summaryrefslogtreecommitdiff
path: root/source4/winbind
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2005-10-24 09:34:12 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:45:12 -0500
commitd6e070b74af8891c5e6ee15d57f8c0db3aac2f14 (patch)
tree8fcc8ec487b6cd8443b10760d3e487a6462a1fa3 /source4/winbind
parentef57650d6e47ead5b56934d0d38eefb389f364f5 (diff)
downloadsamba-d6e070b74af8891c5e6ee15d57f8c0db3aac2f14.tar.gz
samba-d6e070b74af8891c5e6ee15d57f8c0db3aac2f14.tar.bz2
samba-d6e070b74af8891c5e6ee15d57f8c0db3aac2f14.zip
r11274: Start a connection attempt to the DC's port 389. To do this properly, make
socket_connect and ldap_connect properly async. Volker (This used to be commit bcc71fc1deeed443d7cf00220ce264011ddf588d)
Diffstat (limited to 'source4/winbind')
-rw-r--r--source4/winbind/wb_async_helpers.c3
-rw-r--r--source4/winbind/wb_domain_request.c4
-rw-r--r--source4/winbind/wb_init_domain.c76
-rw-r--r--source4/winbind/wb_server.h2
-rw-r--r--source4/winbind/wb_sid2domain.c10
5 files changed, 58 insertions, 37 deletions
diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c
index 35f3ec3bb7..29fd167a93 100644
--- a/source4/winbind/wb_async_helpers.c
+++ b/source4/winbind/wb_async_helpers.c
@@ -686,8 +686,7 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call)
state->domain = service->domains;
- ctx = wb_init_domain_send(state->domain, result->event_ctx,
- call->wbconn->conn->msg_ctx);
+ ctx = wb_init_domain_send(service, state->domain);
if (ctx == NULL) goto failed;
ctx->async.fn = cmd_checkmachacc_recv_init;
ctx->async.private_data = state;
diff --git a/source4/winbind/wb_domain_request.c b/source4/winbind/wb_domain_request.c
index b516331f8a..8c95c20a56 100644
--- a/source4/winbind/wb_domain_request.c
+++ b/source4/winbind/wb_domain_request.c
@@ -102,9 +102,7 @@ static void domain_request_recv_domain(struct composite_context *ctx)
state->domain->busy = True;
if (!state->domain->initialized) {
- ctx = wb_init_domain_send(state->domain,
- state->service->task->event_ctx,
- state->service->task->msg_ctx);
+ ctx = wb_init_domain_send(state->service, state->domain);
composite_continue(state->ctx, ctx, domain_request_recv_init,
state);
return;
diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c
index 7bed7e47ba..eaafdfafbe 100644
--- a/source4/winbind/wb_init_domain.c
+++ b/source4/winbind/wb_init_domain.c
@@ -65,9 +65,11 @@
struct init_domain_state {
struct composite_context *ctx;
struct wbsrv_domain *domain;
+ struct wbsrv_service *service;
int num_dcs;
struct nbt_dc_name *dcs;
+ const char *dcaddr;
struct smb_composite_connect conn;
@@ -81,6 +83,8 @@ struct init_domain_state {
struct policy_handle *samr_handle;
struct policy_handle *domain_handle;
+ struct ldap_connection *ldap_conn;
+
struct lsa_QueryInfoPolicy queryinfo;
};
@@ -91,11 +95,11 @@ static void init_domain_recv_netlogoncreds(struct composite_context *ctx);
static void init_domain_recv_netlogonpipe(struct composite_context *ctx);
static void init_domain_recv_lsa(struct composite_context *ctx);
static void init_domain_recv_queryinfo(struct rpc_request *req);
+static void init_domain_recv_ldapconn(struct composite_context *ctx);
static void init_domain_recv_samr(struct composite_context *ctx);
-struct composite_context *wb_init_domain_send(struct wbsrv_domain *domain,
- struct event_context *event_ctx,
- struct messaging_context *msg_ctx)
+struct composite_context *wb_init_domain_send(struct wbsrv_service *service,
+ struct wbsrv_domain *domain)
{
struct composite_context *result, *ctx;
