summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/auth/auth_domain.c33
-rw-r--r--source3/client/smbspool.c2
-rw-r--r--source3/include/doserr.h47
-rw-r--r--source3/libsmb/cliconnect.c12
-rw-r--r--source3/nsswitch/winbindd_cm.c22
-rw-r--r--source3/rpcclient/rpcclient.c2
-rw-r--r--source3/smbd/change_trust_pw.c2
-rw-r--r--source3/utils/net.c4
-rw-r--r--source3/utils/smbcacls.c2
-rw-r--r--source3/utils/smbtree.c2
10 files changed, 99 insertions, 29 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 59b9233a2d..129c486562 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -88,8 +88,7 @@ static NTSTATUS rpc_resolve_dc(const char *server,
way to find it, but until we have a RPC call that does this
it will have to do */
if (!name_status_find("*", 0x20, 0x20, to_ip, remote_machine)) {
- DEBUG(2, ("connect_to_domain_password_server: Can't "
- "resolve name for IP %s\n", server));
+ DEBUG(2, ("rpc_resolve_dc: Can't resolve name for IP %s\n", server));
return NT_STATUS_NO_LOGON_SERVERS;
}
@@ -100,7 +99,7 @@ static NTSTATUS rpc_resolve_dc(const char *server,
fstrcpy(remote_machine, server);
strupper(remote_machine);
if (!resolve_name(remote_machine, dest_ip, 0x20)) {
- DEBUG(1,("connect_to_domain_password_server: Can't resolve address for %s\n",
+ DEBUG(1,("rpc_resolve_dc: Can't resolve address for %s\n",
remote_machine));
return NT_STATUS_NO_LOGON_SERVERS;
}
@@ -126,18 +125,20 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
const char *server,
const char *setup_creds_as,
uint16 sec_chan,
- const unsigned char *trust_passwd)
+ const unsigned char *trust_passwd,
+ BOOL *retry)
{
struct in_addr dest_ip;
fstring remote_machine;
NTSTATUS result;
uint32 neg_flags = 0x000001ff;
- if (lp_security() == SEC_ADS) {
+ *retry = False;
+
+ if (lp_security() == SEC_ADS)
result = ads_resolve_dc(remote_machine, &dest_ip);
- } else {
+ else
result = rpc_resolve_dc(server, remote_machine, &dest_ip);
- }
if (!NT_STATUS_IS_OK(result)) {
DEBUG(2,("connect_to_domain_password_server: unable to resolve DC: %s\n",
@@ -165,12 +166,14 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli,
* ACCESS_DENIED errors if 2 auths are done from the same machine. JRA.
*/
+ *retry = True;
+
if (!grab_server_mutex(server))
return NT_STATUS_NO_LOGON_SERVERS;
/* Attempt connection */
result = cli_full_connection(cli, global_myname, remote_machine,
- &dest_ip, 0, "IPC$", "IPC", "", "", "",0);
+ &dest_ip, 0, "IPC$", "IPC", "", "", "",0, retry);
if (!NT_STATUS_IS_OK(result)) {
release_server_mutex();
@@ -235,7 +238,10 @@ static NTSTATUS attempt_connect_to_dc(struct cli_state **cli,
uint16 sec_chan,
const unsigned char *trust_passwd)
{
+ NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
+ BOOL retry = True;
fstring dc_name;
+ int i;
/*
* Ignore addresses we have already tried.
