From 9593101ec118dd242bf25fabf3e17c58269e632c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 25 Sep 2005 21:01:56 +0000 Subject: r10491: First step towards wbinfo -t: This issues a name request for the primary domain and gets the DC's name via a mailslot call. Metze, I renamed wbsrv_queue_reply to wbsrv_send_reply in accordance with irpc_send_reply. Having _queue_ here and _send_ there is a bit confusing. And as everything is async anyway, the semantics should not be too much of a problem. Volker (This used to be commit 4637964b19c6e9f7d201b287e2d409d029fced01) --- source4/winbind/wb_async_helpers.c | 206 +++++++++++++++++++++++++++++++++++++ 1 file changed, 206 insertions(+) create mode 100644 source4/winbind/wb_async_helpers.c (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c new file mode 100644 index 0000000000..17efd06c81 --- /dev/null +++ b/source4/winbind/wb_async_helpers.c @@ -0,0 +1,206 @@ +/* + Unix SMB/CIFS implementation. + + Copyright (C) Volker Lendecke 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ +/* + a composite API for finding a DC and its name +*/ + +#include "includes.h" +#include "libcli/raw/libcliraw.h" +#include "libcli/composite/composite.h" +#include "winbind/wb_async_helpers.h" + +#include "librpc/gen_ndr/nbt.h" +#include "librpc/gen_ndr/samr.h" +#include "lib/messaging/irpc.h" +#include "librpc/gen_ndr/irpc.h" +#include "librpc/gen_ndr/ndr_irpc.h" + +struct finddcs_state { + struct wb_finddcs *io; + struct composite_context *creq; + + struct nbtd_getdcname *r; + struct irpc_request *ireq; +}; + +static void finddcs_getdc(struct irpc_request *req) +{ + struct composite_context *c = talloc_get_type(req->async.private, + struct composite_context); + struct finddcs_state *state = + talloc_get_type(c->private, struct finddcs_state); + + c->status = irpc_call_recv(req); + if (!NT_STATUS_IS_OK(c->status)) { + goto done; + } + + state->io->out.dcs[0].name = talloc_steal(state->io->out.dcs, + state->r->out.dcname); + + c->status = NT_STATUS_OK; + c->state = SMBCLI_REQUEST_DONE; + + done: + if (!NT_STATUS_IS_OK(c->status)) { + c->state = SMBCLI_REQUEST_ERROR; + } + + if (c->state >= SMBCLI_REQUEST_DONE && + c->async.fn) { + c->async.fn(c); + } +} + +/* + called when name resolution is finished +*/ +static void finddcs_resolve(struct composite_context *res_ctx) +{ + struct composite_context *c = talloc_get_type(res_ctx->async.private, + struct composite_context); + struct finddcs_state *state = + talloc_get_type(c->private, struct finddcs_state); + uint32_t *nbt_servers; + + state->io->out.num_dcs = 1; + state->io->out.dcs = talloc_array(state, struct nbt_dc_name, + state->io->out.num_dcs); + if (state->io->out.dcs == NULL) { + c->status = NT_STATUS_NO_MEMORY; + goto done; + } + + c->status = resolve_name_recv(res_ctx, state->io->out.dcs, + &state->io->out.dcs[0].address); + if (!NT_STATUS_IS_OK(c->status)) { + goto done; + } + + nbt_servers = irpc_servers_byname(state->io->in.msg_ctx, "nbt_server"); + if ((nbt_servers == NULL) || (nbt_servers[0] == 0)) { + c->status = NT_STATUS_NO_LOGON_SERVERS; + goto done; + } + + state->r = talloc(state, struct nbtd_getdcname); + if (state->r == NULL) { + c->status = NT_STATUS_NO_MEMORY; + goto done; + } + + state->r->in.domainname = talloc_strdup(state->r, lp_workgroup()); + state->r->in.ip_address = state->io->out.dcs[0].address; + state->r->in.my_computername = lp_netbios_name(); + state->r->in.my_accountname = talloc_asprintf(state->r, "%s$", + lp_netbios_name()); + state->r->in.account_control = ACB_WSTRUST; + state->r->in.domain_sid = secrets_get_domain_sid(state->r, + lp_workgroup()); + + if ((state->r->in.domainname == NULL) || + (state->r->in.my_accountname == NULL)) { + DEBUG(0, ("talloc failed\n")); + c->status = NT_STATUS_NO_MEMORY; + goto done; + } + if (state->r->in.domain_sid == NULL) { + c->status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + goto done; + } + + state->ireq = irpc_call_send(state->io->in.msg_ctx, nbt_servers[0], + &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME, + state->r, state); + + if (state->ireq == NULL) { + c->status = NT_STATUS_NO_MEMORY; + goto done; + } + + c->status = NT_STATUS_OK; + state->ireq->async.fn = finddcs_getdc; + state->ireq->async.private = c; + + done: + if (!NT_STATUS_IS_OK(c->status)) { + c->state = SMBCLI_REQUEST_ERROR; + } + + if (c->state >= SMBCLI_REQUEST_DONE && + c->async.fn) { + c->async.fn(c); + } +} + +struct composite_context *wb_finddcs_send(struct wb_finddcs *io, + struct event_context *event_ctx) +{ + struct composite_context *c; + struct finddcs_state *state; + struct nbt_name name; + + c = talloc_zero(NULL, struct composite_context); + if (c == NULL) goto failed; + c->state = SMBCLI_REQUEST_SEND; + c->event_ctx = event_ctx; + + state = talloc(c, struct finddcs_state); + if (state == NULL) goto failed; + + state->io = io; + + make_nbt_name(&name, io->in.domain, 0x1c); + state->creq = resolve_name_send(&name, c->event_ctx, + lp_name_resolve_order()); + + if (state->creq == NULL) goto failed; + state->creq->async.private = c; + state->creq->async.fn = finddcs_resolve; + c->private = state; + + return c; +failed: + talloc_free(c); + return NULL; +} + +NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx) +{ + NTSTATUS status; + + status = composite_wait(c); + + if (NT_STATUS_IS_OK(status)) { + struct finddcs_state *state = + talloc_get_type(c->private, struct finddcs_state); + talloc_steal(mem_ctx, state->io->out.dcs); + } + + talloc_free(c); + return status; +} + +NTSTATUS wb_finddcs(struct wb_finddcs *io, TALLOC_CTX *mem_ctx, + struct event_context *ev) +{ + struct composite_context *c = wb_finddcs_send(io, ev); + return wb_finddcs_recv(c, mem_ctx); +} -- cgit From ab4d635b92b116b02b88843b4ec4f5b7517bab1a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 26 Sep 2005 11:47:55 +0000 Subject: r10504: - seperate implementation specific stuff, from the generic composite stuff. - don't use SMBCLI_REQUEST_* state's in the genreic composite stuff - move monitor_fn to libnet. NOTE: I have maybe found some bugs, in code that is dirrectly in DONE or ERROR state in the _send() function. I haven't fixed this bugs in this commit! We may need some composite_trigger_*() functions or so. And maybe some other generic helper functions... metze (This used to be commit 4527815a0a9b96e460f301cb1f0c0b3964c166fc) --- source4/winbind/wb_async_helpers.c | 37 ++++++++++++++++++------------------- 1 file changed, 18 insertions(+), 19 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 17efd06c81..d6f2f1cac4 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -22,7 +22,6 @@ */ #include "includes.h" -#include "libcli/raw/libcliraw.h" #include "libcli/composite/composite.h" #include "winbind/wb_async_helpers.h" @@ -40,14 +39,14 @@ struct finddcs_state { struct irpc_request *ireq; }; -static void finddcs_getdc(struct irpc_request *req) +static void finddcs_getdc(struct irpc_request *ireq) { - struct composite_context *c = talloc_get_type(req->async.private, + struct composite_context *c = talloc_get_type(ireq->async.private, struct composite_context); - struct finddcs_state *state = - talloc_get_type(c->private, struct finddcs_state); + struct finddcs_state *state = talloc_get_type(c->private_data, + struct finddcs_state); - c->status = irpc_call_recv(req); + c->status = irpc_call_recv(ireq); if (!NT_STATUS_IS_OK(c->status)) { goto done; } @@ -56,14 +55,14 @@ static void finddcs_getdc(struct irpc_request *req) state->r->out.dcname); c->status = NT_STATUS_OK; - c->state = SMBCLI_REQUEST_DONE; + c->state = COMPOSITE_STATE_DONE; done: if (!NT_STATUS_IS_OK(c->status)) { - c->state = SMBCLI_REQUEST_ERROR; + c->state = COMPOSITE_STATE_ERROR; } - if (c->state >= SMBCLI_REQUEST_DONE && + if (c->state >= COMPOSITE_STATE_DONE && c->async.fn) { c->async.fn(c); } @@ -74,10 +73,10 @@ static void finddcs_getdc(struct irpc_request *req) */ static void finddcs_resolve(struct composite_context *res_ctx) { - struct composite_context *c = talloc_get_type(res_ctx->async.private, + struct composite_context *c = talloc_get_type(res_ctx->async.private_data, struct composite_context); - struct finddcs_state *state = - talloc_get_type(c->private, struct finddcs_state); + struct finddcs_state *state = talloc_get_type(c->private_data, + struct finddcs_state); uint32_t *nbt_servers; state->io->out.num_dcs = 1; @@ -141,10 +140,10 @@ static void finddcs_resolve(struct composite_context *res_ctx) done: if (!NT_STATUS_IS_OK(c->status)) { - c->state = SMBCLI_REQUEST_ERROR; + c->state = COMPOSITE_STATE_ERROR; } - if (c->state >= SMBCLI_REQUEST_DONE && + if (c->state >= COMPOSITE_STATE_DONE && c->async.fn) { c->async.fn(c); } @@ -159,7 +158,7 @@ struct composite_context *wb_finddcs_send(struct wb_finddcs *io, c = talloc_zero(NULL, struct composite_context); if (c == NULL) goto failed; - c->state = SMBCLI_REQUEST_SEND; + c->state = COMPOSITE_STATE_IN_PROGRESS; c->event_ctx = event_ctx; state = talloc(c, struct finddcs_state); @@ -172,9 +171,9 @@ struct composite_context *wb_finddcs_send(struct wb_finddcs *io, lp_name_resolve_order()); if (state->creq == NULL) goto failed; - state->creq->async.private = c; + state->creq->async.private_data = c; state->creq->async.fn = finddcs_resolve; - c->private = state; + c->private_data = state; return c; failed: @@ -189,8 +188,8 @@ NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx) status = composite_wait(c); if (NT_STATUS_IS_OK(status)) { - struct finddcs_state *state = - talloc_get_type(c->private, struct finddcs_state); + struct finddcs_state *state = talloc_get_type(c->private_data, + struct finddcs_state); talloc_steal(mem_ctx, state->io->out.dcs); } -- cgit From 33834e2dda513681dc952e5a983cecb5871e3417 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 1 Oct 2005 16:36:04 +0000 Subject: r10675: Connect to the DC's IPC$ Volker (This used to be commit c7557884843a5b2bac9e21ec81cafcaadf436bca) --- source4/winbind/wb_async_helpers.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index d6f2f1cac4..a802f0e45e 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -66,6 +66,7 @@ static void finddcs_getdc(struct irpc_request *ireq) c->async.fn) { c->async.fn(c); } + talloc_free(ireq); } /* -- cgit From e5c6a3e36147103e87d1c55173f4b54ba6134904 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 3 Oct 2005 13:46:11 +0000 Subject: r10683: Samba3's wbinfo -t should give the correct answer now. Tridge, if you have time, you might want to look at the segfault I was still seeing. Now I store the handle to the netlogon pipe in the global winbind state and free it on the next entry into check_machacc. The problem seems to be that talloc_free()ing a pipe struct from within a callback function on that pipe is not possible. I think I can live with that, but it has been not really obvious. To reproduce the segfault you might want to look at putting a talloc_free(state->getcreds->out.netlogon) into wbsrv_samba3_check_machacc_receive_creds. This is called from a dcerpc callback function. In particular if the check failed it would be nice if I could delete the pipe directly and not post a different event to some winbind queue. I tried to delete the pipe from a timed event triggered immediately, but this also fails because the inner loop seems to hit the same event again, calling it twice. Volker (This used to be commit 5436d7764812bb632ba865e633005ed07923b57f) --- source4/winbind/wb_async_helpers.c | 224 ++++++++++++++++++++++++++++++++++++- 1 file changed, 223 insertions(+), 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index a802f0e45e..7d7d2b6929 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -30,6 +30,10 @@ #include "lib/messaging/irpc.h" #include "librpc/gen_ndr/irpc.h" #include "librpc/gen_ndr/ndr_irpc.h" +#include "libcli/raw/libcliraw.h" +#include "librpc/rpc/dcerpc_composite.h" +#include "librpc/gen_ndr/ndr_netlogon.h" +#include "libcli/auth/credentials.h" struct finddcs_state { struct wb_finddcs *io; @@ -164,7 +168,6 @@ struct composite_context *wb_finddcs_send(struct wb_finddcs *io, state = talloc(c, struct finddcs_state); if (state == NULL) goto failed; - state->io = io; make_nbt_name(&name, io->in.domain, 0x1c); @@ -204,3 +207,222 @@ NTSTATUS wb_finddcs(struct wb_finddcs *io, TALLOC_CTX *mem_ctx, struct composite_context *c = wb_finddcs_send(io, ev); return wb_finddcs_recv(c, mem_ctx); } + +struct get_schannel_creds_state { + struct composite_context *ctx; + struct dcerpc_pipe *p; + struct wb_get_schannel_creds *io; + struct netr_ServerReqChallenge *r; + + struct creds_CredentialState creds_state; + struct netr_Credential netr_cred; + uint32_t negotiate_flags; + struct netr_ServerAuthenticate2 *a; +}; + +static void get_schannel_creds_recv_auth(struct rpc_request *req); +static void get_schannel_creds_recv_chal(struct rpc_request *req); +static void get_schannel_creds_recv_pipe(struct composite_context *ctx); + +struct composite_context *wb_get_schannel_creds_send(struct wb_get_schannel_creds *io, + struct event_context *ev) +{ + struct composite_context *result, *ctx; + struct get_schannel_creds_state *state; + + result = talloc_zero(NULL, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = ev; + + state = talloc(result, struct get_schannel_creds_state); + if (state == NULL) goto failed; + result->private_data = state; + + state->io = io; + + state->p = dcerpc_pipe_init(state, ev); + if (state->p == NULL) goto failed; + + ctx = dcerpc_pipe_open_smb_send(state->p->conn, state->io->in.tree, + "\\netlogon"); + if (ctx == NULL) goto failed; + + ctx->async.fn = get_schannel_creds_recv_pipe; + ctx->async.private_data = state; + state->ctx = result; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void get_schannel_creds_recv_pipe(struct composite_context *ctx) +{ + struct get_schannel_creds_state *state = + talloc_get_type(ctx->async.private_data, + struct get_schannel_creds_state); + struct rpc_request *req; + + state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + