From d9804ae3cc2c435f9983ca47f6f1b6b96e5c03ca Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 15 Apr 2009 15:40:00 -0700 Subject: Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+ What a difference a name makes... :-). Just because something is missnamed SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN, don't automatically use it for a security check in _samr_OpenDomain(). Jeremy. --- source3/utils/net_rpc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_rpc.c') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 21881ba6a9..ed7b2f043e 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -6102,7 +6102,7 @@ static int rpc_trustdom_list(struct net_context *c, int argc, const char **argv) /* SamrConnect2 */ nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx, pipe_hnd->desthost, - SAMR_ACCESS_OPEN_DOMAIN, + SAMR_ACCESS_LOOKUP_DOMAIN, &connect_hnd); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n", -- cgit From c0dfe0cf80ee50f395912b7d6aec0d87febd34c0 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 26 Mar 2009 20:29:24 +0100 Subject: s3:net_rpc: don't shutdown a cli_state passed from the caller This fixes a crash bug if we timeout in net rpc trustdom list. metze --- source3/utils/net_rpc.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'source3/utils/net_rpc.c') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index ed7b2f043e..0b662819ae 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -120,6 +120,7 @@ int run_rpc_command(struct net_context *c, NTSTATUS nt_status; DOM_SID *domain_sid; const char *domain_name; + int ret = -1; /* make use of cli_state handed over as an argument, if possible */ if (!cli_arg) { @@ -141,15 +142,13 @@ int run_rpc_command(struct net_context *c, if (!(mem_ctx = talloc_init("run_rpc_command"))) { DEBUG(0, ("talloc_init() failed\n")); - cli_shutdown(cli); - return -1; + goto fail; } nt_status = net_get_remote_domain_sid(cli, mem_ctx, &domain_sid, &domain_name); if (!NT_STATUS_IS_OK(nt_status)) { - cli_shutdown(cli); - return -1; + goto fail; } if (!(conn_flags & NET_FLAGS_NO_PIPE)) { @@ -164,8 +163,7 @@ int run_rpc_command(struct net_context *c, if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Could not initialise schannel netlogon pipe. Error was %s\n", nt_errstr(nt_status) )); - cli_shutdown(cli); - return -1; + goto fail; } } else { if (conn_flags & NET_FLAGS_SEAL) { @@ -183,8 +181,7 @@ int run_rpc_command(struct net_context *c, DEBUG(0, ("Could not initialise pipe %s. Error was %s\n", get_pipe_name_from_iface(interface), nt_errstr(nt_status) )); - cli_shutdown(cli); - return -1; + goto fail; } } } @@ -194,6 +191,7 @@ int run_rpc_command(struct net_context *c, if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(1, ("rpc command function failed! (%s)\n", nt_errstr(nt_status))); } else { + ret = 0; DEBUG(5, ("rpc command function succedded\n")); } @@ -203,13 +201,14 @@ int run_rpc_command(struct net_context *c, } } +fail: /* close the connection only if it was opened here */ if (!cli_arg) { cli_shutdown(cli); } talloc_destroy(mem_ctx); - return (!NT_STATUS_IS_OK(nt_status)); + return ret; } /** -- cgit