@@ -247,7 +253,10 @@ static NTSTATUS attempt_connect_to_dc(struct cli_state **cli,
if (!lookup_dc_name(global_myname, domain, ip, dc_name))
return NT_STATUS_NO_LOGON_SERVERS;
- return connect_to_domain_password_server(cli, dc_name, setup_creds_as, sec_chan, trust_passwd);
+ for (i = 0; (!NT_STATUS_IS_OK(ret)) && retry && (i < 3); i++)
+ ret = connect_to_domain_password_server(cli, dc_name, setup_creds_as,
+ sec_chan, trust_passwd, &retry);
+ return ret;
}
/***********************************************************************
@@ -371,7 +380,11 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
if(lp_security() != SEC_ADS && strequal(remote_machine, "*")) {
nt_status = find_connect_pdc(&cli, domain, setup_creds_as, sec_chan, trust_passwd, last_change_time);
} else {
- nt_status = connect_to_domain_password_server(&cli, remote_machine, setup_creds_as, sec_chan, trust_passwd);
+ int i;
+ BOOL retry = False;
+ for (i = 0; !NT_STATUS_IS_OK(nt_status) && retry && (i < 3); i++)
+ nt_status = connect_to_domain_password_server(&cli, remote_machine, setup_creds_as,
+ sec_chan, trust_passwd, &retry);
}
}
diff --git a/source3/client/smbspool.c b/source3/client/smbspool.c
index ecb5c311c5..ff10963533 100644
--- a/source3/client/smbspool.c
+++ b/source3/client/smbspool.c
@@ -282,7 +282,7 @@ smb_connect(char *workgroup, /* I - Workgroup */
get_myname(myname);
nt_status = cli_full_connection(&c, myname, server, NULL, 0, share, "?????",
- username, workgroup, password, 0);
+ username, workgroup, password, 0, NULL);
if (!NT_STATUS_IS_OK(nt_status)) {
fprintf(stderr, "ERROR: Connection failed with error %s\n", nt_errstr(nt_status));
diff --git a/source3/include/doserr.h b/source3/include/doserr.h
index 93936463e6..576aeda2bf 100644
--- a/source3/include/doserr.h
+++ b/source3/include/doserr.h
@@ -82,13 +82,28 @@
#define ERRnoipc 66 /* don't support ipc */
/* These errors seem to be only returned by the NT printer driver system */
-
+#define ERRdriveralreadyinstalled 1795 /* ERROR_PRINTER_DRIVER_ALREADY_INSTALLED */
+#define ERRunknownprinterport 1796 /* ERROR_UNKNOWN_PORT */
#define ERRunknownprinterdriver 1797 /* ERROR_UNKNOWN_PRINTER_DRIVER */
+#define ERRunknownprintprocessor 1798 /* ERROR_UNKNOWN_PRINTPROCESSOR */
+#define ERRinvalidseparatorfile 1799 /* ERROR_INVALID_SEPARATOR_FILE */
+#define ERRinvalidjobpriority 1800 /* ERROR_INVALID_PRIORITY */
#define ERRinvalidprintername 1801 /* ERROR_INVALID_PRINTER_NAME */
#define ERRprinteralreadyexists 1802 /* ERROR_PRINTER_ALREADY_EXISTS */
+#define ERRinvalidprintercommand 1803 /* ERROR_INVALID_PRINTER_COMMAND */
#define ERRinvaliddatatype 1804 /* ERROR_INVALID_DATATYPE */
#define ERRinvalidenvironment 1805 /* ERROR_INVALID_ENVIRONMENT */
+
+#define ERRunknownprintmonitor 3000 /* ERROR_UNKNOWN_PRINT_MONITOR */
#define ERRprinterdriverinuse 3001 /* ERROR_PRINTER_DRIVER_IN_USE */
+#define ERRspoolfilenotfound 3002 /* ERROR_SPOOL_FILE_NOT_FOUND */
+#define ERRnostartdoc 3003 /* ERROR_SPL_NO_STARTDOC */
+#define ERRnoaddjob 3004 /* ERROR_SPL_NO_ADDJOB */