state->ctx->status = dcerpc_bind_auth_none(state->p, + DCERPC_NETLOGON_UUID, + DCERPC_NETLOGON_VERSION); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + state->r = talloc(state, struct netr_ServerReqChallenge); + if (state->r == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + state->r->in.computer_name = + cli_credentials_get_workstation(state->io->in.creds); + state->r->in.server_name = + talloc_asprintf(state->r, "\\\\%s", + dcerpc_server_name(state->p)); + state->r->in.credentials = talloc(state->r, struct netr_Credential); + state->r->out.credentials = talloc(state->r, struct netr_Credential); + + if ((state->r->in.server_name == NULL) || + (state->r->in.credentials == NULL) || + (state->r->out.credentials == NULL)) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + generate_random_buffer(state->r->in.credentials->data, + sizeof(state->r->in.credentials->data)); + + req = dcerpc_netr_ServerReqChallenge_send(state->p, state, state->r); + if (req == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + req->async.callback = get_schannel_creds_recv_chal; + req->async.private = state; + return; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +static void get_schannel_creds_recv_chal(struct rpc_request *req) +{ + struct get_schannel_creds_state *state = + talloc_get_type(req->async.private, + struct get_schannel_creds_state); + const struct samr_Password *mach_pwd; + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + state->ctx->status = state->r->out.result; + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + mach_pwd = cli_credentials_get_nt_hash(state->io->in.creds, state); + if (mach_pwd == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + state->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; + + creds_client_init(&state->creds_state, state->r->in.credentials, + state->r->out.credentials, mach_pwd, + &state->netr_cred, state->negotiate_flags); + + state->a = talloc(state, struct netr_ServerAuthenticate2); + if (state->a == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + state->a->in.server_name = + talloc_reference(state->a, state->r->in.server_name); + state->a->in.account_name = + cli_credentials_get_username(state->io->in.creds); + state->a->in.secure_channel_type = + cli_credentials_get_secure_channel_type(state->io->in.creds); + state->a->in.computer_name = + cli_credentials_get_workstation(state->io->in.creds); + state->a->in.negotiate_flags = &state->negotiate_flags; + state->a->out.negotiate_flags = &state->negotiate_flags; + state->a->in.credentials = &state->netr_cred; + state->a->out.credentials = &state->netr_cred; + + req = dcerpc_netr_ServerAuthenticate2_send(state->p, state, state->a); + if (req == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + req->async.callback = get_schannel_creds_recv_auth; + req->async.private = state; + return; + + state->io->out.netlogon = state->p; + state->ctx->state = COMPOSITE_STATE_DONE; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +static void get_schannel_creds_recv_auth(struct rpc_request *req) +{ + struct get_schannel_creds_state *state = + talloc_get_type(req->async.private, + struct get_schannel_creds_state); + + state->ctx->status = dcerpc_ndr_request_recv(req); + DEBUG(5, ("result: %s\n", nt_errstr(state->ctx->status))); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + state->ctx->status = state->a->out.result; + DEBUG(5, ("result: %s\n", nt_errstr(state->ctx->status))); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + state->ctx->state = COMPOSITE_STATE_DONE; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +NTSTATUS wb_get_schannel_creds_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx) +{ + NTSTATUS status = composite_wait(c); + struct get_schannel_creds_state *state = + talloc_get_type(c->private_data, + struct get_schannel_creds_state); + state->io->out.netlogon = talloc_steal(mem_ctx, state->p); + talloc_free(c); + return status; +} + +NTSTATUS wb_get_schannel_creds(struct wb_get_schannel_creds *io, + TALLOC_CTX *mem_ctx, + struct event_context *ev) +{ + struct composite_context *c = wb_get_schannel_creds_send(io, ev); + return wb_get_schannel_creds_recv(c, mem_ctx); +} -- cgit From 3fece92b9d542b89629032b38f404def0436ef9f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 3 Oct 2005 15:19:08 +0000 Subject: r10687: Another one... (This used to be commit d18f7edf92e8420f30cae01649d18f0ae20a80aa) --- source4/winbind/wb_async_helpers.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 7d7d2b6929..89286bccf1 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -31,7 +31,6 @@ #include "librpc/gen_ndr/irpc.h" #include "librpc/gen_ndr/ndr_irpc.h" #include "libcli/raw/libcliraw.h" -#include "librpc/rpc/dcerpc_composite.h" #include "librpc/gen_ndr/ndr_netlogon.h" #include "libcli/auth/credentials.h" -- cgit From 012893cb421d77efc538c9f4c78b2421aef3f06e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 3 Oct 2005 17:36:49 +0000 Subject: r10691: This gets half-way to wbinfo -n. It acquires an lsa pipe, and does a queryinfopolicy. Idea is to get a consistency check between that and our notion of the domain name and sid, and take the lsa pipe as the holder of the central smbcli_tree that netlogon and samr use as well. Volker (This used to be commit 126c80aefc4f53c4ba79afc12d70602ef9055ddb) --- source4/winbind/wb_async_helpers.c | 328 ++++++++++++++++++++++++++++++++++++- 1 file changed, 323 insertions(+), 5 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 89286bccf1..e03c6bccef 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -23,6 +23,7 @@ #include "includes.h" #include "libcli/composite/composite.h" +#include "libcli/smb_composite/smb_composite.h" #include "winbind/wb_async_helpers.h" #include "librpc/gen_ndr/nbt.h" @@ -32,6 +33,7 @@ #include "librpc/gen_ndr/ndr_irpc.h" #include "libcli/raw/libcliraw.h" #include "librpc/gen_ndr/ndr_netlogon.h" +#include "librpc/gen_ndr/ndr_lsa.h" #include "libcli/auth/credentials.h" struct finddcs_state { @@ -213,7 +215,7 @@ struct get_schannel_creds_state { struct wb_get_schannel_creds *io; struct netr_ServerReqChallenge *r; - struct creds_CredentialState creds_state; + struct creds_CredentialState *creds_state; struct netr_Credential netr_cred; uint32_t negotiate_flags; struct netr_ServerAuthenticate2 *a; @@ -327,15 +329,16 @@ static void get_schannel_creds_recv_chal(struct rpc_request *req) state->ctx->status = state->r->out.result; if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + state->creds_state = talloc(state, struct creds_CredentialState); mach_pwd = cli_credentials_get_nt_hash(state->io->in.creds, state); - if (mach_pwd == NULL) { + if ((state->creds_state == NULL) || (mach_pwd == NULL)) { state->ctx->status = NT_STATUS_NO_MEMORY; goto done; } state->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; - creds_client_init(&state->creds_state, state->r->in.credentials, + creds_client_init(state->creds_state, state->r->in.credentials, state->r->out.credentials, mach_pwd, &state->netr_cred, state->negotiate_flags); @@ -388,12 +391,20 @@ static void get_schannel_creds_recv_auth(struct rpc_request *req) struct get_schannel_creds_state); state->ctx->status = dcerpc_ndr_request_recv(req); - DEBUG(5, ("result: %s\n", nt_errstr(state->ctx->status))); if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; state->ctx->status = state->a->out.result; - DEBUG(5, ("result: %s\n", nt_errstr(state->ctx->status))); if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!creds_client_check(state->creds_state, + state->a->out.credentials)) { + DEBUG(5, ("Server got us invalid creds\n")); + state->ctx->status = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + cli_credentials_set_netlogon_creds(state->io->in.creds, + state->creds_state); + state->ctx->state = COMPOSITE_STATE_DONE; done: @@ -425,3 +436,310 @@ NTSTATUS wb_get_schannel_creds(struct wb_get_schannel_creds *io, struct composite_context *c = wb_get_schannel_creds_send(io, ev); return wb_get_schannel_creds_recv(c, mem_ctx); } + +struct get_lsa_pipe_state { + struct composite_context *ctx; + struct wb_get_lsa_pipe *io; + struct wb_finddcs *finddcs; + struct smb_composite_connect *conn; + struct dcerpc_pipe *lsa_pipe; + + struct lsa_ObjectAttribute objectattr; + struct lsa_OpenPolicy2 openpolicy; + struct policy_handle policy_handle; + + struct lsa_QueryInfoPolicy queryinfo; + + struct lsa_Close close; +}; + +static void get_lsa_pipe_recv_dcs(struct composite_context *ctx); +static void get_lsa_pipe_recv_tree(struct composite_context *ctx); +static void get_lsa_pipe_recv_pipe(struct composite_context *ctx); +static void get_lsa_pipe_recv_openpol(struct rpc_request *req); +static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req); +static void get_lsa_pipe_recv_close(struct rpc_request *req); + +struct composite_context *wb_get_lsa_pipe_send(struct wb_get_lsa_pipe *io) +{ + struct composite_context *result, *ctx; + struct get_lsa_pipe_state *state; + + result = talloc_zero(NULL, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = io->in.event_ctx; + + state = talloc(result, struct get_lsa_pipe_state); + if (state == NULL) goto failed; + result->private_data = state; + + state->io = io; + + state->finddcs = talloc(state, struct wb_finddcs); + if (state->finddcs == NULL) goto failed; + + state->finddcs->in.msg_ctx = io->in.msg_ctx; + state->finddcs->in.domain = lp_workgroup(); + + ctx = wb_finddcs_send(state->finddcs, io->in.event_ctx); + if (ctx == NULL) goto failed; + + ctx->async.fn = get_lsa_pipe_recv_dcs; + ctx->async.private_data = state; + state->ctx = result; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void get_lsa_pipe_recv_dcs(struct composite_context *ctx) +{ + struct get_lsa_pipe_state *state = + talloc_get_type(ctx->async.private_data, + struct get_lsa_pipe_state); + + state->ctx->status = wb_finddcs_recv(ctx, state); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + state->conn = talloc(state, struct smb_composite_connect); + if (state->conn == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + state->conn->in.dest_host = state->finddcs->out.dcs[0].address; + state->conn->in.port = 0; + state->conn->in.called_name = state->finddcs->out.dcs[0].name; + state->conn->in.service = "IPC$"; + state->conn->in.service_type = "IPC"; + state->conn->in.workgroup = lp_workgroup(); + + state->conn->in.credentials = cli_credentials_init(state->conn); + if (state->conn->in.credentials == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + cli_credentials_set_conf(state->conn->in.credentials); + cli_credentials_set_anonymous(state->conn->in.credentials); + + ctx = smb_composite_connect_send(state->conn, state, + state->ctx->event_ctx); + if (ctx == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + ctx->async.fn = get_lsa_pipe_recv_tree; + ctx->async.private_data = state; + return; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +static void get_lsa_pipe_recv_tree(struct composite_context *ctx) +{ + struct get_lsa_pipe_state *state = + talloc_get_type(ctx->async.private_data, + struct get_lsa_pipe_state); + + state->ctx->status = smb_composite_connect_recv(ctx, state); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + state->lsa_pipe = dcerpc_pipe_init(state, state->ctx->event_ctx); + if (state->lsa_pipe == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + ctx = dcerpc_pipe_open_smb_send(state->lsa_pipe->conn, + state->conn->out.tree, "\\lsarpc"); + if (ctx == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + ctx->async.fn = get_lsa_pipe_recv_pipe; + ctx->async.private_data = state; + return; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +static void get_lsa_pipe_recv_pipe(struct composite_context *ctx) +{ + struct get_lsa_pipe_state *state = + talloc_get_type(ctx->async.private_data, + struct get_lsa_pipe_state); + struct rpc_request *req; + + state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + talloc_unlink(state, state->conn->out.tree); /* The pipe owns it now */ + state->conn->out.tree = NULL; + + state->ctx->status = dcerpc_bind_auth_none(state->lsa_pipe, + DCERPC_LSARPC_UUID, + DCERPC_LSARPC_VERSION); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + ZERO_STRUCT(state->openpolicy); + state->openpolicy.in.system_name = + talloc_asprintf(state, "\\\\%s", + dcerpc_server_name(state->lsa_pipe)); + ZERO_STRUCT(state->objectattr); + state->openpolicy.in.attr = &state->objectattr; + state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + state->openpolicy.out.handle = &state->policy_handle; + + req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state, + &state->openpolicy); + if (req == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + req->async.callback = get_lsa_pipe_recv_openpol; + req->async.private = state; + return; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +static void get_lsa_pipe_recv_openpol(struct rpc_request *req) +{ + struct get_lsa_pipe_state *state = + talloc_get_type(req->async.private, struct get_lsa_pipe_state); + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + state->ctx->status = state->openpolicy.out.result; + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + ZERO_STRUCT(state->queryinfo); + state->queryinfo.in.handle = &state->policy_handle; + state->queryinfo.in.level = LSA_POLICY_INFO_ACCOUNT_DOMAIN; + + req = dcerpc_lsa_QueryInfoPolicy_send(state->lsa_pipe, state, + &state->queryinfo); + if (req == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + req->async.callback = get_lsa_pipe_recv_queryinfo; + req->async.private = state; + return; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req) +{ + struct get_lsa_pipe_state *state = + talloc_get_type(req->async.private, struct get_lsa_pipe_state); + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + state->ctx->status = state->queryinfo.out.result; + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + ZERO_STRUCT(state->close); + state->close.in.handle = &state->policy_handle; + state->close.out.handle = &state->policy_handle; + + req = dcerpc_lsa_Close_send(state->lsa_pipe, state, + &state->close); + if (req == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + req->async.callback = get_lsa_pipe_recv_close; + req->async.private = state; + return; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +static void get_lsa_pipe_recv_close(struct rpc_request *req) +{ + struct get_lsa_pipe_state *state = + talloc_get_type(req->async.private, struct get_lsa_pipe_state); + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + state->ctx->status = state->close.out.result; + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + state->ctx->state = COMPOSITE_STATE_DONE; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx) +{ + NTSTATUS status = composite_wait(c); + struct get_lsa_pipe_state *state = + talloc_get_type(c->private_data, + struct get_lsa_pipe_state); + state->io->out.domain_sid = + talloc_steal(mem_ctx, state->queryinfo.out.info->domain.sid); + state->io->out.pipe = + talloc_steal(mem_ctx, state->lsa_pipe); + talloc_free(c); + return status; +} + +NTSTATUS wb_get_lsa_pipe(struct wb_get_lsa_pipe *io, + TALLOC_CTX *mem_ctx) +{ + struct composite_context *c = wb_get_lsa_pipe_send(io); + return wb_get_lsa_pipe_recv(c, mem_ctx); +} -- cgit From b1b6eb7b67542c656e1c087ba590c4269f867772 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 7 Oct 2005 19:08:51 +0000 Subject: r10825: Complete wbinfo -n (This used to be commit 1afa893506f3d7157e251eec9baeba28dc011587) --- source4/winbind/wb_async_helpers.c | 323 ++++++++++++++++++++++++++++++++++++- 1 file changed, 317 insertions(+), 6 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index e03c6bccef..4899f232a2 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -241,6 +241,7 @@ struct composite_context *wb_get_schannel_creds_send(struct wb_get_schannel_cred result->private_data = state; state->io = io; + state->ctx = result; state->p = dcerpc_pipe_init(state, ev); if (state->p == NULL) goto failed; @@ -251,7 +252,6 @@ struct composite_context *wb_get_schannel_creds_send(struct wb_get_schannel_cred ctx->async.fn = get_schannel_creds_recv_pipe; ctx->async.private_data = state; - state->ctx = result; return result; failed: @@ -475,6 +475,7 @@ struct composite_context *wb_get_lsa_pipe_send(struct wb_get_lsa_pipe *io) result->private_data = state; state->io = io; + state->ctx = result; state->finddcs = talloc(state, struct wb_finddcs); if (state->finddcs == NULL) goto failed; @@ -487,7 +488,6 @@ struct composite_context *wb_get_lsa_pipe_send(struct wb_get_lsa_pipe *io) ctx->async.fn = get_lsa_pipe_recv_dcs; ctx->async.private_data = state; - state->ctx = result; return result; failed: @@ -729,10 +729,14 @@ NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c, struct get_lsa_pipe_state *state = talloc_get_type(c->private_data, struct get_lsa_pipe_state); - state->io->out.domain_sid = - talloc_steal(mem_ctx, state->queryinfo.out.info->domain.sid); - state->io->out.pipe = - talloc_steal(mem_ctx, state->lsa_pipe); + if (NT_STATUS_IS_OK(status)) { + state->io->out.domain_sid = + talloc_steal(mem_ctx, + state->queryinfo.out.info->domain.sid); + state->io->out.pipe = + talloc_steal(mem_ctx, + state->lsa_pipe); + } talloc_free(c); return status; } @@ -743,3 +747,310 @@ NTSTATUS wb_get_lsa_pipe(struct wb_get_lsa_pipe *io, struct composite_context *c = wb_get_lsa_pipe_send(io); return wb_get_lsa_pipe_recv(c, mem_ctx); } + +struct lsa_lookupnames_state { + struct composite_context *ctx; + uint32_t num_names; + struct lsa_LookupNames r; + struct lsa_TransSidArray sids; + uint32_t count; + struct wb_sid_object **result; +}; + +static void lsa_lookupnames_recv_sids(struct rpc_request *req); + +struct composite_context *wb_lsa_lookupnames_send(struct dcerpc_pipe *lsa_pipe, + struct policy_handle *handle, + int num_names, + const char **names) +{ + struct composite_context *result; + struct rpc_request *req; + struct lsa_lookupnames_state *state; + + struct lsa_String *lsa_names; + int i; + + result = talloc_zero(NULL, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = lsa_pipe->conn->event_ctx; + + state = talloc(result, struct lsa_lookupnames_state); + if (state == NULL) goto failed; + result->private_data = state; + + state->sids.count = 0; + state->sids.sids = NULL; + state->num_names = num_names; + state->count = 0; + + lsa_names = talloc_array(state, struct lsa_String, num_names); + if (lsa_names == NULL) goto failed; + + for (i=0; ir.in.handle = handle; + state->r.in.num_names = num_names; + state->r.in.names = lsa_names; + state->r.in.sids = &state->sids; + state->r.in.level = 1; + state->r.in.count = &state->count; + state->r.out.count = &state->count; + state->r.out.sids = &state->sids; + + req = dcerpc_lsa_LookupNames_send(lsa_pipe, state, &state->r); + if (req == NULL) goto failed; + + req->async.callback = lsa_lookupnames_recv_sids; + req->async.private = state; + state->ctx = result; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void lsa_lookupnames_recv_sids(struct rpc_request *req) +{ + struct lsa_lookupnames_state *state = + talloc_get_type(req->async.private, + struct lsa_lookupnames_state); + int i; + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + state->ctx->status = state->r.out.result; + if (!NT_STATUS_IS_OK(state->ctx->status) && + !NT_STATUS_EQUAL(state->ctx->status, STATUS_SOME_UNMAPPED)) { + goto done; + } + + state->result = talloc_array(state, struct wb_sid_object *, + state->num_names); + if (state->result == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + for (i=0; inum_names; i++) { + struct lsa_TranslatedSid *sid = &state->r.out.sids->sids[i]; + struct lsa_TrustInformation *dom; + + state->result[i] = talloc_zero(state->result, + struct wb_sid_object); + if (state->result[i] == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + state->result[i]->type = sid->sid_type; + if (state->result[i]->type == SID_NAME_UNKNOWN) { + continue; + } + + if (sid->sid_index >= state->r.out.domains->count) { + state->ctx->status = NT_STATUS_INVALID_PARAMETER; + goto done; + } + + dom = &state->r.out.domains->domains[sid->sid_index]; + + state->result[i]->sid = dom_sid_add_rid(state->result[i], + dom->sid, sid->rid); + } + + state->ctx->state = COMPOSITE_STATE_DONE; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct wb_sid_object ***sids) +{ + NTSTATUS status = composite_wait(c); + if (NT_STATUS_IS_OK(status)) { + struct lsa_lookupnames_state *state = + talloc_get_type(c->private_data, + struct lsa_lookupnames_state); + *sids = talloc_steal(mem_ctx, state->result); + } + talloc_free(c); + return status; +} + +NTSTATUS wb_lsa_lookupnames(struct dcerpc_pipe *lsa_pipe, + struct policy_handle *handle, + int num_names, const char **names, + TALLOC_CTX *mem_ctx, + struct wb_sid_object ***sids) +{ + struct composite_context *c = + wb_lsa_lookupnames_send(lsa_pipe, handle, num_names, names); + return wb_lsa_lookupnames_recv(c, mem_ctx, sids); +} + +struct lsa_lookupname_state { + struct composite_context *ctx; + struct dcerpc_pipe *lsa_pipe; + const char *name; + struct wb_sid_object *sid; + + struct lsa_ObjectAttribute objectattr; + struct lsa_OpenPolicy2 openpolicy; + struct policy_handle policy_handle; + struct lsa_Close close; +}; + +static void lsa_lookupname_recv_open(struct rpc_request *req); +static void lsa_lookupname_recv_sids(struct composite_context *ctx); + +struct composite_context *wb_lsa_lookupname_send(struct dcerpc_pipe *lsa_pipe, + const char *name) +{ + struct composite_context *result; + struct rpc_request *req; + struct lsa_lookupname_state *state; + + result = talloc_zero(NULL, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = lsa_pipe->conn->event_ctx; + + state = talloc(result, struct lsa_lookupname_state); + if (state == NULL) goto failed; + result->private_data = state; + + state->lsa_pipe = lsa_pipe; + state->name = talloc_strdup(state, name); + if (state->name == NULL) goto failed; + state->ctx = result; + + ZERO_STRUCT(state->openpolicy); + state->openpolicy.in.system_name = + talloc_asprintf(state, "\\\\%s", + dcerpc_server_name(state->lsa_pipe)); + ZERO_STRUCT(state->objectattr); + state->openpolicy.in.attr = &state->objectattr; + state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + state->openpolicy.out.handle = &state->policy_handle; + + req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state, + &state->openpolicy); + if (req == NULL) goto failed; + + req->async.callback = lsa_lookupname_recv_open; + req->async.private = state; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void lsa_lookupname_recv_open(struct rpc_request *req) +{ + struct lsa_lookupname_state *state = + talloc_get_type(req->async.private, + struct lsa_lookupname_state); + struct composite_context *ctx; + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + state->ctx->status = state->openpolicy.out.result; + if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + + ctx = wb_lsa_lookupnames_send(state->lsa_pipe, &state->policy_handle, + 1, &state->name); + if (ctx == NULL) { + state->ctx->status = NT_STATUS_NO_MEMORY; + goto done; + } + + ctx->async.fn = lsa_lookupname_recv_sids; + ctx->async.private_data = state; + return; + + done: + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +static void lsa_lookupname_recv_sids(struct composite_context *ctx) +{ + struct lsa_lookupname_state *state = + talloc_get_type(ctx->async.private_data, + struct lsa_lookupname_state); + struct rpc_request *req; + struct wb_sid_object **sids; + + state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids); + + if (NT_STATUS_IS_OK(state->ctx->status)) { + state->sid = NULL; + if (sids != NULL) { + state->sid = sids[0]; + } + } + + ZERO_STRUCT(state->close); + state->close.in.handle = &state->policy_handle; + state->close.out.handle = &state->policy_handle; + + req = dcerpc_lsa_Close_send(state->lsa_pipe, state, + &state->close); + if (req != NULL) { + req->async.callback = + (void(*)(struct rpc_request *))talloc_free; + } + + state->ctx->state = COMPOSITE_STATE_DONE; + + if (!NT_STATUS_IS_OK(state->ctx->status)) { + state->ctx->state = COMPOSITE_STATE_ERROR; + } + if ((state->ctx->state >= COMPOSITE_STATE_DONE) && + (state->ctx->async.fn != NULL)) { + state->ctx->async.fn(state->ctx); + } +} + +NTSTATUS wb_lsa_lookupname_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct wb_sid_object **sid) +{ + NTSTATUS status = composite_wait(c); + if (NT_STATUS_IS_OK(status)) { + struct lsa_lookupname_state *state = + talloc_get_type(c->private_data, + struct lsa_lookupname_state); + *sid = talloc_steal(mem_ctx, state->sid); + } + talloc_free(c); + return status; +} + +NTSTATUS wb_lsa_lookupname(struct dcerpc_pipe *lsa_pipe, const char *name, + TALLOC_CTX *mem_ctx, struct wb_sid_object **sid) +{ + struct composite_context *c = + wb_lsa_lookupname_send(lsa_pipe, name); + return wb_lsa_lookupname_recv(c, mem_ctx, sid); +} + -- cgit From e0c11738ae9cf6a2fd3c3d8f4ec036f615f1f472 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 8 Oct 2005 16:25:00 +0000 Subject: r10834: Work in progress on winbind. With some helper routines the composite functions start to look sane. Question: What about providing all winbind commands as irpc interfaces that are called from the samba3 compatibility layer? This way it would be easy for other samba components to access its functionality. Does that make sense? Volker (This used to be commit 2a6b8053859ea5690f90a8d2074d2bb4f06551f8) --- source4/winbind/wb_async_helpers.c | 800 ++++++++++++++++++++----------------- 1 file changed, 444 insertions(+), 356 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 4899f232a2..d77e4d12ad 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -25,6 +25,8 @@ #include "libcli/composite/composite.h" #include "libcli/smb_composite/smb_composite.h" #include "winbind/wb_async_helpers.h" +#include "winbind/wb_server.h" +#include "smbd/service_stream.h" #include "librpc/gen_ndr/nbt.h" #include "librpc/gen_ndr/samr.h" @@ -36,6 +38,61 @@ #include "librpc/gen_ndr/ndr_lsa.h" #include "libcli/auth/credentials.h" +static BOOL comp_is_ok(struct composite_context *ctx) +{ + if (NT_STATUS_IS_OK(ctx->status)) { + return True; + } + ctx->state = COMPOSITE_STATE_ERROR; + if (ctx->async.fn != NULL) { + ctx->async.fn(ctx); + } + return False; +} + +static void comp_error(struct composite_context *ctx, NTSTATUS status) +{ + ctx->status = status; + SMB_ASSERT(!comp_is_ok(ctx)); +} + +static BOOL comp_nomem(const void *p, struct composite_context *ctx) +{ + if (p != NULL) { + return False; + } + comp_error(ctx, NT_STATUS_NO_MEMORY); + return True; +} + +static void comp_done(struct composite_context *ctx) +{ + ctx->state = COMPOSITE_STATE_DONE; + if (ctx->async.fn != NULL) { + ctx->async.fn(ctx); + } +} + +static void comp_cont(struct composite_context *ctx, + struct composite_context *new_ctx, + void (*continuation)(struct composite_context *), + void *private_data) +{ + if (comp_nomem(new_ctx, ctx)) return; + new_ctx->async.fn = continuation; + new_ctx->async.private_data = private_data; +} + +static void rpc_cont(struct composite_context *ctx, + struct rpc_request *new_req, + void (*continuation)(struct rpc_request *), + void *private_data) +{ + if (comp_nomem(new_req, ctx)) return; + new_req->async.callback = continuation; + new_req->async.private = private_data; +} + struct finddcs_state { struct wb_finddcs *io; struct composite_context *creq; @@ -52,26 +109,11 @@ static void finddcs_getdc(struct irpc_request *ireq) struct finddcs_state); c->status = irpc_call_recv(ireq); - if (!NT_STATUS_IS_OK(c->status)) { - goto done; - } + if (!comp_is_ok(c)) return; state->io->out.dcs[0].name = talloc_steal(state->io->out.dcs, state->r->out.dcname); - - c->status = NT_STATUS_OK; - c->state = COMPOSITE_STATE_DONE; - - done: - if (!NT_STATUS_IS_OK(c->status)) { - c->state = COMPOSITE_STATE_ERROR; - } - - if (c->state >= COMPOSITE_STATE_DONE && - c->async.fn) { - c->async.fn(c); - } - talloc_free(ireq); + comp_done(c); } /* @@ -88,71 +130,45 @@ static void finddcs_resolve(struct composite_context *res_ctx) state->io->out.num_dcs = 1; state->io->out.dcs = talloc_array(state, struct nbt_dc_name, state->io->out.num_dcs); - if (state->io->out.dcs == NULL) { - c->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->io->out.dcs, c)) return; c->status = resolve_name_recv(res_ctx, state->io->out.dcs, &state->io->out.dcs[0].address); - if (!NT_STATUS_IS_OK(c->status)) { - goto done; - } + if (!comp_is_ok(c)) return; nbt_servers = irpc_servers_byname(state->io->in.msg_ctx, "nbt_server"); if ((nbt_servers == NULL) || (nbt_servers[0] == 0)) { - c->status = NT_STATUS_NO_LOGON_SERVERS; - goto done; + comp_error(c, NT_STATUS_NO_LOGON_SERVERS); + return; } state->r = talloc(state, struct nbtd_getdcname); - if (state->r == NULL) { - c->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->r, c)) return; state->r->in.domainname = talloc_strdup(state->r, lp_workgroup()); + if (comp_nomem(state->r->in.domainname, c)) return; state->r->in.ip_address = state->io->out.dcs[0].address; state->r->in.my_computername = lp_netbios_name(); - state->r->in.my_accountname = talloc_asprintf(state->r, "%s$", - lp_netbios_name()); + state->r->in.my_accountname = + talloc_asprintf(state->r, "%s$", lp_netbios_name()); + if (comp_nomem(state->r->in.my_accountname, c)) return; state->r->in.account_control = ACB_WSTRUST; - state->r->in.domain_sid = secrets_get_domain_sid(state->r, - lp_workgroup()); + state->r->in.domain_sid = + secrets_get_domain_sid(state->r, lp_workgroup()); - if ((state->r->in.domainname == NULL) || - (state->r->in.my_accountname == NULL)) { - DEBUG(0, ("talloc failed\n")); - c->status = NT_STATUS_NO_MEMORY; - goto done; - } if (state->r->in.domain_sid == NULL) { - c->status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; - goto done; + comp_error(c, NT_STATUS_CANT_ACCESS_DOMAIN_INFO); + return; } state->ireq = irpc_call_send(state->io->in.msg_ctx, nbt_servers[0], &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME, state->r, state); - - if (state->ireq == NULL) { - c->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->ireq, c)) return; c->status = NT_STATUS_OK; state->ireq->async.fn = finddcs_getdc; state->ireq->async.private = c; - - done: - if (!NT_STATUS_IS_OK(c->status)) { - c->state = COMPOSITE_STATE_ERROR; - } - - if (c->state >= COMPOSITE_STATE_DONE && - c->async.fn) { - c->async.fn(c); - } } struct composite_context *wb_finddcs_send(struct wb_finddcs *io, @@ -211,21 +227,22 @@ NTSTATUS wb_finddcs(struct wb_finddcs *io, TALLOC_CTX *mem_ctx, struct get_schannel_creds_state { struct composite_context *ctx; + struct cli_credentials *wks_creds; struct dcerpc_pipe *p; - struct wb_get_schannel_creds *io; - struct netr_ServerReqChallenge *r; + struct netr_ServerReqChallenge r; struct creds_CredentialState *creds_state; struct netr_Credential netr_cred; uint32_t negotiate_flags; - struct netr_ServerAuthenticate2 *a; + struct netr_ServerAuthenticate2 a; }; static void get_schannel_creds_recv_auth(struct rpc_request *req); static void get_schannel_creds_recv_chal(struct rpc_request *req); static void get_schannel_creds_recv_pipe(struct composite_context *ctx); -struct composite_context *wb_get_schannel_creds_send(struct wb_get_schannel_creds *io, +struct composite_context *wb_get_schannel_creds_send(struct cli_credentials *wks_creds, + struct smbcli_tree *tree, struct event_context *ev) { struct composite_context *result, *ctx; @@ -239,15 +256,14 @@ struct composite_context *wb_get_schannel_creds_send(struct wb_get_schannel_cred state = talloc(result, struct get_schannel_creds_state); if (state == NULL) goto failed; result->private_data = state; - - state->io = io; state->ctx = result; + state->wks_creds = wks_creds; + state->p = dcerpc_pipe_init(state, ev); if (state->p == NULL) goto failed; - ctx = dcerpc_pipe_open_smb_send(state->p->conn, state->io->in.tree, - "\\netlogon"); + ctx = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon"); if (ctx == NULL) goto failed; ctx->async.fn = get_schannel_creds_recv_pipe; @@ -267,54 +283,32 @@ static void get_schannel_creds_recv_pipe(struct composite_context *ctx) struct rpc_request *req; state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; state->ctx->status = dcerpc_bind_auth_none(state->p, DCERPC_NETLOGON_UUID, DCERPC_NETLOGON_VERSION); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; - state->r = talloc(state, struct netr_ServerReqChallenge); - if (state->r == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - state->r->in.computer_name = - cli_credentials_get_workstation(state->io->in.creds); - state->r->in.server_name = - talloc_asprintf(state->r, "\\\\%s", + ZERO_STRUCT(state->r); + state->r.in.computer_name = + cli_credentials_get_workstation(state->wks_creds); + state->r.in.server_name = + talloc_asprintf(state, "\\\\%s", dcerpc_server_name(state->p)); - state->r->in.credentials = talloc(state->r, struct netr_Credential); - state->r->out.credentials = talloc(state->r, struct netr_Credential); + if (comp_nomem(state->r.in.server_name, state->ctx)) return; - if ((state->r->in.server_name == NULL) || - (state->r->in.credentials == NULL) || - (state->r->out.credentials == NULL)) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - generate_random_buffer(state->r->in.credentials->data, - sizeof(state->r->in.credentials->data)); + state->r.in.credentials = talloc(state, struct netr_Credential); + if (comp_nomem(state->r.in.credentials, state->ctx)) return; - req = dcerpc_netr_ServerReqChallenge_send(state->p, state, state->r); - if (req == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } + state->r.out.credentials = talloc(state, struct netr_Credential); + if (comp_nomem(state->r.out.credentials, state->ctx)) return; - req->async.callback = get_schannel_creds_recv_chal; - req->async.private = state; - return; + generate_random_buffer(state->r.in.credentials->data, + sizeof(state->r.in.credentials->data)); - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + req = dcerpc_netr_ServerReqChallenge_send(state->p, state, &state->r); + rpc_cont(state->ctx, req, get_schannel_creds_recv_chal, state); } static void get_schannel_creds_recv_chal(struct rpc_request *req) @@ -325,63 +319,38 @@ static void get_schannel_creds_recv_chal(struct rpc_request *req) const struct samr_Password *mach_pwd; state->ctx->status = dcerpc_ndr_request_recv(req); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; - state->ctx->status = state->r->out.result; - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; + state->ctx->status = state->r.out.result; + if (!comp_is_ok(state->ctx)) return; state->creds_state = talloc(state, struct creds_CredentialState); - mach_pwd = cli_credentials_get_nt_hash(state->io->in.creds, state); - if ((state->creds_state == NULL) || (mach_pwd == NULL)) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->creds_state, state->ctx)) return; + + mach_pwd = cli_credentials_get_nt_hash(state->wks_creds, state); + if (comp_nomem(mach_pwd, state->ctx)) return; state->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; - creds_client_init(state->creds_state, state->r->in.credentials, - state->r->out.credentials, mach_pwd, + creds_client_init(state->creds_state, state->r.in.credentials, + state->r.out.credentials, mach_pwd, &state->netr_cred, state->negotiate_flags); - state->a = talloc(state, struct netr_ServerAuthenticate2); - if (state->a == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - state->a->in.server_name = - talloc_reference(state->a, state->r->in.server_name); - state->a->in.account_name = - cli_credentials_get_username(state->io->in.creds); - state->a->in.secure_channel_type = - cli_credentials_get_secure_channel_type(state->io->in.creds); - state->a->in.computer_name = - cli_credentials_get_workstation(state->io->in.creds); - state->a->in.negotiate_flags = &state->negotiate_flags; - state->a->out.negotiate_flags = &state->negotiate_flags; - state->a->in.credentials = &state->netr_cred; - state->a->out.credentials = &state->netr_cred; - - req = dcerpc_netr_ServerAuthenticate2_send(state->p, state, state->a); - if (req == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - req->async.callback = get_schannel_creds_recv_auth; - req->async.private = state; - return; - - state->io->out.netlogon = state->p; - state->ctx->state = COMPOSITE_STATE_DONE; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + ZERO_STRUCT(state->a); + state->a.in.server_name = + talloc_reference(state, state->r.in.server_name); + state->a.in.account_name = + cli_credentials_get_username(state->wks_creds); + state->a.in.secure_channel_type = + cli_credentials_get_secure_channel_type(state->wks_creds); + state->a.in.computer_name = + cli_credentials_get_workstation(state->wks_creds); + state->a.in.negotiate_flags = &state->negotiate_flags; + state->a.out.negotiate_flags = &state->negotiate_flags; + state->a.in.credentials = &state->netr_cred; + state->a.out.credentials = &state->netr_cred; + + req = dcerpc_netr_ServerAuthenticate2_send(state->p, state, &state->a); + rpc_cont(state->ctx, req, get_schannel_creds_recv_auth, state); } static void get_schannel_creds_recv_auth(struct rpc_request *req) @@ -392,18 +361,17 @@ static void get_schannel_creds_recv_auth(struct rpc_request *req) state->ctx->status = dcerpc_ndr_request_recv(req); if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; - state->ctx->status = state->a->out.result; + state->ctx->status = state->a.out.result; if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; if (!creds_client_check(state->creds_state, - state->a->out.credentials)) { + state->a.out.credentials)) { DEBUG(5, ("Server got us invalid creds\n")); state->ctx->status = NT_STATUS_UNSUCCESSFUL; goto done; } - cli_credentials_set_netlogon_creds(state->io->in.creds, - state->creds_state); + cli_credentials_set_netlogon_creds(state->wks_creds, state->creds_state); state->ctx->state = COMPOSITE_STATE_DONE; @@ -418,28 +386,35 @@ static void get_schannel_creds_recv_auth(struct rpc_request *req) } NTSTATUS wb_get_schannel_creds_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx) + TALLOC_CTX *mem_ctx, + struct dcerpc_pipe **netlogon_pipe) { NTSTATUS status = composite_wait(c); - struct get_schannel_creds_state *state = - talloc_get_type(c->private_data, - struct get_schannel_creds_state); - state->io->out.netlogon = talloc_steal(mem_ctx, state->p); + if (NT_STATUS_IS_OK(status)) { + struct get_schannel_creds_state *state = + talloc_get_type(c->private_data, + struct get_schannel_creds_state); + *netlogon_pipe = talloc_steal(mem_ctx, state->p); + } talloc_free(c); return status; } -NTSTATUS wb_get_schannel_creds(struct wb_get_schannel_creds *io, +NTSTATUS wb_get_schannel_creds(struct cli_credentials *wks_creds, + struct smbcli_tree *tree, + struct event_context *event_ctx, TALLOC_CTX *mem_ctx, - struct event_context *ev) + struct dcerpc_pipe **netlogon_pipe) { - struct composite_context *c = wb_get_schannel_creds_send(io, ev); - return wb_get_schannel_creds_recv(c, mem_ctx); + struct composite_context *c = + wb_get_schannel_creds_send(wks_creds, tree, event_ctx); + return wb_get_schannel_creds_recv(c, mem_ctx, netlogon_pipe); } struct get_lsa_pipe_state { struct composite_context *ctx; - struct wb_get_lsa_pipe *io; + const char *domain; + struct wb_finddcs *finddcs; struct smb_composite_connect *conn; struct dcerpc_pipe *lsa_pipe; @@ -460,7 +435,9 @@ static void get_lsa_pipe_recv_openpol(struct rpc_request *req); static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req); static void get_lsa_pipe_recv_close(struct rpc_request *req); -struct composite_context *wb_get_lsa_pipe_send(struct wb_get_lsa_pipe *io) +struct composite_context *wb_get_lsa_pipe_send(struct event_context *event_ctx, + struct messaging_context *msg_ctx, + const char *domain) { struct composite_context *result, *ctx; struct get_lsa_pipe_state *state; @@ -468,22 +445,22 @@ struct composite_context *wb_get_lsa_pipe_send(struct wb_get_lsa_pipe *io) result = talloc_zero(NULL, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; - result->event_ctx = io->in.event_ctx; + result->event_ctx = event_ctx; state = talloc(result, struct get_lsa_pipe_state); if (state == NULL) goto failed; result->private_data = state; - - state->io = io; state->ctx = result; + state->domain = domain; + state->finddcs = talloc(state, struct wb_finddcs); if (state->finddcs == NULL) goto failed; - state->finddcs->in.msg_ctx = io->in.msg_ctx; + state->finddcs->in.msg_ctx = msg_ctx; state->finddcs->in.domain = lp_workgroup(); - ctx = wb_finddcs_send(state->finddcs, io->in.event_ctx); + ctx = wb_finddcs_send(state->finddcs, event_ctx); if (ctx == NULL) goto failed; ctx->async.fn = get_lsa_pipe_recv_dcs; @@ -502,13 +479,10 @@ static void get_lsa_pipe_recv_dcs(struct composite_context *ctx) struct get_lsa_pipe_state); state->ctx->status = wb_finddcs_recv(ctx, state); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; state->conn = talloc(state, struct smb_composite_connect); - if (state->conn == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->conn, state->ctx)) return; state->conn->in.dest_host = state->finddcs->out.dcs[0].address; state->conn->in.port = 0; @@ -518,32 +492,13 @@ static void get_lsa_pipe_recv_dcs(struct composite_context *ctx) state->conn->in.workgroup = lp_workgroup(); state->conn->in.credentials = cli_credentials_init(state->conn); - if (state->conn->in.credentials == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->conn->in.credentials, state->ctx)) return; cli_credentials_set_conf(state->conn->in.credentials); cli_credentials_set_anonymous(state->conn->in.credentials); ctx = smb_composite_connect_send(state->conn, state, state->ctx->event_ctx); - if (ctx == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - ctx->async.fn = get_lsa_pipe_recv_tree; - ctx->async.private_data = state; - return; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + