r11274: Start a connection attempt to the DC's port 389. To do this properly, make

socket_connect and ldap_connect properly async.

Volker
(This used to be commit bcc71fc1deeed443d7cf00220ce264011ddf588d)

5 files changed, 58 insertions, 37 deletions

diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c
index 35f3ec3bb7..29fd167a93 100644
--- a/source4/winbind/wb_async_helpers.c
+++ b/source4/winbind/wb_async_helpers.c
@@ -686,8 +686,7 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call)
 
 	state->domain = service->domains;
 
-	ctx = wb_init_domain_send(state->domain, result->event_ctx, 
-				  call->wbconn->conn->msg_ctx);
+	ctx = wb_init_domain_send(service, state->domain);
 	if (ctx == NULL) goto failed;
 	ctx->async.fn = cmd_checkmachacc_recv_init;
 	ctx->async.private_data = state;
diff --git a/source4/winbind/wb_domain_request.c b/source4/winbind/wb_domain_request.c
index b516331f8a..8c95c20a56 100644
--- a/source4/winbind/wb_domain_request.c
+++ b/source4/winbind/wb_domain_request.c
@@ -102,9 +102,7 @@ static void domain_request_recv_domain(struct composite_context *ctx)
 	state->domain->busy = True;
 
 	if (!state->domain->initialized) {
-		ctx = wb_init_domain_send(state->domain,
-					  state->service->task->event_ctx,
-					  state->service->task->msg_ctx);
+		ctx = wb_init_domain_send(state->service, state->domain);
 		composite_continue(state->ctx, ctx, domain_request_recv_init,
 				   state);
 		return;
diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c
index 7bed7e47ba..eaafdfafbe 100644
--- a/source4/winbind/wb_init_domain.c
+++ b/source4/winbind/wb_init_domain.c
@@ -65,9 +65,11 @@
 struct init_domain_state {
 	struct composite_context *ctx;
 	struct wbsrv_domain *domain;
+	struct wbsrv_service *service;
 
 	int num_dcs;
 	struct nbt_dc_name *dcs;
+	const char *dcaddr;
 
 	struct smb_composite_connect conn;
 
@@ -81,6 +83,8 @@ struct init_domain_state {
 	struct policy_handle *samr_handle;
 	struct policy_handle *domain_handle;
 
+	struct ldap_connection *ldap_conn;
+
 	struct lsa_QueryInfoPolicy queryinfo;
 };
 
@@ -91,11 +95,11 @@ static void init_domain_recv_netlogoncreds(struct composite_context *ctx);
 static void init_domain_recv_netlogonpipe(struct composite_context *ctx);
 static void init_domain_recv_lsa(struct composite_context *ctx);
 static void init_domain_recv_queryinfo(struct rpc_request *req);
+static void init_domain_recv_ldapconn(struct composite_context *ctx);
 static void init_domain_recv_samr(struct composite_context *ctx);
 
-struct composite_context *wb_init_domain_send(struct wbsrv_domain *domain,
-					      struct event_context *event_ctx,
-					      struct messaging_context *msg_ctx)
+struct composite_context *wb_init_domain_send(struct wbsrv_service *service,
+					      struct wbsrv_domain *domain)
 {
 	struct composite_context *result, *ctx;
 	struct init_domain_state *state;
@@ -104,13 +108,14 @@ struct composite_context *wb_init_domain_send(struct wbsrv_domain *domain,
 	if (result == NULL) goto failed;
 	result->state = COMPOSITE_STATE_IN_PROGRESS;
 	result->async.fn = NULL;
-	result->event_ctx = event_ctx;
+	result->event_ctx = service->task->event_ctx;
 
 	state = talloc_zero(result, struct init_domain_state);
 	if (state == NULL) goto failed;
 	state->ctx = result;
 	result->private_data = state;
 
+	state->service = service;
 	state->domain = domain;
 
 	if (domain->dcname != NULL) {
@@ -136,7 +141,8 @@ struct composite_context *wb_init_domain_send(struct wbsrv_domain *domain,
 						    schannel_creds);
 	if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed;
 
