diff options
Diffstat (limited to 'source4/winbind')
-rw-r--r-- | source4/winbind/wb_dom_info.c | 67 | ||||
-rw-r--r-- | source4/winbind/wb_init_domain.c | 23 | ||||
-rw-r--r-- | source4/winbind/wb_server.h | 9 |
3 files changed, 35 insertions, 64 deletions
diff --git a/source4/winbind/wb_dom_info.c b/source4/winbind/wb_dom_info.c index 39a734aace..84b2b7a3c7 100644 --- a/source4/winbind/wb_dom_info.c +++ b/source4/winbind/wb_dom_info.c @@ -30,16 +30,14 @@ #include "librpc/gen_ndr/ndr_irpc.h" #include "librpc/gen_ndr/samr.h" #include "lib/messaging/irpc.h" +#include "libcli/finddcs.h" struct get_dom_info_state { struct composite_context *ctx; - struct wbsrv_service *service; - struct nbtd_getdcname r; struct wb_dom_info *info; }; static void get_dom_info_recv_addrs(struct composite_context *ctx); -static void get_dom_info_recv_dcname(struct irpc_request *ireq); struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx, struct wbsrv_service *service, @@ -48,8 +46,7 @@ struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx, { struct composite_context *result, *ctx; struct get_dom_info_state *state; - struct nbt_name name; - + struct dom_sid *dup_sid; result = composite_create(mem_ctx, service->task->event_ctx); if (result == NULL) goto failed; @@ -58,24 +55,18 @@ struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx, state->ctx = result; result->private_data = state; - state->service = service; - state->info = talloc_zero(state, struct wb_dom_info); if (state->info == NULL) goto failed; - state->info->name = talloc_strdup(state->info, domain_name); - if (state->info->name == NULL) goto failed; - state->info->sid = dom_sid_dup(state->info, sid); - if (state->info->sid == NULL) goto failed; + dup_sid = dom_sid_dup(state, sid); + if (dup_sid == NULL) goto failed; - make_nbt_name(&name, state->info->name, NBT_NAME_LOGON); - - ctx = resolve_name_send(&name, result->event_ctx, - lp_name_resolve_order()); + ctx = finddcs_send(mem_ctx, domain_name, NBT_NAME_LOGON, + dup_sid, lp_name_resolve_order(), service->task->event_ctx, + service->task->msg_ctx); if (ctx == NULL) goto failed; - ctx->async.fn = get_dom_info_recv_addrs; - ctx->async.private_data = state; + composite_continue(state->ctx, ctx, get_dom_info_recv_addrs, state); return result; failed: @@ -88,48 +79,12 @@ static void get_dom_info_recv_addrs(struct composite_context *ctx) struct get_dom_info_state *state = talloc_get_type(ctx->async.private_data, struct get_dom_info_state); - struct server_id *nbt_servers; - struct irpc_request *ireq; - - state->ctx->status = resolve_name_recv(ctx, state->info, - &state->info->dc_address); - if (!composite_is_ok(state->ctx)) return; - - nbt_servers = irpc_servers_byname(state->service->task->msg_ctx, - state, "nbt_server"); - if ((nbt_servers == NULL) || (nbt_servers[0].id == 0)) { - composite_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS); - return; - } - - state->r.in.domainname = state->info->name; - state->r.in.ip_address = state->info->dc_address; - state->r.in.my_computername = lp_netbios_name(); - state->r.in.my_accountname = talloc_asprintf(state, "%s$", - lp_netbios_name()); - if (composite_nomem(state->r.in.my_accountname, state->ctx)) return; - state->r.in.account_control = ACB_WSTRUST; - state->r.in.domain_sid = dom_sid_dup(state, state->info->sid); - if (composite_nomem(state->r.in.domain_sid, state->ctx)) return; - - ireq = irpc_call_send(state->service->task->msg_ctx, nbt_servers[0], - &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME, - &state->r, state); - composite_continue_irpc(state->ctx, ireq, get_dom_info_recv_dcname, - state); -} - -static void get_dom_info_recv_dcname(struct irpc_request *ireq) -{ - struct get_dom_info_state *state = - talloc_get_type(ireq->async.private, - struct get_dom_info_state); - - state->ctx->status = irpc_call_recv(ireq); + state->ctx->status = finddcs_recv(ctx, state->info, + &state->info->num_dcs, + &state->info->dcs); if (!composite_is_ok(state->ctx)) return; - state->info->dc_name = talloc_steal(state->info, state->r.out.dcname); composite_done(state->ctx); } diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c index a25029eb21..0099d7a27c 100644 --- a/source4/winbind/wb_init_domain.c +++ b/source4/winbind/wb_init_domain.c @@ -31,6 +31,7 @@ #include "librpc/gen_ndr/ndr_netlogon.h" #include "librpc/gen_ndr/ndr_lsa_c.h" #include "librpc/gen_ndr/ndr_samr_c.h" +#include "libcli/libcli.h" #include "libcli/auth/credentials.h" #include "libcli/security/security.h" @@ -83,9 +84,10 @@ static struct dcerpc_binding *init_domain_binding(struct init_domain_state *stat { struct dcerpc_binding *binding; NTSTATUS status; + /* Make a binding string */ { - char *s = talloc_asprintf(state, "ncacn_np:%s", state->domain->info->dc_name); + char *s = talloc_asprintf(state, "ncacn_np:%s", state->domain->dc_name); if (s == NULL) return NULL; status = dcerpc_parse_binding(state, s, &binding); talloc_free(s); @@ -95,8 +97,8 @@ static struct dcerpc_binding *init_domain_binding(struct init_domain_state *stat } /* Alter binding to contain hostname, but also address (so we don't look it up twice) */ - binding->target_hostname = state->domain->info->dc_name; - binding->host = state->domain->info->dc_address; + binding->target_hostname = state->domain->dc_name; + binding->host = state->domain->dc_address; /* This shouldn't make a network call, as the mappings for named pipes are well known */ status = dcerpc_epm_map_binding(binding, binding, table, state->service->task->event_ctx); @@ -130,6 +132,17 @@ struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx, state->domain->info = talloc_reference(state->domain, dom_info); if (state->domain->info == NULL) goto failed; + /* Caller should check, but to be safe: */ + if (dom_info->num_dcs < 1) { + goto failed; + } + + /* For now, we just pick the first. The next step will be to + * walk the entire list. Also need to fix finddcs() to return + * the entire list */ + state->domain->dc_name = dom_info->dcs[0].name; + state->domain->dc_address = dom_info->dcs[0].address; + /* Create a credentials structure */ state->domain->schannel_creds = cli_credentials_init(state->domain); if (state->domain->schannel_creds == NULL) goto failed; @@ -377,7 +390,7 @@ static void init_domain_recv_samr(struct composite_context *ctx) composite_nomem(state->domain->ldap_conn, state->ctx); ldap_url = talloc_asprintf(state, "ldap://%s/", - state->domain->info->dc_address); + state->domain->dc_address); composite_nomem(ldap_url, state->ctx); ctx = ldap_connect_send(state->domain->ldap_conn, ldap_url); @@ -394,7 +407,7 @@ static void init_domain_recv_ldapconn(struct composite_context *ctx) if (NT_STATUS_IS_OK(state->ctx->status)) { state->domain->ldap_conn->host = talloc_strdup(state->domain->ldap_conn, - state->domain->info->dc_name); + state->domain->dc_name); state->ctx->status = ldap_bind_sasl(state->domain->ldap_conn, state->domain->schannel_creds); diff --git a/source4/winbind/wb_server.h b/source4/winbind/wb_server.h index 7d334193d4..3e851fbccc 100644 --- a/source4/winbind/wb_server.h +++ b/source4/winbind/wb_server.h @@ -49,9 +49,8 @@ struct wb_dom_info { const char *dns_name; const struct dom_sid *sid; - const char *dc_name; - const char *dc_dns_name; - const char *dc_address; + int num_dcs; + struct nbt_dc_name *dcs; }; struct wbsrv_domain { @@ -59,6 +58,10 @@ struct wbsrv_domain { struct wb_dom_info *info; + /* Details for the server we are currently talking to */ + const char *dc_address; + const char *dc_name; + struct dcerpc_pipe *lsa_pipe; struct policy_handle *lsa_policy_handle; struct dcerpc_binding *lsa_binding; |