summaryrefslogtreecommitdiff
path: root/source4/winbind
diff options
context:
space:
mode:
Diffstat (limited to 'source4/winbind')
-rw-r--r--source4/winbind/wb_dom_info.c67
-rw-r--r--source4/winbind/wb_init_domain.c23
-rw-r--r--source4/winbind/wb_server.h9
3 files changed, 35 insertions, 64 deletions
diff --git a/source4/winbind/wb_dom_info.c b/source4/winbind/wb_dom_info.c
index 39a734aace..84b2b7a3c7 100644
--- a/source4/winbind/wb_dom_info.c
+++ b/source4/winbind/wb_dom_info.c
@@ -30,16 +30,14 @@
#include "librpc/gen_ndr/ndr_irpc.h"
#include "librpc/gen_ndr/samr.h"
#include "lib/messaging/irpc.h"
+#include "libcli/finddcs.h"
struct get_dom_info_state {
struct composite_context *ctx;
- struct wbsrv_service *service;
- struct nbtd_getdcname r;
struct wb_dom_info *info;
};
static void get_dom_info_recv_addrs(struct composite_context *ctx);
-static void get_dom_info_recv_dcname(struct irpc_request *ireq);
struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx,
struct wbsrv_service *service,
@@ -48,8 +46,7 @@ struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx,
{
struct composite_context *result, *ctx;
struct get_dom_info_state *state;
- struct nbt_name name;
-
+ struct dom_sid *dup_sid;
result = composite_create(mem_ctx, service->task->event_ctx);
if (result == NULL) goto failed;
@@ -58,24 +55,18 @@ struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx,
state->ctx = result;
result->private_data = state;
- state->service = service;
-
state->info = talloc_zero(state, struct wb_dom_info);
if (state->info == NULL) goto failed;
- state->info->name = talloc_strdup(state->info, domain_name);
- if (state->info->name == NULL) goto failed;
- state->info->sid = dom_sid_dup(state->info, sid);
- if (state->info->sid == NULL) goto failed;
+ dup_sid = dom_sid_dup(state, sid);
+ if (dup_sid == NULL) goto failed;
- make_nbt_name(&name, state->info->name, NBT_NAME_LOGON);
-
- ctx = resolve_name_send(&name, result->event_ctx,
- lp_name_resolve_order());
+ ctx = finddcs_send(mem_ctx, domain_name, NBT_NAME_LOGON,
+ dup_sid, lp_name_resolve_order(), service->task->event_ctx,
+ service->task->msg_ctx);
if (ctx == NULL) goto failed;
- ctx->async.fn = get_dom_info_recv_addrs;
- ctx->async.private_data = state;
+ composite_continue(state->ctx, ctx, get_dom_info_recv_addrs, state);
return result;
failed:
@@ -88,48 +79,12 @@ static void get_dom_info_recv_addrs(struct composite_context *ctx)
struct get_dom_info_state *state =
talloc_get_type(ctx->async.private_data,
struct get_dom_info_state);
- struct server_id *nbt_servers;
- struct irpc_request *ireq;
-
- state->ctx->status = resolve_name_recv(ctx, state->info,
- &state->info->dc_address);
- if (!composite_is_ok(state->ctx)) return;
-
- nbt_servers = irpc_servers_byname(state->service->task->msg_ctx,
- state, "nbt_server");
- if ((nbt_servers == NULL) || (nbt_servers[0].id == 0)) {
- composite_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS);
- return;
- }
-
- state->r.in.domainname = state->info->name;
- state->r.in.ip_address = state->info->dc_address;
- state->r.in.my_computername = lp_netbios_name();
- state->r.in.my_accountname = talloc_asprintf(state, "%s$",
- lp_netbios_name());
- if (composite_nomem(state->r.in.my_accountname, state->ctx)) return;
- state->r.in.account_control = ACB_WSTRUST;
- state->r.in.domain_sid = dom_sid_dup(state, state->info->sid);
- if (composite_nomem(state->r.in.domain_sid, state->ctx)) return;
-
- ireq = irpc_call_send(state->service->task->msg_ctx, nbt_servers[0],
- &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME,
- &state->r, state);
- composite_continue_irpc(state->ctx, ireq, get_dom_info_recv_dcname,
- state);
-}
-
-static void get_dom_info_recv_dcname(struct irpc_request *ireq)
-{
- struct get_dom_info_state *state =
- talloc_get_type(ireq->async.private,
- struct get_dom_info_state);