-	ctx = wb_finddcs_send(domain->name, domain->sid, event_ctx, msg_ctx);
+	ctx = wb_finddcs_send(domain->name, domain->sid, result->event_ctx,
+			      service->task->msg_ctx);
 	if (ctx == NULL) goto failed;
 
 	ctx->async.fn = init_domain_recv_dcs;
@@ -163,6 +169,8 @@ static void init_domain_recv_dcs(struct composite_context *ctx)
 		return;
 	}
 
+	state->dcaddr = state->dcs[0].address;
+
 	state->conn.in.dest_host = state->dcs[0].address;
 	state->conn.in.port = 0;
 	state->conn.in.called_name = state->dcs[0].name;
@@ -193,12 +201,11 @@ static void init_domain_recv_dcip(struct composite_context *ctx)
 	struct init_domain_state *state =
 		talloc_get_type(ctx->async.private_data,
 				struct init_domain_state);
-	const char *dcaddr;
 
-	state->ctx->status = resolve_name_recv(ctx, state, &dcaddr);
+	state->ctx->status = resolve_name_recv(ctx, state, &state->dcaddr);
 	if (!composite_is_ok(state->ctx)) return;
 
-	state->conn.in.dest_host = dcaddr;
+	state->conn.in.dest_host = state->dcaddr;
 	state->conn.in.port = 0;
 	state->conn.in.called_name = state->domain->dcname;
 	state->conn.in.service = "IPC$";
@@ -218,24 +225,24 @@ static void init_domain_recv_tree(struct composite_context *ctx)
 	struct init_domain_state *state =
 		talloc_get_type(ctx->async.private_data,
 				struct init_domain_state);
-
 	state->ctx->status = smb_composite_connect_recv(ctx, state);
 	if (!composite_is_ok(state->ctx)) return;
 
-	if ((state->domain->schannel_creds == NULL) ||
-	    cli_credentials_is_anonymous(state->domain->schannel_creds)) {
-		/* No chance to open netlogon */
-		ctx = wb_connect_lsa_send(state->conn.out.tree, NULL);
+	if ((state->domain->schannel_creds != NULL) &&
+	    (!cli_credentials_is_anonymous(state->domain->schannel_creds)) &&
+	    ((lp_server_role() == ROLE_DOMAIN_MEMBER) &&
+	     (dom_sid_equal(state->domain->sid,
+			    state->service->primary_sid)))) {
+		ctx = wb_get_schannel_creds_send(state->domain->schannel_creds,
+						 state->conn.out.tree,
+						 state->ctx->event_ctx);
 		composite_continue(state->ctx, ctx,
-				   init_domain_recv_lsa, state);
+				   init_domain_recv_netlogoncreds, state);
 		return;
 	}
 
-	ctx = wb_get_schannel_creds_send(state->domain->schannel_creds,
-					 state->conn.out.tree,
-					 state->ctx->event_ctx);
-	composite_continue(state->ctx, ctx,
-			   init_domain_recv_netlogoncreds, state);
+	ctx = wb_connect_lsa_send(state->conn.out.tree, NULL);
+	composite_continue(state->ctx, ctx, init_domain_recv_lsa, state);
 }
 
 static void init_domain_recv_netlogoncreds(struct composite_context *ctx)
@@ -337,6 +344,7 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
 		talloc_get_type(req->async.private, struct init_domain_state);
 	struct lsa_DomainInfo *dominfo;
 	struct composite_context *ctx;
+	const char *ldap_url;
 
 	state->ctx->status = dcerpc_ndr_request_recv(req);
 	if (!composite_is_ok(state->ctx)) return;
@@ -363,6 +371,26 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
 		return;
 	}
 