struct init_domain_state *state;
@@ -104,13 +108,14 @@ struct composite_context *wb_init_domain_send(struct wbsrv_domain *domain,
if (result == NULL) goto failed;
result->state = COMPOSITE_STATE_IN_PROGRESS;
result->async.fn = NULL;
- result->event_ctx = event_ctx;
+ result->event_ctx = service->task->event_ctx;
state = talloc_zero(result, struct init_domain_state);
if (state == NULL) goto failed;
state->ctx = result;
result->private_data = state;
+ state->service = service;
state->domain = domain;
if (domain->dcname != NULL) {
@@ -136,7 +141,8 @@ struct composite_context *wb_init_domain_send(struct wbsrv_domain *domain,
schannel_creds);
if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed;
- ctx = wb_finddcs_send(domain->name, domain->sid, event_ctx, msg_ctx);
+ ctx = wb_finddcs_send(domain->name, domain->sid, result->event_ctx,
+ service->task->msg_ctx);
if (ctx == NULL) goto failed;
ctx->async.fn = init_domain_recv_dcs;
@@ -163,6 +169,8 @@ static void init_domain_recv_dcs(struct composite_context *ctx)
return;
}
+ state->dcaddr = state->dcs[0].address;
+
state->conn.in.dest_host = state->dcs[0].address;
state->conn.in.port = 0;
state->conn.in.called_name = state->dcs[0].name;
@@ -193,12 +201,11 @@ static void init_domain_recv_dcip(struct composite_context *ctx)
struct init_domain_state *state =
talloc_get_type(ctx->async.private_data,
struct init_domain_state);
- const char *dcaddr;
- state->ctx->status = resolve_name_recv(ctx, state, &dcaddr);
+ state->ctx->status = resolve_name_recv(ctx, state, &state->dcaddr);
if (!composite_is_ok(state->ctx)) return;
- state->conn.in.dest_host = dcaddr;
+ state->conn.in.dest_host = state->dcaddr;
state->conn.in.port = 0;
state->conn.in.called_name = state->domain->dcname;
state->conn.in.service = "IPC$";
@@ -218,24 +225,24 @@ static void init_domain_recv_tree(struct composite_context *ctx)
struct init_domain_state *state =
talloc_get_type(ctx->async.private_data,
struct init_domain_state);
-
state->ctx->status = smb_composite_connect_recv(ctx, state);
if (!composite_is_ok(state->ctx)) return;
- if ((state->domain->schannel_creds == NULL) ||
- cli_credentials_is_anonymous(state->domain->schannel_creds)) {
- /* No chance to open netlogon */
- ctx = wb_connect_lsa_send(state->conn.out.tree, NULL);
+ if ((state->domain->schannel_creds != NULL) &&
+ (!cli_credentials_is_anonymous(state->domain->schannel_creds)) &&
+ ((lp_server_role() == ROLE_DOMAIN_MEMBER) &&
+ (dom_sid_equal(state->domain->sid,
+ state->service->primary_sid)))) {
+ ctx = wb_get_schannel_creds_send(state->domain->schannel_creds,
+ state->conn.out.tree,
+ state->ctx->event_ctx);
composite_continue(state->ctx, ctx,
- init_domain_recv_lsa, state);
+ init_domain_recv_netlogoncreds, state);
return;
}
- ctx = wb_get_schannel_creds_send(state->domain->schannel_creds,
- state->conn.out.tree,
- state->ctx->event_ctx);
- composite_continue(state->ctx, ctx,
- init_domain_recv_netlogoncreds, state);
+ ctx = wb_connect_lsa_send(state->conn.out.tree, NULL);
+ composite_continue(state->ctx, ctx, init_domain_recv_lsa, state);
}
static void init_domain_recv_netlogoncreds(struct composite_context *ctx)
@@ -337,6 +344,7 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
talloc_get_type(req->async.private, struct init_domain_state);
struct lsa_DomainInfo *dominfo;
struct composite_context *ctx;
+ const char *ldap_url;
state->ctx->status = dcerpc_ndr_request_recv(req);
if (!composite_is_ok(state->ctx)) return;
@@ -363,6 +371,26 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
