diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2008-05-28 13:21:26 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2008-05-28 13:21:26 +1000 |
| commit | baa2dffdf34c2f3aa150695c60742d616eeb3b09 (patch) | |
| tree | 3ba717535b47cfcd039277285d5d7681ac7ae691 /source4 | |
| parent | 51ae2302a68033b1b79a4ebc8d4cbab64adcf843 (diff) | |
| download | samba-baa2dffdf34c2f3aa150695c60742d616eeb3b09.tar.gz samba-baa2dffdf34c2f3aa150695c60742d616eeb3b09.tar.bz2 samba-baa2dffdf34c2f3aa150695c60742d616eeb3b09.zip | |
Bring up the ntp signing deamon
This starts ntp_signd at startup, and fixes some build issues.
Andrew Bartlett
(This used to be commit cb0dcd5c3dfe2a46755270a4594b7289f555d814)
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/Makefile | 1 | ||||
| -rw-r--r-- | source4/ntp_signd/config.mk | 2 | ||||
| -rw-r--r-- | source4/ntp_signd/ntp_signd.c | 43 | ||||
| -rw-r--r-- | source4/param/loadparm.c | 2 | ||||
| -rw-r--r-- | source4/smbd/server.c | 1 |
5 files changed, 28 insertions, 21 deletions
diff --git a/source4/Makefile b/source4/Makefile index 20a0876962..14d0fe3b20 100644 --- a/source4/Makefile +++ b/source4/Makefile @@ -97,6 +97,7 @@ libclisrcdir := libcli ejsscriptsrcdir := scripting/ejs pyscriptsrcdir := $(srcdir)/scripting/python kdcsrcdir := kdc +ntp_signdsrcdir := ntp_signd include data.mk diff --git a/source4/ntp_signd/config.mk b/source4/ntp_signd/config.mk index e8d0530f62..96e0de5583 100644 --- a/source4/ntp_signd/config.mk +++ b/source4/ntp_signd/config.mk @@ -10,5 +10,5 @@ PRIVATE_DEPENDENCIES = \ # End SUBSYSTEM NTP_SIGND ####################### -NTP_SIGND_OBJ_FILES = $(addprefix $(ntp_signd_srcdir)/, ntp_signd.o) +NTP_SIGND_OBJ_FILES = $(addprefix $(ntp_signdsrcdir)/, ntp_signd.o) diff --git a/source4/ntp_signd/ntp_signd.c b/source4/ntp_signd/ntp_signd.c index 41a3df019a..35016d5c61 100644 --- a/source4/ntp_signd/ntp_signd.c +++ b/source4/ntp_signd/ntp_signd.c @@ -27,10 +27,13 @@ #include "smbd/service_stream.h" #include "smbd/process_model.h" #include "lib/stream/packet.h" -#include "librpc/gen_ndr/ntp_signd.h" +#include "librpc/gen_ndr/ndr_ntp_signd.h" #include "param/param.h" #include "dsdb/samdb/samdb.h" #include "auth/auth.h" +#include "libcli/security/security.h" +#include "lib/ldb/include/ldb.h" +#include "lib/ldb/include/ldb_errors.h" /* top level context structure for the ntp_signd server @@ -74,13 +77,14 @@ static NTSTATUS ntp_signd_recv(void *private, DATA_BLOB blob) enum ndr_err_code ndr_err; struct ldb_result *res; const char *attrs[] = { "unicodePwd", NULL }; + int ret; talloc_steal(tmp_ctx, blob.data); input = data_blob_const(blob.data + 4, blob.length - 4); - ndr_err = ndr_pull_struct_blob_all(input, tmp_ctx, - iconv_convenience, + ndr_err = ndr_pull_struct_blob_all(&input, tmp_ctx, + lp_iconv_convenience(ntp_signdconn->ntp_signd->task->lp_ctx), &sign_request, (ndr_pull_flags_fn_t)ndr_pull_sign_request); @@ -101,9 +105,10 @@ static NTSTATUS ntp_signd_recv(void *private, DATA_BLOB blob) } /* Sign packet */ - ret = ldb_search_exp_format(ntp_signdconn->ntp_signd->samdb, tmp_ctx, - &res, samdb_base_dn(ntp_signdconn->ntp_signd->samdb), - LDB_SCOPE_SUBTREE, attrs, "(&(objectSid=%s)(objectClass=computer))"); + ret = ldb_search_exp_fmt(ntp_signdconn->ntp_signd->samdb, tmp_ctx, + &res, samdb_base_dn(ntp_signdconn->ntp_signd->samdb), + LDB_SCOPE_SUBTREE, attrs, "(&(objectSid=%s)(objectClass=computer))", + dom_sid_string(tmp_ctx, sid)); if (ret != LDB_SUCCESS) { return NT_STATUS_UNSUCCESSFUL; } @@ -221,19 +226,6 @@ static void ntp_signd_task_init(struct task_server *task) return; } - status = stream_setup_socket(ntp_signd->task->event_ctx, - ntp_signd->task->lp_ctx, - model_ops, - &ntp_signd_stream_ops, - "unix", address, NULL, - lp_socket_options(ntp_signd->task->lp_ctx), - ntp_signd); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("Failed to bind to %s - %s\n", - address, nt_errstr(status))); - return; - } - task_server_set_title(task, "task[ntp_signd]"); ntp_signd = talloc(task, struct ntp_signd_server); @@ -250,6 +242,19 @@ static void ntp_signd_task_init(struct task_server *task) return; } + status = stream_setup_socket(ntp_signd->task->event_ctx, + ntp_signd->task->lp_ctx, + model_ops, + &ntp_signd_stream_ops, + "unix", address, NULL, + lp_socket_options(ntp_signd->task->lp_ctx), + ntp_signd); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("Failed to bind to %s - %s\n", + address, nt_errstr(status))); + return; + } + } diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c index b70e4c19f0..ad1752a7e7 100644 --- a/source4/param/loadparm.c +++ b/source4/param/loadparm.c @@ -2296,7 +2296,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) lp_do_global_parameter(lp_ctx, "max connections", "-1"); lp_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup unixinfo"); - lp_do_global_parameter(lp_ctx, "server services", "smb rpc nbt wrepl ldap cldap kdc drepl winbind"); + lp_do_global_parameter(lp_ctx, "server services", "smb rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd"); lp_do_global_parameter(lp_ctx, "ntptr providor", "simple_ldb"); lp_do_global_parameter(lp_ctx, "auth methods:domain controller", "anonymous sam_ignoredomain"); lp_do_global_parameter(lp_ctx, "auth methods:member server", "anonymous sam winbind"); diff --git a/source4/smbd/server.c b/source4/smbd/server.c index e1ebd133ce..c1c8b6368f 100644 --- a/source4/smbd/server.c +++ b/source4/smbd/server.c @@ -198,6 +198,7 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ extern NTSTATUS server_service_smb_init(void); extern NTSTATUS server_service_drepl_init(void); extern NTSTATUS server_service_rpc_init(void); + extern NTSTATUS server_service_ntp_signd_init(void); init_module_fn static_init[] = { STATIC_smbd_MODULES }; init_module_fn *shared_init; struct event_context *event_ctx; |