+	state->ldap_conn = ldap_new_connection(state, state->ctx->event_ctx);
+	composite_nomem(state->ldap_conn, state->ctx);
+
+	ldap_url = talloc_asprintf(state, "ldap://%s/", state->dcaddr);
+	composite_nomem(ldap_url, state->ctx);
+
+	ctx = ldap_connect_send(state->ldap_conn, ldap_url);
+	composite_continue(state->ctx, ctx, init_domain_recv_ldapconn, state);
+}
+
+static void init_domain_recv_ldapconn(struct composite_context *ctx)
+{
+	struct init_domain_state *state =
+		talloc_get_type(ctx->async.private_data,
+				struct init_domain_state);
+
+	state->ctx->status = ldap_connect_recv(ctx);
+	DEBUG(0, ("ldap_connect returned %s\n",
+		  nt_errstr(state->ctx->status)));
+
 	state->samr_pipe = dcerpc_pipe_init(state, state->ctx->event_ctx);
 	if (composite_nomem(state->samr_pipe, state->ctx)) return;
 
@@ -370,8 +398,7 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
 				  state->domain->lsa_auth_type,
 				  state->domain->schannel_creds,
 				  state->domain->sid);
-	composite_continue(state->ctx, ctx,
-			   init_domain_recv_samr, state);
+	composite_continue(state->ctx, ctx, init_domain_recv_samr, state);
 }
 
 static void init_domain_recv_samr(struct composite_context *ctx)
@@ -431,11 +458,10 @@ NTSTATUS wb_init_domain_recv(struct composite_context *c)
 	return status;
 }
 
-NTSTATUS wb_init_domain(struct wbsrv_domain *domain,
-			struct event_context *event_ctx,
-			struct messaging_context *messaging_ctx)
+NTSTATUS wb_init_domain(struct wbsrv_service *service,
+			struct wbsrv_domain *domain)
 {
 	struct composite_context *c =
-		wb_init_domain_send(domain, event_ctx, messaging_ctx);
+		wb_init_domain_send(service, domain);
 	return wb_init_domain_recv(c);
 }
diff --git a/source4/winbind/wb_server.h b/source4/winbind/wb_server.h
index 30737bccbf..501924fc01 100644
--- a/source4/winbind/wb_server.h
+++ b/source4/winbind/wb_server.h
@@ -62,6 +62,8 @@ struct wbsrv_domain {
 	struct policy_handle *samr_handle;
 	struct policy_handle *domain_handle;
 
+	struct ldap_connection *ldap_conn;
+
 	struct dcerpc_pipe *netlogon_auth2_pipe;
 	struct dcerpc_pipe *netlogon_pipe;
 	struct cli_credentials *schannel_creds;
diff --git a/source4/winbind/wb_sid2domain.c b/source4/winbind/wb_sid2domain.c
index 8249d6c7d3..83e81e1cd0 100644
--- a/source4/winbind/wb_sid2domain.c
+++ b/source4/winbind/wb_sid2domain.c
@@ -110,9 +110,7 @@ struct composite_context *wb_sid2domain_send(struct wbsrv_service *service,
 	if (state->result != NULL) {
 		result->status = NT_STATUS_OK;
 		if (!state->result->initialized) {
-			ctx = wb_init_domain_send(state->result,
-						  service->task->event_ctx,
-						  service->task->msg_ctx);
+			ctx = wb_init_domain_send(service, state->result);
 			if (ctx == NULL) goto failed;
 			ctx->async.fn = sid2domain_recv_init;
 			ctx->async.private_data = state;
@@ -186,14 +184,12 @@ static void sid2domain_recv_dcname(struct composite_context *ctx)
 	state->result->schannel_creds = cli_credentials_init(state->result);
 	if (composite_nomem(state->result->schannel_creds, state->ctx)) return;
 	cli_credentials_set_conf(state->result->schannel_creds);
-	cli_credentials_set_anonymous(state->result->schannel_creds);
+	cli_credentials_set_machine_account(state->result->schannel_creds);
 
 	talloc_steal(state->service, state->result);
 	DLIST_ADD(state->service->domains, state->result);
 
-	ctx = wb_init_domain_send(state->result,
-				  state->service->task->event_ctx,
-				  state->service->task->msg_ctx);
+	ctx = wb_init_domain_send(state->service, state->result);
 	composite_continue(state->ctx, ctx, sid2domain_recv_init, state);
 }