | 2009-10-06 18:59:30 +1100 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2009-10-06 18:59:30 +1100 |
| commit | 0285d568c55410f3e2a5cfda5693873be2841151 (patch) | |
| tree | 4bda2ac3b1633da463e03190ba253e94a6d8e4e0 /source4/rpc_server/drsuapi/updaterefs.c | |
| parent | f800d4998dc5cfa1e8ed2639dc334add78ceaea5 (diff) | |
| download | samba-0285d568c55410f3e2a5cfda5693873be2841151.tar.gz samba-0285d568c55410f3e2a5cfda5693873be2841151.tar.bz2 samba-0285d568c55410f3e2a5cfda5693873be2841151.zip | |
s4-drs: take advantage of system session auth in dsbind
Now that the bind opens samdb with the right credentials, we no longer
need the re-open in updaterefs and getncchanges
Diffstat (limited to 'source4/rpc_server/drsuapi/updaterefs.c')
| -rw-r--r-- | source4/rpc_server/drsuapi/updaterefs.c | 29 |
1 files changed, 11 insertions, 18 deletions
diff --git a/source4/rpc_server/drsuapi/updaterefs.c b/source4/rpc_server/drsuapi/updaterefs.c index e12be6f058..d01fabf575 100644 --- a/source4/rpc_server/drsuapi/updaterefs.c +++ b/source4/rpc_server/drsuapi/updaterefs.c @@ -101,9 +101,13 @@ WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TA struct drsuapi_DsReplicaUpdateRefs *r) { struct drsuapi_DsReplicaUpdateRefsRequest1 *req; - struct ldb_context *sam_ctx; WERROR werr; struct ldb_dn *dn; + struct dcesrv_handle *h; + struct drsuapi_bind_state *b_state; + + DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE); + b_state = h->data; werr = drs_security_level_check(dce_call, "DsReplicaUpdateRefs"); if (!W_ERROR_IS_OK(werr)) { @@ -121,27 +125,18 @@ WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TA req->options, drs_ObjectIdentifier_to_string(mem_ctx, req->naming_context))); - /* TODO: We need to authenticate this operation pretty carefully */ - sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, - system_session(mem_ctx, dce_call->conn->dce_ctx->lp_ctx)); - if (!sam_ctx) { - return WERR_DS_DRA_INTERNAL_ERROR; - } - - dn = ldb_dn_new(mem_ctx, sam_ctx, req->naming_context->dn); + dn = ldb_dn_new(mem_ctx, b_state->sam_ctx, req->naming_context->dn); if (dn == NULL) { - talloc_free(sam_ctx); return WERR_DS_INVALID_DN_SYNTAX; } - if (ldb_transaction_start(sam_ctx) != LDB_SUCCESS) { + if (ldb_transaction_start(b_state->sam_ctx) != LDB_SUCCESS) { DEBUG(0,(__location__ ": Failed to start transaction on samdb\n")); - talloc_free(sam_ctx); return WERR_DS_DRA_INTERNAL_ERROR; } if (req->options & DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE) { - werr = uref_del_dest(sam_ctx, mem_ctx, dn, &req->dest_dsa_guid); + werr = uref_del_dest(b_state->sam_ctx, mem_ctx, dn, &req->dest_dsa_guid); if (!W_ERROR_IS_OK(werr)) { DEBUG(0,("Failed to delete repsTo for %s\n", GUID_string(dce_call, &req->dest_dsa_guid))); @@ -161,7 +156,7 @@ WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TA dest.source_dsa_obj_guid = req->dest_dsa_guid; dest.replica_flags = req->options; - werr = uref_add_dest(sam_ctx, mem_ctx, dn, &dest); + werr = uref_add_dest(b_state->sam_ctx, mem_ctx, dn, &dest); if (!W_ERROR_IS_OK(werr)) { DEBUG(0,("Failed to delete repsTo for %s\n", GUID_string(dce_call, &dest.source_dsa_obj_guid))); @@ -169,16 +164,14 @@ WERROR dcesrv_drsuapi_DsReplicaUpdateRefs(struct dcesrv_call_state *dce_call, TA } } - if (ldb_transaction_commit(sam_ctx) != LDB_SUCCESS) { + if (ldb_transaction_commit(b_state->sam_ctx) != LDB_SUCCESS) { DEBUG(0,(__location__ ": Failed to commit transaction on samdb\n")); return WERR_DS_DRA_INTERNAL_ERROR; } - talloc_free(sam_ctx); return WERR_OK; failed: - ldb_transaction_cancel(sam_ctx); - talloc_free(sam_ctx); + ldb_transaction_cancel(b_state->sam_ctx); return werr; } |