+#define ERRprintprocessoralreadyinstalled 3005 /* ERROR_PRINT_PROCESSOR_ALREADY_INSTALLED */
+#define ERRprintmonitoralreadyinstalled 3006 /* ERROR_PRINT_MONITOR_ALREADY_INSTALLED */
+#define ERRinvalidprintmonitor 3007 /* ERROR_INVALID_PRINT_MONITOR */
+#define ERRprintmonitorinuse 3008 /* ERROR_PRINT_MONITOR_IN_USE */
+#define ERRprinterhasjobsqueued 3009 /* ERROR_PRINTER_HAS_JOBS_QUEUED */
/* Error codes for the ERRSRV class */
@@ -171,20 +186,38 @@
#define WERR_CAN_NOT_COMPLETE W_ERROR(1003)
#define WERR_INVALID_SECURITY_DESCRIPTOR W_ERROR(1338)
#define WERR_SERVER_UNAVAILABLE W_ERROR(1722)
-#define WERR_UNKNOWN_PRINTER_DRIVER W_ERROR(1797)
-#define WERR_INVALID_PRINTER_NAME W_ERROR(1801)
-#define WERR_PRINTER_ALREADY_EXISTS W_ERROR(1802)
-#define WERR_INVALID_DATATYPE W_ERROR(1804)
-#define WERR_INVALID_ENVIRONMENT W_ERROR(1805)
#define WERR_INVALID_FORM_NAME W_ERROR(1902)
#define WERR_INVALID_FORM_SIZE W_ERROR(1903)
#define WERR_BUF_TOO_SMALL W_ERROR(2123)
#define WERR_JOB_NOT_FOUND W_ERROR(2151)
#define WERR_DEST_NOT_FOUND W_ERROR(2152)
#define WERR_NOT_LOCAL_DOMAIN W_ERROR(2320)
-#define WERR_PRINTER_DRIVER_IN_USE W_ERROR(3001)
#define WERR_STATUS_MORE_ENTRIES W_ERROR(0x0105)
+#define WERR_PRINTER_DRIVER_ALREADY_INSTALLED W_ERROR(ERRdriveralreadyinstalled)
+#define WERR_UNKNOWN_PORT W_ERROR(ERRunknownprinterport)
+#define WERR_UNKNOWN_PRINTER_DRIVER W_ERROR(ERRunknownprinterdriver)
+#define WERR_UNKNOWN_PRINTPROCESSOR W_ERROR(ERRunknownprintprocessor)
+#define WERR_INVALID_SEPARATOR_FILE W_ERROR(ERRinvalidseparatorfile)
+#define WERR_INVALID_PRIORITY W_ERROR(ERRinvalidjobpriority)
+#define WERR_INVALID_PRINTER_NAME W_ERROR(ERRinvalidprintername)
+#define WERR_PRINTER_ALREADY_EXISTS W_ERROR(ERRprinteralreadyexists)
+#define WERR_INVALID_PRINTER_COMMAND W_ERROR(ERRinvalidprintercommand)
+#define WERR_INVALID_DATATYPE W_ERROR(ERRinvaliddatatype)
+#define WERR_INVALID_ENVIRONMENT W_ERROR(ERRinvalidenvironment)
+
+#define WERR_UNKNOWN_PRINT_MONITOR W_ERROR(ERRunknownprintmonitor)
+#define WERR_PRINTER_DRIVER_IN_USE W_ERROR(ERRprinterdriverinuse)
+#define WERR_SPOOL_FILE_NOT_FOUND W_ERROR(ERRspoolfilenotfound)
+#define WERR_SPL_NO_STARTDOC W_ERROR(ERRnostartdoc)
+#define WERR_SPL_NO_ADDJOB W_ERROR(ERRnoaddjob)
+#define WERR_PRINT_PROCESSOR_ALREADY_INSTALLED W_ERROR(ERRprintprocessoralreadyinstalled)
+#define WERR_PRINT_MONITOR_ALREADY_INSTALLED W_ERROR(ERRprintmonitoralreadyinstalled)
+#define WERR_INVALID_PRINT_MONITOR W_ERROR(ERRinvalidprintmonitor)
+#define WERR_PRINT_MONITOR_IN_USE W_ERROR(ERRprintmonitorinuse)
+#define WERR_PRINTER_HAS_JOBS_QUEUED W_ERROR(ERRprinterhasjobsqueued)
+
+
/* DFS errors */
#ifndef NERR_BASE
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index f005ac21f3..6a21121f43 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -1153,6 +1153,7 @@ static void init_creds(struct ntuser_creds *creds, char* username,
@param user Username, unix string
@param domain User's domain
@param password User's password, unencrypted unix string.
+ @param retry BOOL. Did this connection fail with a retryable error ?