-
- state->ctx->status = irpc_call_recv(ireq);
+ state->ctx->status = finddcs_recv(ctx, state->info,
+ &state->info->num_dcs,
+ &state->info->dcs);
if (!composite_is_ok(state->ctx)) return;
- state->info->dc_name = talloc_steal(state->info, state->r.out.dcname);
composite_done(state->ctx);
}
diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c
index a25029eb21..0099d7a27c 100644
--- a/source4/winbind/wb_init_domain.c
+++ b/source4/winbind/wb_init_domain.c
@@ -31,6 +31,7 @@
#include "librpc/gen_ndr/ndr_netlogon.h"
#include "librpc/gen_ndr/ndr_lsa_c.h"
#include "librpc/gen_ndr/ndr_samr_c.h"
+#include "libcli/libcli.h"
#include "libcli/auth/credentials.h"
#include "libcli/security/security.h"
@@ -83,9 +84,10 @@ static struct dcerpc_binding *init_domain_binding(struct init_domain_state *stat
{
struct dcerpc_binding *binding;
NTSTATUS status;
+
/* Make a binding string */
{
- char *s = talloc_asprintf(state, "ncacn_np:%s", state->domain->info->dc_name);
+ char *s = talloc_asprintf(state, "ncacn_np:%s", state->domain->dc_name);
if (s == NULL) return NULL;
status = dcerpc_parse_binding(state, s, &binding);
talloc_free(s);
@@ -95,8 +97,8 @@ static struct dcerpc_binding *init_domain_binding(struct init_domain_state *stat
}
/* Alter binding to contain hostname, but also address (so we don't look it up twice) */
- binding->target_hostname = state->domain->info->dc_name;
- binding->host = state->domain->info->dc_address;
+ binding->target_hostname = state->domain->dc_name;
+ binding->host = state->domain->dc_address;
/* This shouldn't make a network call, as the mappings for named pipes are well known */
status = dcerpc_epm_map_binding(binding, binding, table, state->service->task->event_ctx);
@@ -130,6 +132,17 @@ struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx,
state->domain->info = talloc_reference(state->domain, dom_info);
if (state->domain->info == NULL) goto failed;
+ /* Caller should check, but to be safe: */
+ if (dom_info->num_dcs < 1) {
+ goto failed;
+ }
+
+ /* For now, we just pick the first. The next step will be to
+ * walk the entire list. Also need to fix finddcs() to return
+ * the entire list */
+ state->domain->dc_name = dom_info->dcs[0].name;
+ state->domain->dc_address = dom_info->dcs[0].address;
+
/* Create a credentials structure */
state->domain->schannel_creds = cli_credentials_init(state->domain);
if (state->domain->schannel_creds == NULL) goto failed;
@@ -377,7 +390,7 @@ static void init_domain_recv_samr(struct composite_context *ctx)
composite_nomem(state->domain->ldap_conn, state->ctx);
ldap_url = talloc_asprintf(state, "ldap://%s/",
- state->domain->info->dc_address);
+ state->domain->dc_address);
composite_nomem(ldap_url, state->ctx);
ctx = ldap_connect_send(state->domain->ldap_conn, ldap_url);
@@ -394,7 +407,7 @@ static void init_domain_recv_ldapconn(struct composite_context *ctx)
if (NT_STATUS_IS_OK(state->ctx->status)) {
state->domain->ldap_conn->host =
talloc_strdup(state->domain->ldap_conn,
- state->domain->info->dc_name);
+ state->domain->dc_name);
state->ctx->status =
ldap_bind_sasl(state->domain->ldap_conn,
state->domain->schannel_creds);
diff --git a/source4/winbind/wb_server.h b/source4/winbind/wb_server.h
index 7d334193d4..3e851fbccc 100644
--- a/source4/winbind/wb_server.h
+++ b/source4/winbind/wb_server.h
@@ -49,9 +49,8 @@ struct wb_dom_info {
const char *dns_name;
const struct dom_sid *sid;
- const char *dc_name;
- const char *dc_dns_name;
- const char *dc_address;
+ int num_dcs;
+ struct nbt_dc_name *dcs;
};
struct wbsrv_domain {
@@ -59,6 +58,10 @@ struct wbsrv_domain {
struct wb_dom_info *info;
+ /* Details for the server we are currently talking to */
+ const char *dc_address;
+ const char *dc_name;
+
struct dcerpc_pipe *lsa_pipe;
struct policy_handle *lsa_policy_handle;
struct dcerpc_binding *lsa_binding;