diff options
Diffstat (limited to 'source3/winbindd/winbindd_cm.c')
| -rw-r--r-- | source3/winbindd/winbindd_cm.c | 45 |
1 files changed, 32 insertions, 13 deletions
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 1473d33721..86d6662e5a 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -69,13 +69,13 @@ #include "rpc_client/cli_lsarpc.h" #include "../librpc/gen_ndr/ndr_dssetup_c.h" #include "libads/sitename_cache.h" +#include "libsmb/libsmb.h" #include "libsmb/clidgram.h" #include "ads.h" #include "secrets.h" #include "../libcli/security/security.h" #include "passdb.h" #include "messages.h" -#include "ntdomain.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND @@ -189,6 +189,7 @@ static bool fork_child_dc_connect(struct winbindd_domain *domain) TALLOC_CTX *mem_ctx = NULL; pid_t parent_pid = sys_getpid(); char *lfile = NULL; + NTSTATUS status; if (domain->dc_probe_pid != (pid_t)-1) { /* @@ -233,7 +234,10 @@ static bool fork_child_dc_connect(struct winbindd_domain *domain) } } - if (!winbindd_reinit_after_fork(lfile)) { + status = winbindd_reinit_after_fork(NULL, lfile); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("winbindd_reinit_after_fork failed: %s\n", + nt_errstr(status))); messaging_send_buf(winbind_messaging_context(), pid_to_procid(parent_pid), MSG_WINBIND_FAILED_TO_GO_ONLINE, @@ -816,7 +820,12 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, (*cli)->timeout = 10000; /* 10 seconds */ (*cli)->fd = sockfd; - fstrcpy((*cli)->desthost, controller); + (*cli)->desthost = talloc_strdup((*cli), controller); + if ((*cli)->desthost == NULL) { + result = NT_STATUS_NO_MEMORY; + goto done; + } + (*cli)->use_kerberos = True; peeraddr_len = sizeof(peeraddr); @@ -876,7 +885,7 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, (*cli)->use_kerberos = True; DEBUG(5, ("connecting to %s from %s with kerberos principal " - "[%s] and realm [%s]\n", controller, global_myname(), + "[%s] and realm [%s]\n", controller, lp_netbios_name(), machine_krb5_principal, domain->alt_name)); winbindd_set_locator_kdc_envs(domain); @@ -907,7 +916,7 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, (*cli)->use_kerberos = False; DEBUG(5, ("connecting to %s from %s with username " - "[%s]\\[%s]\n", controller, global_myname(), + "[%s]\\[%s]\n", controller, lp_netbios_name(), lp_workgroup(), machine_account)); ads_status = cli_session_setup_spnego(*cli, @@ -943,7 +952,7 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain, /* Only try authenticated if we have a username */ DEBUG(5, ("connecting to %s from %s with username " - "[%s]\\[%s]\n", controller, global_myname(), + "[%s]\\[%s]\n", controller, lp_netbios_name(), ipc_domain, ipc_username)); if (NT_STATUS_IS_OK(cli_session_setup( @@ -1073,7 +1082,7 @@ static bool add_one_dc_unique(TALLOC_CTX *mem_ctx, const char *domain_name, (struct sockaddr *)(void *)pss)) return False; - *dcs = TALLOC_REALLOC_ARRAY(mem_ctx, *dcs, struct dc_name_ip, (*num)+1); + *dcs = talloc_realloc(mem_ctx, *dcs, struct dc_name_ip, (*num)+1); if (*dcs == NULL) return False; @@ -1088,7 +1097,7 @@ static bool add_sockaddr_to_array(TALLOC_CTX *mem_ctx, struct sockaddr_storage *pss, uint16 port, struct sockaddr_storage **addrs, int *num) { - *addrs = TALLOC_REALLOC_ARRAY(mem_ctx, *addrs, struct sockaddr_storage, (*num)+1); + *addrs = talloc_realloc(mem_ctx, *addrs, struct sockaddr_storage, (*num)+1); if (*addrs == NULL) { *num = 0; @@ -1375,7 +1384,7 @@ static bool find_new_dc(TALLOC_CTX *mem_ctx, return False; status = smbsock_any_connect(addrs, dcnames, NULL, NULL, NULL, - num_addrs, 0, fd, &fd_index, NULL); + num_addrs, 0, 10, fd, &fd_index, NULL); if (!NT_STATUS_IS_OK(status)) { for (i=0; i<num_dcs; i++) { char ab[INET6_ADDRSTRLEN]; @@ -1541,7 +1550,7 @@ static NTSTATUS cm_open_connection(struct winbindd_domain *domain, return NT_STATUS_UNSUCCESSFUL; } if (dcip_to_name(mem_ctx, domain, &ss, saf_name )) { - fstrcpy( domain->dcname, saf_name ); + strlcpy(domain->dcname, saf_name, sizeof(domain->dcname)); } else { winbind_add_failed_connection_entry( domain, saf_servername, @@ -1571,7 +1580,7 @@ static NTSTATUS cm_open_connection(struct winbindd_domain *domain, status = smbsock_connect(&domain->dcaddr, 0, NULL, -1, NULL, -1, - &fd, NULL); + &fd, NULL, 10); if (!NT_STATUS_IS_OK(status)) { fd = -1; } @@ -1699,6 +1708,7 @@ void invalidate_cm_connection(struct winbindd_cm_conn *conn) void close_conns_after_fork(void) { struct winbindd_domain *domain; + struct winbindd_cli_state *cli_state; for (domain = domain_list(); domain; domain = domain->next) { struct cli_state *cli = domain->conn.cli; @@ -1715,6 +1725,15 @@ void close_conns_after_fork(void) invalidate_cm_connection(&domain->conn); } + + for (cli_state = winbindd_client_list(); + cli_state != NULL; + cli_state = cli_state->next) { + if (cli_state->sock >= 0) { + close(cli_state->sock); + cli_state->sock = -1; + } + } } static bool connection_ok(struct winbindd_domain *domain) @@ -1985,7 +2004,7 @@ static void set_dc_type_and_flags_connect( struct winbindd_domain *domain ) * no_dssetup mode here as well to get domain->initialized * set - gd */ - if (NT_STATUS_V(status) == DCERPC_FAULT_OP_RNG_ERROR) { + if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE)) { goto no_dssetup; } @@ -2608,7 +2627,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, netlogon_pipe, domain->dcname, /* server name. */ domain->name, /* domain name */ - global_myname(), /* client name */ + lp_netbios_name(), /* client name */ account_name, /* machine account */ mach_pwd, /* machine password */ sec_chan_type, /* from get_trust_pw */ |