*/
NTSTATUS cli_full_connection(struct cli_state **output_cli,
@@ -1161,7 +1162,8 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli,
struct in_addr *dest_ip, int port,
char *service, char *service_type,
char *user, char *domain,
- char *password, int flags)
+ char *password, int flags,
+ BOOL *retry)
{
struct ntuser_creds creds;
NTSTATUS nt_status;
@@ -1171,6 +1173,9 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli,
struct in_addr ip;
extern pstring global_myname;
+ if (retry)
+ *retry = False;
+
if (!my_name)
my_name = global_myname;
@@ -1185,6 +1190,8 @@ NTSTATUS cli_full_connection(struct cli_state **output_cli,
return NT_STATUS_UNSUCCESSFUL;
}
+ cli_set_timeout(cli, 10000); /* 10 seconds. */
+
if (dest_ip)
ip = *dest_ip;
else
@@ -1201,6 +1208,9 @@ again:
return NT_STATUS_UNSUCCESSFUL;
}
+ if (retry)
+ *retry = True;
+
if (!cli_session_request(cli, &calling, &called)) {
char *p;
DEBUG(1,("session request to %s failed (%s)\n",
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index cb1779f590..5f477c78f7 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -392,6 +392,8 @@ static NTSTATUS cm_open_connection(const char *domain, const int pipe_index,
NTSTATUS result;
char *ipc_username, *ipc_domain, *ipc_password;
struct in_addr dc_ip;
+ int i;
+ BOOL retry = True;
ZERO_STRUCT(dc_ip);
@@ -446,10 +448,22 @@ static NTSTATUS cm_open_connection(const char *domain, const int pipe_index,
DEBUG(5, ("connecting to %s from %s with username [%s]\\[%s]\n",
new_conn->controller, global_myname, ipc_domain, ipc_username));
- result = cli_full_connection(&(new_conn->cli), global_myname, new_conn->controller,
- &dc_ip, 0, "IPC$",
- "IPC", ipc_username, ipc_domain,
- ipc_password, 0);
+ for (i = 0; retry && (i < 3); i++) {
+
+ if (!secrets_named_mutex(new_conn->controller, 10)) {
+ DEBUG(0,("cm_open_connection: mutex grab failed for %s\n", new_conn->controller));
+ continue;
+ }
+
+ result = cli_full_connection(&(new_conn->cli), global_myname, new_conn->controller,
+ &dc_ip, 0, "IPC$", "IPC", ipc_username, ipc_domain,
+ ipc_password, 0, &retry);
+
+ secrets_named_mutex_release(new_conn->controller);
+
+ if (NT_STATUS_IS_OK(result))
+ break;
+ }
SAFE_FREE(ipc_username);
SAFE_FREE(ipc_domain);
diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c
index 5aa8d2359f..e23140bdb0 100644
--- a/source3/rpcclient/rpcclient.c
+++ b/source3/rpcclient/rpcclient.c
@@ -723,7 +723,7 @@ static NTSTATUS process_cmd(struct cli_state *cli, char *cmd)
&server_ip, 0,
"IPC$", "IPC",
username, domain,
- password, 0);
+ password, 0, NULL);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0,("Cannot connect to server. Error was %s\n", nt_errstr(nt_status)));
diff --git a/source3/smbd/change_trust_pw.c b/source3/smbd/change_trust_pw.c
index 4b2944a96f..5da735e875 100644
--- a/source3/smbd/change_trust_pw.c
+++ b/source3/smbd/change_trust_pw.c
@@ -50,7 +50,7 @@ static NTSTATUS modify_trust_password( char *domain, char *remote_machine,
NULL, 0,
"IPC$", "IPC",
"", "",
- "", 0))) {
+ "", 0, NULL))) {
DEBUG(0,("modify_trust_password: Connection to %s failed!\n", remote_machine));
return NT_STATUS_UNSUCCESSFUL;
}
diff --git a/source3/utils/net.c b/source3/utils/net.c
index b3b72e2465..d38ca58622 100644
--- a/source3/utils/net.c
+++ b/source3/utils/net.c
@@ -121,7 +121,7 @@ NTSTATUS connect_to_ipc(struct cli_state **c, struct in_addr *server_ip,
server_ip, opt_port,
"IPC$", "IPC",
opt_user_name, opt_workgroup,
- opt_password, 0);
+ opt_password, 0, NULL);
if (NT_STATUS_IS_OK(nt_status)) {
return nt_status;
@@ -151,7 +151,7 @@ NTSTATUS connect_to_ipc_anonymous(struct cli_state **c,
server_ip, opt_port,
"IPC$", "IPC",
"", "",
- "", 0);
+ "", 0, NULL);
if (NT_STATUS_IS_OK(nt_status)) {
return nt_status;
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index 2e8317f05a..940187407c 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -722,7 +722,7 @@ static struct cli_state *connect_one(char *share)
&ip, 0,
share, "?????",
username, global_myworkgroup,
- password, 0))) {
+ password, 0, NULL))) {
return c;
} else {
DEBUG(0,("cli_full_connection failed! (%s)\n", nt_errstr(nt_status)));
diff --git a/source3/utils/smbtree.c b/source3/utils/smbtree.c
index b733f8112f..940120d644 100644
--- a/source3/utils/smbtree.c
+++ b/source3/utils/smbtree.c
@@ -100,7 +100,7 @@ static struct cli_state *get_ipc_connect(char *server, struct in_addr *server_ip
nt_status = cli_full_connection(&cli, myname, server, server_ip, 0, "IPC$", "IPC",
user_info->username, lp_workgroup(), user_info->password,
- CLI_FULL_CONNECTION_ANNONYMOUS_FALLBACK);
+ CLI_FULL_CONNECTION_ANNONYMOUS_FALLBACK, NULL);
if (NT_STATUS_IS_OK(nt_status)) {
return cli;