return;
}
+ state->ldap_conn = ldap_new_connection(state, state->ctx->event_ctx);
+ composite_nomem(state->ldap_conn, state->ctx);
+
+ ldap_url = talloc_asprintf(state, "ldap://%s/", state->dcaddr);
+ composite_nomem(ldap_url, state->ctx);
+
+ ctx = ldap_connect_send(state->ldap_conn, ldap_url);
+ composite_continue(state->ctx, ctx, init_domain_recv_ldapconn, state);
+}
+
+static void init_domain_recv_ldapconn(struct composite_context *ctx)
+{
+ struct init_domain_state *state =
+ talloc_get_type(ctx->async.private_data,
+ struct init_domain_state);
+
+ state->ctx->status = ldap_connect_recv(ctx);
+ DEBUG(0, ("ldap_connect returned %s\n",
+ nt_errstr(state->ctx->status)));
+
state->samr_pipe = dcerpc_pipe_init(state, state->ctx->event_ctx);
if (composite_nomem(state->samr_pipe, state->ctx)) return;
@@ -370,8 +398,7 @@ static void init_domain_recv_queryinfo(struct rpc_request *req)
state->domain->lsa_auth_type,
state->domain->schannel_creds,
state->domain->sid);
- composite_continue(state->ctx, ctx,
- init_domain_recv_samr, state);
+ composite_continue(state->ctx, ctx, init_domain_recv_samr, state);
}
static void init_domain_recv_samr(struct composite_context *ctx)
@@ -431,11 +458,10 @@ NTSTATUS wb_init_domain_recv(struct composite_context *c)
return status;
}
-NTSTATUS wb_init_domain(struct wbsrv_domain *domain,
- struct event_context *event_ctx,
- struct messaging_context *messaging_ctx)
+NTSTATUS wb_init_domain(struct wbsrv_service *service,
+ struct wbsrv_domain *domain)
{
struct composite_context *c =
- wb_init_domain_send(domain, event_ctx, messaging_ctx);
+ wb_init_domain_send(service, domain);
return wb_init_domain_recv(c);
}
diff --git a/source4/winbind/wb_server.h b/source4/winbind/wb_server.h
index 30737bccbf..501924fc01 100644
--- a/source4/winbind/wb_server.h
+++ b/source4/winbind/wb_server.h
@@ -62,6 +62,8 @@ struct wbsrv_domain {
struct policy_handle *samr_handle;
struct policy_handle *domain_handle;
+ struct ldap_connection *ldap_conn;
+
struct dcerpc_pipe *netlogon_auth2_pipe;
struct dcerpc_pipe *netlogon_pipe;
struct cli_credentials *schannel_creds;
diff --git a/source4/winbind/wb_sid2domain.c b/source4/winbind/wb_sid2domain.c
index 8249d6c7d3..83e81e1cd0 100644
--- a/source4/winbind/wb_sid2domain.c
+++ b/source4/winbind/wb_sid2domain.c
@@ -110,9 +110,7 @@ struct composite_context *wb_sid2domain_send(struct wbsrv_service *service,
if (state->result != NULL) {
result->status = NT_STATUS_OK;
if (!state->result->initialized) {
- ctx = wb_init_domain_send(state->result,
- service->task->event_ctx,
- service->task->msg_ctx);
+ ctx = wb_init_domain_send(service, state->result);
if (ctx == NULL) goto failed;
ctx->async.fn = sid2domain_recv_init;
ctx->async.private_data = state;
@@ -186,14 +184,12 @@ static void sid2domain_recv_dcname(struct composite_context *ctx)
state->result->schannel_creds = cli_credentials_init(state->result);
if (composite_nomem(state->result->schannel_creds, state->ctx)) return;
cli_credentials_set_conf(state->result->schannel_creds);
- cli_credentials_set_anonymous(state->result->schannel_creds);
+ cli_credentials_set_machine_account(state->result->schannel_creds);
talloc_steal(state->service, state->result);
DLIST_ADD(state->service->domains, state->result);
- ctx = wb_init_domain_send(state->result,
- state->service->task->event_ctx,
- state->service->task->msg_ctx);
+ ctx = wb_init_domain_send(state->service, state->result);
composite_continue(state->ctx, ctx, sid2domain_recv_init, state);
}