comp_cont(state->ctx, ctx, get_lsa_pipe_recv_tree, state); } static void get_lsa_pipe_recv_tree(struct composite_context *ctx) @@ -553,33 +508,14 @@ static void get_lsa_pipe_recv_tree(struct composite_context *ctx) struct get_lsa_pipe_state); state->ctx->status = smb_composite_connect_recv(ctx, state); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; state->lsa_pipe = dcerpc_pipe_init(state, state->ctx->event_ctx); - if (state->lsa_pipe == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->lsa_pipe, state->ctx)) return; ctx = dcerpc_pipe_open_smb_send(state->lsa_pipe->conn, state->conn->out.tree, "\\lsarpc"); - if (ctx == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - ctx->async.fn = get_lsa_pipe_recv_pipe; - ctx->async.private_data = state; - return; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + comp_cont(state->ctx, ctx, get_lsa_pipe_recv_pipe, state); } static void get_lsa_pipe_recv_pipe(struct composite_context *ctx) @@ -590,7 +526,7 @@ static void get_lsa_pipe_recv_pipe(struct composite_context *ctx) struct rpc_request *req; state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; talloc_unlink(state, state->conn->out.tree); /* The pipe owns it now */ state->conn->out.tree = NULL; @@ -598,12 +534,14 @@ static void get_lsa_pipe_recv_pipe(struct composite_context *ctx) state->ctx->status = dcerpc_bind_auth_none(state->lsa_pipe, DCERPC_LSARPC_UUID, DCERPC_LSARPC_VERSION); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; ZERO_STRUCT(state->openpolicy); state->openpolicy.in.system_name = talloc_asprintf(state, "\\\\%s", dcerpc_server_name(state->lsa_pipe)); + if (comp_nomem(state->openpolicy.in.system_name, state->ctx)) return; + ZERO_STRUCT(state->objectattr); state->openpolicy.in.attr = &state->objectattr; state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; @@ -611,23 +549,7 @@ static void get_lsa_pipe_recv_pipe(struct composite_context *ctx) req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state, &state->openpolicy); - if (req == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - req->async.callback = get_lsa_pipe_recv_openpol; - req->async.private = state; - return; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + rpc_cont(state->ctx, req, get_lsa_pipe_recv_openpol, state); } static void get_lsa_pipe_recv_openpol(struct rpc_request *req) @@ -636,9 +558,9 @@ static void get_lsa_pipe_recv_openpol(struct rpc_request *req) talloc_get_type(req->async.private, struct get_lsa_pipe_state); state->ctx->status = dcerpc_ndr_request_recv(req); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; state->ctx->status = state->openpolicy.out.result; - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; ZERO_STRUCT(state->queryinfo); state->queryinfo.in.handle = &state->policy_handle; @@ -646,23 +568,7 @@ static void get_lsa_pipe_recv_openpol(struct rpc_request *req) req = dcerpc_lsa_QueryInfoPolicy_send(state->lsa_pipe, state, &state->queryinfo); - if (req == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - req->async.callback = get_lsa_pipe_recv_queryinfo; - req->async.private = state; - return; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + rpc_cont(state->ctx, req, get_lsa_pipe_recv_queryinfo, state); } static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req) @@ -671,9 +577,9 @@ static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req) talloc_get_type(req->async.private, struct get_lsa_pipe_state); state->ctx->status = dcerpc_ndr_request_recv(req); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; state->ctx->status = state->queryinfo.out.result; - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; ZERO_STRUCT(state->close); state->close.in.handle = &state->policy_handle; @@ -681,23 +587,7 @@ static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req) req = dcerpc_lsa_Close_send(state->lsa_pipe, state, &state->close); - if (req == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - req->async.callback = get_lsa_pipe_recv_close; - req->async.private = state; - return; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + rpc_cont(state->ctx, req, get_lsa_pipe_recv_close, state); } static void get_lsa_pipe_recv_close(struct rpc_request *req) @@ -706,46 +596,39 @@ static void get_lsa_pipe_recv_close(struct rpc_request *req) talloc_get_type(req->async.private, struct get_lsa_pipe_state); state->ctx->status = dcerpc_ndr_request_recv(req); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; state->ctx->status = state->close.out.result; - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; - - state->ctx->state = COMPOSITE_STATE_DONE; + if (!comp_is_ok(state->ctx)) return; - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + comp_done(state->ctx); } -NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx) +NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, + struct dom_sid **sid, struct dcerpc_pipe **pipe) { NTSTATUS status = composite_wait(c); - struct get_lsa_pipe_state *state = - talloc_get_type(c->private_data, - struct get_lsa_pipe_state); if (NT_STATUS_IS_OK(status)) { - state->io->out.domain_sid = - talloc_steal(mem_ctx, - state->queryinfo.out.info->domain.sid); - state->io->out.pipe = - talloc_steal(mem_ctx, - state->lsa_pipe); + struct get_lsa_pipe_state *state = + talloc_get_type(c->private_data, + struct get_lsa_pipe_state); + *sid = talloc_steal(mem_ctx, + state->queryinfo.out.info->domain.sid); + *pipe = talloc_steal(mem_ctx, state->lsa_pipe); } talloc_free(c); return status; } -NTSTATUS wb_get_lsa_pipe(struct wb_get_lsa_pipe *io, - TALLOC_CTX *mem_ctx) +NTSTATUS wb_get_lsa_pipe(struct event_context *event_ctx, + struct messaging_context *msg_ctx, + const char *domain, + TALLOC_CTX *mem_ctx, + struct dom_sid **sid, + struct dcerpc_pipe **pipe) { - struct composite_context *c = wb_get_lsa_pipe_send(io); - return wb_get_lsa_pipe_recv(c, mem_ctx); + struct composite_context *c = + wb_get_lsa_pipe_send(event_ctx, msg_ctx, domain); + return wb_get_lsa_pipe_recv(c, mem_ctx, sid, pipe); } struct lsa_lookupnames_state { @@ -779,6 +662,7 @@ struct composite_context *wb_lsa_lookupnames_send(struct dcerpc_pipe *lsa_pipe, state = talloc(result, struct lsa_lookupnames_state); if (state == NULL) goto failed; result->private_data = state; + state->ctx = result; state->sids.count = 0; state->sids.sids = NULL; @@ -806,7 +690,6 @@ struct composite_context *wb_lsa_lookupnames_send(struct dcerpc_pipe *lsa_pipe, req->async.callback = lsa_lookupnames_recv_sids; req->async.private = state; - state->ctx = result; return result; failed: @@ -822,19 +705,17 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) int i; state->ctx->status = dcerpc_ndr_request_recv(req); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; state->ctx->status = state->r.out.result; if (!NT_STATUS_IS_OK(state->ctx->status) && !NT_STATUS_EQUAL(state->ctx->status, STATUS_SOME_UNMAPPED)) { - goto done; + comp_error(state->ctx, state->ctx->status); + return; } state->result = talloc_array(state, struct wb_sid_object *, state->num_names); - if (state->result == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->result, state->ctx)) return; for (i=0; inum_names; i++) { struct lsa_TranslatedSid *sid = &state->r.out.sids->sids[i]; @@ -842,10 +723,7 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) state->result[i] = talloc_zero(state->result, struct wb_sid_object); - if (state->result[i] == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } + if (comp_nomem(state->result[i], state->ctx)) return; state->result[i]->type = sid->sid_type; if (state->result[i]->type == SID_NAME_UNKNOWN) { @@ -853,8 +731,8 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) } if (sid->sid_index >= state->r.out.domains->count) { - state->ctx->status = NT_STATUS_INVALID_PARAMETER; - goto done; + comp_error(state->ctx, NT_STATUS_INVALID_PARAMETER); + return; } dom = &state->r.out.domains->domains[sid->sid_index]; @@ -863,16 +741,7 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) dom->sid, sid->rid); } - state->ctx->state = COMPOSITE_STATE_DONE; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + comp_done(state->ctx); } NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c, @@ -967,29 +836,13 @@ static void lsa_lookupname_recv_open(struct rpc_request *req) struct composite_context *ctx; state->ctx->status = dcerpc_ndr_request_recv(req); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; state->ctx->status = state->openpolicy.out.result; - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!comp_is_ok(state->ctx)) return; ctx = wb_lsa_lookupnames_send(state->lsa_pipe, &state->policy_handle, 1, &state->name); - if (ctx == NULL) { - state->ctx->status = NT_STATUS_NO_MEMORY; - goto done; - } - - ctx->async.fn = lsa_lookupname_recv_sids; - ctx->async.private_data = state; - return; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + comp_cont(state->ctx, ctx, lsa_lookupname_recv_sids, state); } static void lsa_lookupname_recv_sids(struct composite_context *ctx) @@ -1020,15 +873,7 @@ static void lsa_lookupname_recv_sids(struct composite_context *ctx) (void(*)(struct rpc_request *))talloc_free; } - state->ctx->state = COMPOSITE_STATE_DONE; - - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + comp_done(state->ctx); } NTSTATUS wb_lsa_lookupname_recv(struct composite_context *c, @@ -1054,3 +899,246 @@ NTSTATUS wb_lsa_lookupname(struct dcerpc_pipe *lsa_pipe, const char *name, return wb_lsa_lookupname_recv(c, mem_ctx, sid); } +struct cmd_lookupname_state { + struct composite_context *ctx; + struct wbsrv_call *call; + const char *name; + struct wb_sid_object *result; +}; + +static void cmd_lookupname_recv_lsa(struct composite_context *ctx); +static void cmd_lookupname_recv_sid(struct composite_context *ctx); + +struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, + const char *name) +{ + struct composite_context *result, *ctx; + struct cmd_lookupname_state *state; + struct wbsrv_service *service = call->wbconn->listen_socket->service; + + result = talloc_zero(call, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = call->event_ctx; + + state = talloc(result, struct cmd_lookupname_state); + if (state == NULL) goto failed; + state->ctx = result; + result->private_data = state; + + state->call = call; + state->name = talloc_strdup(state, name); + + if (service->lsa_pipe != NULL) { + ctx = wb_lsa_lookupname_send(service->lsa_pipe, name); + if (ctx == NULL) goto failed; + ctx->async.fn = cmd_lookupname_recv_sid; + ctx->async.private_data = state; + return result; + } + + ctx = wb_get_lsa_pipe_send(result->event_ctx, + call->wbconn->conn->msg_ctx, + lp_workgroup()); + if (ctx == NULL) goto failed; + ctx->async.fn = cmd_lookupname_recv_lsa; + ctx->async.private_data = state; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void cmd_lookupname_recv_lsa(struct composite_context *ctx) +{ + struct cmd_lookupname_state *state = + talloc_get_type(ctx->async.private_data, + struct cmd_lookupname_state); + struct wbsrv_service *service = + state->call->wbconn->listen_socket->service; + + struct dom_sid *sid; + struct dcerpc_pipe *pipe; + + state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &sid, &pipe); + if (!comp_is_ok(state->ctx)) return; + + if (service->lsa_pipe == NULL) { + /* Only put the new pipe in if nobody else was faster. */ + service->lsa_pipe = talloc_steal(service, pipe); + } + + ctx = wb_lsa_lookupname_send(service->lsa_pipe, state->name); + comp_cont(state->ctx, ctx, cmd_lookupname_recv_sid, state); +} + +static void cmd_lookupname_recv_sid(struct composite_context *ctx) +{ + struct cmd_lookupname_state *state = + talloc_get_type(ctx->async.private_data, + struct cmd_lookupname_state); + + state->ctx->status = wb_lsa_lookupname_recv(ctx, state, + &state->result); + if (!comp_is_ok(state->ctx)) return; + + comp_done(state->ctx); +} + +NTSTATUS wb_cmd_lookupname_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct wb_sid_object **sid) +{ + NTSTATUS status = composite_wait(c); + if (NT_STATUS_IS_OK(status)) { + struct cmd_lookupname_state *state = + talloc_get_type(c->private_data, + struct cmd_lookupname_state); + *sid = talloc_steal(mem_ctx, state->result); + } + talloc_free(c); + return status; +} + +NTSTATUS wb_cmd_lookupname(struct wbsrv_call *call, const char *name, + TALLOC_CTX *mem_ctx, struct wb_sid_object **sid) +{ + struct composite_context *c = + wb_cmd_lookupname_send(call, name); + return wb_cmd_lookupname_recv(c, mem_ctx, sid); +} + +struct cmd_checkmachacc_state { + struct composite_context *ctx; + struct wbsrv_call *call; + struct cli_credentials *wks_creds; +}; + +static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx); +static void cmd_checkmachacc_recv_creds(struct composite_context *ctx); + +struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) +{ + struct composite_context *result, *ctx; + struct cmd_checkmachacc_state *state; + struct wbsrv_service *service = call->wbconn->listen_socket->service; + + result = talloc(call, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = call->event_ctx; + + state = talloc(result, struct cmd_checkmachacc_state); + if (state == NULL) goto failed; + state->ctx = result; + result->private_data = state; + state->call = call; + + state->wks_creds = cli_credentials_init(state); + if (state->wks_creds == NULL) goto failed; + + cli_credentials_set_conf(state->wks_creds); + + state->ctx->status = + cli_credentials_set_machine_account(state->wks_creds); + if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; + + if (service->netlogon_pipe != NULL) { + talloc_free(service->netlogon_pipe); + service->netlogon_pipe = NULL; + } + + if (service->lsa_pipe != NULL) { + struct smbcli_tree *tree = + dcerpc_smb_tree(service->lsa_pipe->conn); + + if (tree == NULL) goto failed; + + ctx = wb_get_schannel_creds_send(state->wks_creds, tree, + result->event_ctx); + if (ctx == NULL) goto failed; + + ctx->async.fn = cmd_checkmachacc_recv_creds; + ctx->async.private_data = state; + return result; + } + + ctx = wb_get_lsa_pipe_send(result->event_ctx, + call->wbconn->conn->msg_ctx, + lp_workgroup()); + if (ctx == NULL) goto failed; + ctx->async.fn = cmd_checkmachacc_recv_lsa; + ctx->async.private_data = state; + + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx) +{ + struct cmd_checkmachacc_state *state = + talloc_get_type(ctx->async.private_data, + struct cmd_checkmachacc_state); + struct wbsrv_service *service = + state->call->wbconn->listen_socket->service; + + struct dom_sid *sid; + struct dcerpc_pipe *pipe; + struct smbcli_tree *tree; + + state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &sid, &pipe); + if (!comp_is_ok(state->ctx)) return; + + if (service->lsa_pipe == NULL) { + service->lsa_pipe = talloc_steal(service, pipe); + } + + tree = dcerpc_smb_tree(service->lsa_pipe->conn); + + if (tree == NULL) { + comp_error(state->ctx, NT_STATUS_INVALID_PARAMETER); + return; + } + + ctx = wb_get_schannel_creds_send(state->wks_creds, tree, + state->ctx->event_ctx); + comp_cont(state->ctx, ctx, cmd_checkmachacc_recv_creds, state); +} + +static void cmd_checkmachacc_recv_creds(struct composite_context *ctx) +{ + struct cmd_checkmachacc_state *state = + talloc_get_type(ctx->async.private_data, + struct cmd_checkmachacc_state); + struct wbsrv_service *service = + state->call->wbconn->listen_socket->service; + struct dcerpc_pipe *pipe; + + state->ctx->status = wb_get_schannel_creds_recv(ctx, state, &pipe); + if (!comp_is_ok(state->ctx)) return; + + if (service->netlogon_pipe != NULL) { + /* Someone else was faster, we need to replace it with our + * pipe */ + talloc_free(service->netlogon_pipe); + } + + service->netlogon_pipe = talloc_steal(service, pipe); + + comp_done(state->ctx); +} + +NTSTATUS wb_cmd_checkmachacc_recv(struct composite_context *c) +{ + return composite_wait(c); +} + +NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) +{ + struct composite_context *c = wb_cmd_checkmachacc_send(call); + return wb_cmd_checkmachacc_recv(c); +} -- cgit From c8cb36f08daf1563c3b7737552f1ff134ed05980 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 8 Oct 2005 17:45:27 +0000 Subject: r10838: Get us an schannel'ed netlogon pipe. Abartlet, now I think I need some assistance to implement the pam auth & crap auth calls. Volker (This used to be commit 90a30c8b6585ed48b50e6aed75f3ecfd3543bbdc) --- source4/winbind/wb_async_helpers.c | 136 +++++++++++++++++++++++++++++++++---- 1 file changed, 123 insertions(+), 13 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index d77e4d12ad..5009cf4824 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -1012,7 +1012,6 @@ NTSTATUS wb_cmd_lookupname(struct wbsrv_call *call, const char *name, struct cmd_checkmachacc_state { struct composite_context *ctx; struct wbsrv_call *call; - struct cli_credentials *wks_creds; }; static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx); @@ -1035,18 +1034,22 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) result->private_data = state; state->call = call; - state->wks_creds = cli_credentials_init(state); - if (state->wks_creds == NULL) goto failed; + if (service->schannel_creds != NULL) { + talloc_free(service->schannel_creds); + } + + service->schannel_creds = cli_credentials_init(service); + if (service->schannel_creds == NULL) goto failed; - cli_credentials_set_conf(state->wks_creds); + cli_credentials_set_conf(service->schannel_creds); state->ctx->status = - cli_credentials_set_machine_account(state->wks_creds); + cli_credentials_set_machine_account(service->schannel_creds); if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; - if (service->netlogon_pipe != NULL) { - talloc_free(service->netlogon_pipe); - service->netlogon_pipe = NULL; + if (service->netlogon_auth2_pipe != NULL) { + talloc_free(service->netlogon_auth2_pipe); + service->netlogon_auth2_pipe = NULL; } if (service->lsa_pipe != NULL) { @@ -1055,7 +1058,7 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) if (tree == NULL) goto failed; - ctx = wb_get_schannel_creds_send(state->wks_creds, tree, + ctx = wb_get_schannel_creds_send(service->schannel_creds, tree, result->event_ctx); if (ctx == NULL) goto failed; @@ -1104,7 +1107,7 @@ static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx) return; } - ctx = wb_get_schannel_creds_send(state->wks_creds, tree, + ctx = wb_get_schannel_creds_send(service->schannel_creds, tree, state->ctx->event_ctx); comp_cont(state->ctx, ctx, cmd_checkmachacc_recv_creds, state); } @@ -1121,13 +1124,13 @@ static void cmd_checkmachacc_recv_creds(struct composite_context *ctx) state->ctx->status = wb_get_schannel_creds_recv(ctx, state, &pipe); if (!comp_is_ok(state->ctx)) return; - if (service->netlogon_pipe != NULL) { + if (service->netlogon_auth2_pipe != NULL) { /* Someone else was faster, we need to replace it with our * pipe */ - talloc_free(service->netlogon_pipe); + talloc_free(service->netlogon_auth2_pipe); } - service->netlogon_pipe = talloc_steal(service, pipe); + service->netlogon_auth2_pipe = talloc_steal(service, pipe); comp_done(state->ctx); } @@ -1142,3 +1145,110 @@ NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) struct composite_context *c = wb_cmd_checkmachacc_send(call); return wb_cmd_checkmachacc_recv(c); } + +struct get_netlogon_pipe_state { + struct composite_context *ctx; + struct wbsrv_call *call; + struct dcerpc_pipe *p; +}; + +static void get_netlogon_pipe_recv_machacc(struct composite_context *ctx); +static void get_netlogon_pipe_recv_pipe(struct composite_context *ctx); + +struct composite_context *wb_get_netlogon_pipe_send(struct wbsrv_call *call) +{ + struct composite_context *result, *ctx; + struct get_netlogon_pipe_state *state; + struct wbsrv_service *service = call->wbconn->listen_socket->service; + + result = talloc(call, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = call->event_ctx; + + state = talloc(result, struct get_netlogon_pipe_state); + if (state == NULL) goto failed; + state->ctx = result; + result->private_data = state; + state->call = call; + + if (service->netlogon_pipe != NULL) { + talloc_free(service->netlogon_pipe); + service->netlogon_pipe = NULL; + } + + ctx = wb_cmd_checkmachacc_send(call); + if (ctx == NULL) goto failed; + ctx->async.fn = get_netlogon_pipe_recv_machacc; + ctx->async.private_data = state; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void get_netlogon_pipe_recv_machacc(struct composite_context *ctx) +{ + struct get_netlogon_pipe_state *state = + talloc_get_type(ctx->async.private_data, + struct get_netlogon_pipe_state); + struct wbsrv_service *service = + state->call->wbconn->listen_socket->service; + + struct smbcli_tree *tree = NULL; + + state->ctx->status = wb_cmd_checkmachacc_recv(ctx); + if (!comp_is_ok(state->ctx)) return; + + state->p = dcerpc_pipe_init(state, state->ctx->event_ctx); + if (comp_nomem(state->p, state->ctx)) return; + + if (service->lsa_pipe != NULL) { + tree = dcerpc_smb_tree(service->lsa_pipe->conn); + } + + if (tree == NULL) { + comp_error(state->ctx, NT_STATUS_INTERNAL_ERROR); + return; + } + + ctx = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon"); + comp_cont(state->ctx, ctx, get_netlogon_pipe_recv_pipe, state); +} + +static void get_netlogon_pipe_recv_pipe(struct composite_context *ctx) +{ + struct get_netlogon_pipe_state *state = + talloc_get_type(ctx->async.private_data, + struct get_netlogon_pipe_state); + struct wbsrv_service *service = + state->call->wbconn->listen_socket->service; + + state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); + if (!comp_is_ok(state->ctx)) return; + + state->p->conn->flags |= (DCERPC_SIGN | DCERPC_SEAL); + state->ctx->status = + dcerpc_bind_auth_password(state->p, + DCERPC_NETLOGON_UUID, + DCERPC_NETLOGON_VERSION, + service->schannel_creds, + DCERPC_AUTH_TYPE_SCHANNEL, + NULL); + if (!comp_is_ok(state->ctx)) return; + + service->netlogon_pipe = talloc_steal(service, state->p); + comp_done(state->ctx); +} + +NTSTATUS wb_get_netlogon_pipe_recv(struct composite_context *c) +{ + return composite_wait(c); +} + +NTSTATUS wb_get_netlogon_pipe(struct wbsrv_call *call) +{ + struct composite_context *c = wb_get_netlogon_pipe_send(call); + return wb_get_netlogon_pipe_recv(c); +} -- cgit From b468ba1386166cfe2f026051b205468de1c6103e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 9 Oct 2005 12:50:35 +0000 Subject: r10846: Create a "wbsrv_domain", change wb_finddcs to the style of the rest of the async helpers. Volker (This used to be commit 10585ba4e81e979a03aec747db6fc059978fa566) --- source4/winbind/wb_async_helpers.c | 393 ++++++++++++++++++++----------------- 1 file changed, 213 insertions(+), 180 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 5009cf4824..73361e2eeb 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -93,136 +93,146 @@ static void rpc_cont(struct composite_context *ctx, new_req->async.private = private_data; } +static void irpc_cont(struct composite_context *ctx, + struct irpc_request *new_req, + void (*continuation)(struct irpc_request *), + void *private_data) +{ + if (comp_nomem(new_req, ctx)) return; + new_req->async.fn = continuation; + new_req->async.private = private_data; +} + struct finddcs_state { - struct wb_finddcs *io; - struct composite_context *creq; + struct composite_context *ctx; + struct messaging_context *msg_ctx; - struct nbtd_getdcname *r; - struct irpc_request *ireq; -}; + const char *domain_name; + const struct dom_sid *domain_sid; -static void finddcs_getdc(struct irpc_request *ireq) -{ - struct composite_context *c = talloc_get_type(ireq->async.private, - struct composite_context); - struct finddcs_state *state = talloc_get_type(c->private_data, - struct finddcs_state); + struct nbtd_getdcname r; - c->status = irpc_call_recv(ireq); - if (!comp_is_ok(c)) return; + int num_dcs; + struct nbt_dc_name *dcs; +}; - state->io->out.dcs[0].name = talloc_steal(state->io->out.dcs, - state->r->out.dcname); - comp_done(c); -} +static void finddcs_resolve(struct composite_context *ctx); +static void finddcs_getdc(struct irpc_request *ireq); -/* - called when name resolution is finished -*/ -static void finddcs_resolve(struct composite_context *res_ctx) +struct composite_context *wb_finddcs_send(const char *domain_name, + const struct dom_sid *domain_sid, + struct event_context *event_ctx, + struct messaging_context *msg_ctx) { - struct composite_context *c = talloc_get_type(res_ctx->async.private_data, - struct composite_context); - struct finddcs_state *state = talloc_get_type(c->private_data, - struct finddcs_state); - uint32_t *nbt_servers; + struct composite_context *result, *ctx; + struct finddcs_state *state; + struct nbt_name name; - state->io->out.num_dcs = 1; - state->io->out.dcs = talloc_array(state, struct nbt_dc_name, - state->io->out.num_dcs); - if (comp_nomem(state->io->out.dcs, c)) return; + result = talloc_zero(NULL, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->event_ctx = event_ctx; - c->status = resolve_name_recv(res_ctx, state->io->out.dcs, - &state->io->out.dcs[0].address); - if (!comp_is_ok(c)) return; + state = talloc(result, struct finddcs_state); + if (state == NULL) goto failed; + state->ctx = result; + result->private_data = state; - nbt_servers = irpc_servers_byname(state->io->in.msg_ctx, "nbt_server"); - if ((nbt_servers == NULL) || (nbt_servers[0] == 0)) { - comp_error(c, NT_STATUS_NO_LOGON_SERVERS); - return; - } + state->domain_name = talloc_strdup(state, domain_name); + if (state->domain_name == NULL) goto failed; + state->domain_sid = dom_sid_dup(state, domain_sid); + if (state->domain_sid == NULL) goto failed; + state->msg_ctx = msg_ctx; - state->r = talloc(state, struct nbtd_getdcname); - if (comp_nomem(state->r, c)) return; - - state->r->in.domainname = talloc_strdup(state->r, lp_workgroup()); - if (comp_nomem(state->r->in.domainname, c)) return; - state->r->in.ip_address = state->io->out.dcs[0].address; - state->r->in.my_computername = lp_netbios_name(); - state->r->in.my_accountname = - talloc_asprintf(state->r, "%s$", lp_netbios_name()); - if (comp_nomem(state->r->in.my_accountname, c)) return; - state->r->in.account_control = ACB_WSTRUST; - state->r->in.domain_sid = - secrets_get_domain_sid(state->r, lp_workgroup()); - - if (state->r->in.domain_sid == NULL) { - comp_error(c, NT_STATUS_CANT_ACCESS_DOMAIN_INFO); - return; - } + make_nbt_name(&name, state->domain_name, 0x1c); + ctx = resolve_name_send(&name, result->event_ctx, + lp_name_resolve_order()); - state->ireq = irpc_call_send(state->io->in.msg_ctx, nbt_servers[0], - &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME, - state->r, state); - if (comp_nomem(state->ireq, c)) return; + if (ctx == NULL) goto failed; + ctx->async.fn = finddcs_resolve; + ctx->async.private_data = state; - c->status = NT_STATUS_OK; - state->ireq->async.fn = finddcs_getdc; - state->ireq->async.private = c; + return result; + +failed: + talloc_free(result); + return NULL; } -struct composite_context *wb_finddcs_send(struct wb_finddcs *io, - struct event_context *event_ctx) +static void finddcs_resolve(struct composite_context *ctx) { - struct composite_context *c; - struct finddcs_state *state; - struct nbt_name name; + struct finddcs_state *state = + talloc_get_type(ctx->async.private_data, struct finddcs_state); + struct irpc_request *ireq; + uint32_t *nbt_servers; + const char *address; - c = talloc_zero(NULL, struct composite_context); - if (c == NULL) goto failed; - c->state = COMPOSITE_STATE_IN_PROGRESS; - c->event_ctx = event_ctx; + state->ctx->status = resolve_name_recv(ctx, state, &address); + if (!comp_is_ok(state->ctx)) return; - state = talloc(c, struct finddcs_state); - if (state == NULL) goto failed; - state->io = io; + state->num_dcs = 1; + state->dcs = talloc_array(state, struct nbt_dc_name, state->num_dcs); + if (comp_nomem(state->dcs, state->ctx)) return; - make_nbt_name(&name, io->in.domain, 0x1c); - state->creq = resolve_name_send(&name, c->event_ctx, - lp_name_resolve_order()); + state->dcs[0].address = talloc_steal(state->dcs, address); - if (state->creq == NULL) goto failed; - state->creq->async.private_data = c; - state->creq->async.fn = finddcs_resolve; - c->private_data = state; + nbt_servers = irpc_servers_byname(state->msg_ctx, "nbt_server"); + if ((nbt_servers == NULL) || (nbt_servers[0] == 0)) { + comp_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS); + return; + } - return c; -failed: - talloc_free(c); - return NULL; + state->r.in.domainname = state->domain_name; + state->r.in.ip_address = state->dcs[0].address; + state->r.in.my_computername = lp_netbios_name(); + state->r.in.my_accountname = talloc_asprintf(state, "%s$", + lp_netbios_name()); + if (comp_nomem(state->r.in.my_accountname, state->ctx)) return; + state->r.in.account_control = ACB_WSTRUST; + state->r.in.domain_sid = dom_sid_dup(state, state->domain_sid); + if (comp_nomem(state->r.in.domain_sid, state->ctx)) return; + + ireq = irpc_call_send(state->msg_ctx, nbt_servers[0], + &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME, + &state->r, state); + irpc_cont(state->ctx, ireq, finddcs_getdc, state); } -NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx) +static void finddcs_getdc(struct irpc_request *ireq) { - NTSTATUS status; + struct finddcs_state *state = + talloc_get_type(ireq->async.private, struct finddcs_state); - status = composite_wait(c); + state->ctx->status = irpc_call_recv(ireq); + if (!comp_is_ok(state->ctx)) return; + state->dcs[0].name = talloc_steal(state->dcs, state->r.out.dcname); + comp_done(state->ctx); +} + +NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, + int *num_dcs, struct nbt_dc_name **dcs) +{ + NTSTATUS status =composite_wait(c); if (NT_STATUS_IS_OK(status)) { - struct finddcs_state *state = talloc_get_type(c->private_data, - struct finddcs_state); - talloc_steal(mem_ctx, state->io->out.dcs); + struct finddcs_state *state = + talloc_get_type(c->private_data, struct finddcs_state); + *num_dcs = state->num_dcs; + *dcs = talloc_steal(mem_ctx, state->dcs); } - talloc_free(c); return status; } -NTSTATUS wb_finddcs(struct wb_finddcs *io, TALLOC_CTX *mem_ctx, - struct event_context *ev) +NTSTATUS wb_finddcs(const char *domain_name, const struct dom_sid *domain_sid, + struct event_context *event_ctx, + struct messaging_context *msg_ctx, + TALLOC_CTX *mem_ctx, + int *num_dcs, struct nbt_dc_name **dcs) { - struct composite_context *c = wb_finddcs_send(io, ev); - return wb_finddcs_recv(c, mem_ctx); + struct composite_context *c = wb_finddcs_send(domain_name, domain_sid, + event_ctx, msg_ctx); + return wb_finddcs_recv(c, mem_ctx, num_dcs, dcs); } struct get_schannel_creds_state { @@ -290,7 +300,6 @@ static void get_schannel_creds_recv_pipe(struct composite_context *ctx) DCERPC_NETLOGON_VERSION); if (!comp_is_ok(state->ctx)) return; - ZERO_STRUCT(state->r); state->r.in.computer_name = cli_credentials_get_workstation(state->wks_creds); state->r.in.server_name = @@ -335,7 +344,6 @@ static void get_schannel_creds_recv_chal(struct rpc_request *req) state->r.out.credentials, mach_pwd, &state->netr_cred, state->negotiate_flags); - ZERO_STRUCT(state->a); state->a.in.server_name = talloc_reference(state, state->r.in.server_name); state->a.in.account_name = @@ -413,10 +421,10 @@ NTSTATUS wb_get_schannel_creds(struct cli_credentials *wks_creds, struct get_lsa_pipe_state { struct composite_context *ctx; - const char *domain; + const char *domain_name; + const struct dom_sid *domain_sid; - struct wb_finddcs *finddcs; - struct smb_composite_connect *conn; + struct smb_composite_connect conn; struct dcerpc_pipe *lsa_pipe; struct lsa_ObjectAttribute objectattr; @@ -437,7 +445,8 @@ static void get_lsa_pipe_recv_close(struct rpc_request *req); struct composite_context *wb_get_lsa_pipe_send(struct event_context *event_ctx, struct messaging_context *msg_ctx, - const char *domain) + const char *domain_name, + const struct dom_sid *domain_sid) { struct composite_context *result, *ctx; struct get_lsa_pipe_state *state; @@ -452,15 +461,10 @@ struct composite_context *wb_get_lsa_pipe_send(struct event_context *event_ctx, result->private_data = state; state->ctx = result; - state->domain = domain; - - state->finddcs = talloc(state, struct wb_finddcs); - if (state->finddcs == NULL) goto failed; - - state->finddcs->in.msg_ctx = msg_ctx; - state->finddcs->in.domain = lp_workgroup(); + state->domain_name = domain_name; + state->domain_sid = domain_sid; - ctx = wb_finddcs_send(state->finddcs, event_ctx); + ctx = wb_finddcs_send(domain_name, domain_sid, event_ctx, msg_ctx); if (ctx == NULL) goto failed; ctx->async.fn = get_lsa_pipe_recv_dcs; @@ -478,25 +482,30 @@ static void get_lsa_pipe_recv_dcs(struct composite_context *ctx) talloc_get_type(ctx->async.private_data, struct get_lsa_pipe_state); - state->ctx->status = wb_finddcs_recv(ctx, state); + int num_dcs; + struct nbt_dc_name *dcs; + + state->ctx->status = wb_finddcs_recv(ctx, state, &num_dcs, &dcs); if (!comp_is_ok(state->ctx)) return; - state->conn = talloc(state, struct smb_composite_connect); - if (comp_nomem(state->conn, state->ctx)) return; + if (num_dcs < 1) { + comp_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS); + return; + } - state->conn->in.dest_host = state->finddcs->out.dcs[0].address; - state->conn->in.port = 0; - state->conn->in.called_name = state->finddcs->out.dcs[0].name; - state->conn->in.service = "IPC$"; - state->conn->in.service_type = "IPC"; - state->conn->in.workgroup = lp_workgroup(); + state->conn.in.dest_host = dcs[0].address; + state->conn.in.port = 0; + state->conn.in.called_name = dcs[0].name; + state->conn.in.service = "IPC$"; + state->conn.in.service_type = "IPC"; + state->conn.in.workgroup = state->domain_name; - state->conn->in.credentials = cli_credentials_init(state->conn); - if (comp_nomem(state->conn->in.credentials, state->ctx)) return; - cli_credentials_set_conf(state->conn->in.credentials); - cli_credentials_set_anonymous(state->conn->in.credentials); + state->conn.in.credentials = cli_credentials_init(state); + if (comp_nomem(state->conn.in.credentials, state->ctx)) return; + cli_credentials_set_conf(state->conn.in.credentials); + cli_credentials_set_anonymous(state->conn.in.credentials); - ctx = smb_composite_connect_send(state->conn, state, + ctx = smb_composite_connect_send(&state->conn, state, state->ctx->event_ctx); comp_cont(state->ctx, ctx, get_lsa_pipe_recv_tree, state); } @@ -514,7 +523,7 @@ static void get_lsa_pipe_recv_tree(struct composite_context *ctx) if (comp_nomem(state->lsa_pipe, state->ctx)) return; ctx = dcerpc_pipe_open_smb_send(state->lsa_pipe->conn, - state->conn->out.tree, "\\lsarpc"); + state->conn.out.tree, "\\lsarpc"); comp_cont(state->ctx, ctx, get_lsa_pipe_recv_pipe, state); } @@ -528,15 +537,14 @@ static void get_lsa_pipe_recv_pipe(struct composite_context *ctx) state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); if (!comp_is_ok(state->ctx)) return; - talloc_unlink(state, state->conn->out.tree); /* The pipe owns it now */ - state->conn->out.tree = NULL; + talloc_unlink(state, state->conn.out.tree); /* The pipe owns it now */ + state->conn.out.tree = NULL; state->ctx->status = dcerpc_bind_auth_none(state->lsa_pipe, DCERPC_LSARPC_UUID, DCERPC_LSARPC_VERSION); if (!comp_is_ok(state->ctx)) return; - ZERO_STRUCT(state->openpolicy); state->openpolicy.in.system_name = talloc_asprintf(state, "\\\\%s", dcerpc_server_name(state->lsa_pipe)); @@ -562,7 +570,6 @@ static void get_lsa_pipe_recv_openpol(struct rpc_request *req) state->ctx->status = state->openpolicy.out.result; if (!comp_is_ok(state->ctx)) return; - ZERO_STRUCT(state->queryinfo); state->queryinfo.in.handle = &state->policy_handle; state->queryinfo.in.level = LSA_POLICY_INFO_ACCOUNT_DOMAIN; @@ -575,13 +582,33 @@ static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req) { struct get_lsa_pipe_state *state = talloc_get_type(req->async.private, struct get_lsa_pipe_state); + struct lsa_DomainInfo *dominfo; state->ctx->status = dcerpc_ndr_request_recv(req); if (!comp_is_ok(state->ctx)) return; state->ctx->status = state->queryinfo.out.result; if (!comp_is_ok(state->ctx)) return; - ZERO_STRUCT(state->close); + dominfo = &state->queryinfo.out.info->account_domain; + + if (strcasecmp(state->domain_name, dominfo->name.string) != 0) { + DEBUG(2, ("Expected domain name %s, DC %s said %s\n", + state->domain_name, + dcerpc_server_name(state->lsa_pipe), + dominfo->name.string)); + comp_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE); + return; + } + + if (!dom_sid_equal(state->domain_sid, dominfo->sid)) { + DEBUG(2, ("Expected domain sid %s, DC %s said %s\n", + dom_sid_string(state, state->domain_sid), + dcerpc_server_name(state->lsa_pipe), + dom_sid_string(state, dominfo->sid))); + comp_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE); + return; + } + state->close.in.handle = &state->policy_handle; state->close.out.handle = &state->policy_handle; @@ -604,15 +631,13 @@ static void get_lsa_pipe_recv_close(struct rpc_request *req) } NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, - struct dom_sid **sid, struct dcerpc_pipe **pipe) + struct dcerpc_pipe **pipe) { NTSTATUS status = composite_wait(c); if (NT_STATUS_IS_OK(status)) { struct get_lsa_pipe_state *state = talloc_get_type(c->private_data, struct get_lsa_pipe_state); - *sid = talloc_steal(mem_ctx, - state->queryinfo.out.info->domain.sid); *pipe = talloc_steal(mem_ctx, state->lsa_pipe); } talloc_free(c); @@ -621,14 +646,15 @@ NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, NTSTATUS wb_get_lsa_pipe(struct event_context *event_ctx, struct messaging_context *msg_ctx, - const char *domain, + const char *domain_name, + const struct dom_sid *domain_sid, TALLOC_CTX *mem_ctx, - struct dom_sid **sid, struct dcerpc_pipe **pipe) { struct composite_context *c = - wb_get_lsa_pipe_send(event_ctx, msg_ctx, domain); - return wb_get_lsa_pipe_recv(c, mem_ctx, sid, pipe); + wb_get_lsa_pipe_send(event_ctx, msg_ctx, domain_name, + domain_sid); + return wb_get_lsa_pipe_recv(c, mem_ctx, pipe); } struct lsa_lookupnames_state { @@ -806,7 +832,6 @@ struct composite_context *wb_lsa_lookupname_send(struct dcerpc_pipe *lsa_pipe, if (state->name == NULL) goto failed; state->ctx = result; - ZERO_STRUCT(state->openpolicy); state->openpolicy.in.system_name = talloc_asprintf(state, "\\\\%s", dcerpc_server_name(state->lsa_pipe)); @@ -862,7 +887,6 @@ static void lsa_lookupname_recv_sids(struct composite_context *ctx) } } - ZERO_STRUCT(state->close); state->close.in.handle = &state->policy_handle; state->close.out.handle = &state->policy_handle; @@ -902,6 +926,7 @@ NTSTATUS wb_lsa_lookupname(struct dcerpc_pipe *lsa_pipe, const char *name, struct cmd_lookupname_state { struct composite_context *ctx; struct wbsrv_call *call; + struct wbsrv_domain *domain; const char *name; struct wb_sid_object *result; }; @@ -929,8 +954,10 @@ struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, state->call = call; state->name = talloc_strdup(state, name); - if (service->lsa_pipe != NULL) { - ctx = wb_lsa_lookupname_send(service->lsa_pipe, name); + state->domain = service->domains; + + if (state->domain->lsa_pipe != NULL) { + ctx = wb_lsa_lookupname_send(state->domain->lsa_pipe, name); if (ctx == NULL) goto failed; ctx->async.fn = cmd_lookupname_recv_sid; ctx->async.private_data = state; @@ -939,7 +966,8 @@ struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, ctx = wb_get_lsa_pipe_send(result->event_ctx, call->wbconn->conn->msg_ctx, - lp_workgroup()); + state->domain->name, + state->domain->sid); if (ctx == NULL) goto failed; ctx->async.fn = cmd_lookupname_recv_lsa; ctx->async.private_data = state; @@ -958,18 +986,17 @@ static void cmd_lookupname_recv_lsa(struct composite_context *ctx) struct wbsrv_service *service = state->call->wbconn->listen_socket->service; - struct dom_sid *sid; struct dcerpc_pipe *pipe; - state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &sid, &pipe); + state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &pipe); if (!comp_is_ok(state->ctx)) return; - if (service->lsa_pipe == NULL) { + if (state->domain->lsa_pipe == NULL) { /* Only put the new pipe in if nobody else was faster. */ - service->lsa_pipe = talloc_steal(service, pipe); + state->domain->lsa_pipe = talloc_steal(service, pipe); } - ctx = wb_lsa_lookupname_send(service->lsa_pipe, state->name); + ctx = wb_lsa_lookupname_send(state->domain->lsa_pipe, state->name); comp_cont(state->ctx, ctx, cmd_lookupname_recv_sid, state); } @@ -1012,6 +1039,7 @@ NTSTATUS wb_cmd_lookupname(struct wbsrv_call *call, const char *name, struct cmd_checkmachacc_state { struct composite_context *ctx; struct wbsrv_call *call; + struct wbsrv_domain *domain; }; static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx); @@ -1034,32 +1062,35 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) result->private_data = state; state->call = call; - if (service->schannel_creds != NULL) { - talloc_free(service->schannel_creds); + state->domain = service->domains; + + if (state->domain->schannel_creds != NULL) { + talloc_free(state->domain->schannel_creds); } - service->schannel_creds = cli_credentials_init(service); - if (service->schannel_creds == NULL) goto failed; + state->domain->schannel_creds = cli_credentials_init(service); + if (state->domain->schannel_creds == NULL) goto failed; - cli_credentials_set_conf(service->schannel_creds); + cli_credentials_set_conf(state->domain->schannel_creds); state->ctx->status = - cli_credentials_set_machine_account(service->schannel_creds); + cli_credentials_set_machine_account(state->domain-> + schannel_creds); if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; - if (service->netlogon_auth2_pipe != NULL) { - talloc_free(service->netlogon_auth2_pipe); - service->netlogon_auth2_pipe = NULL; + if (state->domain->netlogon_auth2_pipe != NULL) { + talloc_free(state->domain->netlogon_auth2_pipe); + state->domain->netlogon_auth2_pipe = NULL; } - if (service->lsa_pipe != NULL) { + if (state->domain->lsa_pipe != NULL) { struct smbcli_tree *tree = - dcerpc_smb_tree(service->lsa_pipe->conn); + dcerpc_smb_tree(state->domain->lsa_pipe->conn); if (tree == NULL) goto failed; - ctx = wb_get_schannel_creds_send(service->schannel_creds, tree, - result->event_ctx); + ctx = wb_get_schannel_creds_send(state->domain->schannel_creds, + tree, result->event_ctx); if (ctx == NULL) goto failed; ctx->async.fn = cmd_checkmachacc_recv_creds; @@ -1069,7 +1100,8 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) ctx = wb_get_lsa_pipe_send(result->event_ctx, call->wbconn->conn->msg_ctx, - lp_workgroup()); + state->domain->name, + state->domain->sid); if (ctx == NULL) goto failed; ctx->async.fn = cmd_checkmachacc_recv_lsa; ctx->async.private_data = state; @@ -1089,25 +1121,25 @@ static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx) struct wbsrv_service *service = state->call->wbconn->listen_socket->service; - struct dom_sid *sid; struct dcerpc_pipe *pipe; struct smbcli_tree *tree; - state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &sid, &pipe); + state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &pipe); if (!comp_is_ok(state->ctx)) return; - if (service->lsa_pipe == NULL) { - service->lsa_pipe = talloc_steal(service, pipe); + if (state->domain->lsa_pipe == NULL) { + /* We gonna drop "our" pipe if someone else was faster */ + state->domain->lsa_pipe = talloc_steal(service, pipe); } - tree = dcerpc_smb_tree(service->lsa_pipe->conn); + tree = dcerpc_smb_tree(state->domain->lsa_pipe->conn); if (tree == NULL) { comp_error(state->ctx, NT_STATUS_INVALID_PARAMETER); return; } - ctx = wb_get_schannel_creds_send(service->schannel_creds, tree, + ctx = wb_get_schannel_creds_send(state->domain->schannel_creds, tree, state->ctx->event_ctx); comp_cont(state->ctx, ctx, cmd_checkmachacc_recv_creds, state); } @@ -1124,13 +1156,13 @@ static void cmd_checkmachacc_recv_creds(struct composite_context *ctx) state->ctx->status = wb_get_schannel_creds_recv(ctx, state, &pipe); if (!comp_is_ok(state->ctx)) return; - if (service->netlogon_auth2_pipe != NULL) { + if (state->domain->netlogon_auth2_pipe != NULL) { /* Someone else was faster, we need to replace it with our * pipe */ - talloc_free(service->netlogon_auth2_pipe); + talloc_free(state->domain->netlogon_auth2_pipe); } - service->netlogon_auth2_pipe = talloc_steal(service, pipe); + state->domain->netlogon_auth2_pipe = talloc_steal(service, pipe); comp_done(state->ctx); } @@ -1149,6 +1181,7 @@ NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) struct get_netlogon_pipe_state { struct composite_context *ctx; struct wbsrv_call *call; + struct wbsrv_domain *domain; struct dcerpc_pipe *p; }; @@ -1172,9 +1205,11 @@ struct composite_context *wb_get_netlogon_pipe_send(struct wbsrv_call *call) result->private_data = state; state->call = call; - if (service->netlogon_pipe != NULL) { - talloc_free(service->netlogon_pipe); - service->netlogon_pipe = NULL; + state->domain = service->domains; + + if (state->domain->netlogon_pipe != NULL) { + talloc_free(state->domain->netlogon_pipe); + state->domain->netlogon_pipe = NULL; } ctx = wb_cmd_checkmachacc_send(call); @@ -1193,8 +1228,6 @@ static void get_netlogon_pipe_recv_machacc(struct composite_context *ctx) struct get_netlogon_pipe_state *state = talloc_get_type(ctx->async.private_data, struct get_netlogon_pipe_state); - struct wbsrv_service *service = - state->call->wbconn->listen_socket->service; struct smbcli_tree *tree = NULL; @@ -1204,8 +1237,8 @@ static void get_netlogon_pipe_recv_machacc(struct composite_context *ctx) state->p = dcerpc_pipe_init(state, state->ctx->event_ctx); if (comp_nomem(state->p, state->ctx)) return; - if (service->lsa_pipe != NULL) { - tree = dcerpc_smb_tree(service->lsa_pipe->conn); + if (state->domain->lsa_pipe != NULL) { + tree = dcerpc_smb_tree(state->domain->lsa_pipe->conn); } if (tree == NULL) { @@ -1233,12 +1266,12 @@ static void get_netlogon_pipe_recv_pipe(struct composite_context *ctx) dcerpc_bind_auth_password(state->p, DCERPC_NETLOGON_UUID, DCERPC_NETLOGON_VERSION, - service->schannel_creds, + state->domain->schannel_creds, DCERPC_AUTH_TYPE_SCHANNEL, NULL); if (!comp_is_ok(state->ctx)) return; - service->netlogon_pipe = talloc_steal(service, state->p); + state->domain->netlogon_pipe = talloc_steal(service, state->p); comp_done(state->ctx); } -- cgit From 9e5d44d56733f598e0a25ad1e72eccf3267be51a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 9 Oct 2005 20:32:24 +0000 Subject: r10852: Continuation-based programming can become a bit spaghetti... Initialize a domain structure properly. Excerpt from wb_init_domain.c: /* * Initialize a domain: * * - With schannel credentials, try to open the SMB connection with the machine * creds. Fall back to anonymous. * * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon * pipe. * * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back * to schannel and then to anon bind. * * - With queryinfopolicy, verify that we're talking to the right domain * * A bit complex, but with all the combinations I think it's the best we can * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we * have a signed&sealed lsa connection on all of them. * * Is this overkill? In particular the authenticated SMB connection seems a * bit overkill, given that we do schannel for netlogon and ntlmssp for * lsa later on w2k3, the others don't do this anyway. */ Thanks to Jeremy for his detective work, and to the Samba4 team for providing such a great infrastructure. Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr with all we have. Volker (This used to be commit 3e69fdc07cd76b4bc01b032148609ee4b59b8be7) --- source4/winbind/wb_async_helpers.c | 254 ++----------------------------------- 1 file changed, 9 insertions(+), 245 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 73361e2eeb..5a0c70461d 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -38,71 +38,6 @@ #include "librpc/gen_ndr/ndr_lsa.h" #include "libcli/auth/credentials.h" -static BOOL comp_is_ok(struct composite_context *ctx) -{ - if (NT_STATUS_IS_OK(ctx->status)) { - return True; - } - ctx->state = COMPOSITE_STATE_ERROR; - if (ctx->async.fn != NULL) { - ctx->async.fn(ctx); - } - return False; -} - -static void comp_error(struct composite_context *ctx, NTSTATUS status) -{ - ctx->status = status; - SMB_ASSERT(!comp_is_ok(ctx)); -} - -static BOOL comp_nomem(const void *p, struct composite_context *ctx) -{ - if (p != NULL) { - return False; - } - comp_error(ctx, NT_STATUS_NO_MEMORY); - return True; -} - -static void comp_done(struct composite_context *ctx) -{ - ctx->state = COMPOSITE_STATE_DONE; - if (ctx->async.fn != NULL) { - ctx->async.fn(ctx); - } -} - -static void comp_cont(struct composite_context *ctx, - struct composite_context *new_ctx, - void (*continuation)(struct composite_context *), - void *private_data) -{ - if (comp_nomem(new_ctx, ctx)) return; - new_ctx->async.fn = continuation; - new_ctx->async.private_data = private_data; -} - -static void rpc_cont(struct composite_context *ctx, - struct rpc_request *new_req, - void (*continuation)(struct rpc_request *), - void *private_data) -{ - if (comp_nomem(new_req, ctx)) return; - new_req->async.callback = continuation; - new_req->async.private = private_data; -} - -static void irpc_cont(struct composite_context *ctx, - struct irpc_request *new_req, - void (*continuation)(struct irpc_request *), - void *private_data) -{ - if (comp_nomem(new_req, ctx)) return; - new_req->async.fn = continuation; - new_req->async.private = private_data; -} - struct finddcs_state { struct composite_context *ctx; struct messaging_context *msg_ctx; @@ -1042,8 +977,7 @@ struct cmd_checkmachacc_state { struct wbsrv_domain *domain; }; -static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx); -static void cmd_checkmachacc_recv_creds(struct composite_context *ctx); +static void cmd_checkmachacc_recv_init(struct composite_context *ctx); struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) { @@ -1078,32 +1012,10 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) schannel_creds); if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; - if (state->domain->netlogon_auth2_pipe != NULL) { - talloc_free(state->domain->netlogon_auth2_pipe); - state->domain->netlogon_auth2_pipe = NULL; - } - - if (state->domain->lsa_pipe != NULL) { - struct smbcli_tree *tree = - dcerpc_smb_tree(state->domain->lsa_pipe->conn); - - if (tree == NULL) goto failed; - - ctx = wb_get_schannel_creds_send(state->domain->schannel_creds, - tree, result->event_ctx); - if (ctx == NULL) goto failed; - - ctx->async.fn = cmd_checkmachacc_recv_creds; - ctx->async.private_data = state; - return result; - } - - ctx = wb_get_lsa_pipe_send(result->event_ctx, - call->wbconn->conn->msg_ctx, - state->domain->name, - state->domain->sid); + ctx = wb_init_domain_send(state->domain, result->event_ctx, + call->wbconn->conn->msg_ctx); if (ctx == NULL) goto failed; - ctx->async.fn = cmd_checkmachacc_recv_lsa; + ctx->async.fn = cmd_checkmachacc_recv_init; ctx->async.private_data = state; return result; @@ -1113,63 +1025,23 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) return NULL; } -static void cmd_checkmachacc_recv_lsa(struct composite_context *ctx) +static void cmd_checkmachacc_recv_init(struct composite_context *ctx) { struct cmd_checkmachacc_state *state = talloc_get_type(ctx->async.private_data, struct cmd_checkmachacc_state); - struct wbsrv_service *service = - state->call->wbconn->listen_socket->service; - - struct dcerpc_pipe *pipe; - struct smbcli_tree *tree; - state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &pipe); + state->ctx->status = wb_init_domain_recv(ctx); if (!comp_is_ok(state->ctx)) return; - if (state->domain->lsa_pipe == NULL) { - /* We gonna drop "our" pipe if someone else was faster */ - state->domain->lsa_pipe = talloc_steal(service, pipe); - } - - tree = dcerpc_smb_tree(state->domain->lsa_pipe->conn); - - if (tree == NULL) { - comp_error(state->ctx, NT_STATUS_INVALID_PARAMETER); - return; - } - - ctx = wb_get_schannel_creds_send(state->domain->schannel_creds, tree, - state->ctx->event_ctx); - comp_cont(state->ctx, ctx, cmd_checkmachacc_recv_creds, state); -} - -static void cmd_checkmachacc_recv_creds(struct composite_context *ctx) -{ - struct cmd_checkmachacc_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_checkmachacc_state); - struct wbsrv_service *service = - state->call->wbconn->listen_socket->service; - struct dcerpc_pipe *pipe; - - state->ctx->status = wb_get_schannel_creds_recv(ctx, state, &pipe); - if (!comp_is_ok(state->ctx)) return; - - if (state->domain->netlogon_auth2_pipe != NULL) { - /* Someone else was faster, we need to replace it with our - * pipe */ - talloc_free(state->domain->netlogon_auth2_pipe); - } - - state->domain->netlogon_auth2_pipe = talloc_steal(service, pipe); - comp_done(state->ctx); } NTSTATUS wb_cmd_checkmachacc_recv(struct composite_context *c) { - return composite_wait(c); + NTSTATUS status = composite_wait(c); + talloc_free(c); + return status; } NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) @@ -1177,111 +1049,3 @@ NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) struct composite_context *c = wb_cmd_checkmachacc_send(call); return wb_cmd_checkmachacc_recv(c); } - -struct get_netlogon_pipe_state { - struct composite_context *ctx; - struct wbsrv_call *call; - struct wbsrv_domain *domain; - struct dcerpc_pipe *p; -}; - -static void get_netlogon_pipe_recv_machacc(struct composite_context *ctx); -static void get_netlogon_pipe_recv_pipe(struct composite_context *ctx); - -struct composite_context *wb_get_netlogon_pipe_send(struct wbsrv_call *call) -{ - struct composite_context *result, *ctx; - struct get_netlogon_pipe_state *state; - struct wbsrv_service *service = call->wbconn->listen_socket->service; - - result = talloc(call, struct composite_context); - if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->event_ctx = call->event_ctx; - - state = talloc(result, struct get_netlogon_pipe_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - state->call = call; - - state->domain = service->domains; - - if (state->domain->netlogon_pipe != NULL) { - talloc_free(state->domain->netlogon_pipe); - state->domain->netlogon_pipe = NULL; - } - - ctx = wb_cmd_checkmachacc_send(call); - if (ctx == NULL) goto failed; - ctx->async.fn = get_netlogon_pipe_recv_machacc; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void get_netlogon_pipe_recv_machacc(struct composite_context *ctx) -{ - struct get_netlogon_pipe_state *state = - talloc_get_type(ctx->async.private_data, - struct get_netlogon_pipe_state); - - struct smbcli_tree *tree = NULL; - - state->ctx->status = wb_cmd_checkmachacc_recv(ctx); - if (!comp_is_ok(state->ctx)) return; - - state->p = dcerpc_pipe_init(state, state->ctx->event_ctx); - if (comp_nomem(state->p, state->ctx)) return; - - if (state->domain->lsa_pipe != NULL) { - tree = dcerpc_smb_tree(state->domain->lsa_pipe->conn); - } - - if (tree == NULL) { - comp_error(state->ctx, NT_STATUS_INTERNAL_ERROR); - return; - } - - ctx = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon"); - comp_cont(state->ctx, ctx, get_netlogon_pipe_recv_pipe, state); -} - -static void get_netlogon_pipe_recv_pipe(struct composite_context *ctx) -{ - struct get_netlogon_pipe_state *state = - talloc_get_type(ctx->async.private_data, - struct get_netlogon_pipe_state); - struct wbsrv_service *service = - state->call->wbconn->listen_socket->service; - - state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); - if (!comp_is_ok(state->ctx)) return; - - state->p->conn->flags |= (DCERPC_SIGN | DCERPC_SEAL); - state->ctx->status = - dcerpc_bind_auth_password(state->p, - DCERPC_NETLOGON_UUID, - DCERPC_NETLOGON_VERSION, - state->domain->schannel_creds, - DCERPC_AUTH_TYPE_SCHANNEL, - NULL); - if (!comp_is_ok(state->ctx)) return; - - state->domain->netlogon_pipe = talloc_steal(service, state->p); - comp_done(state->ctx); -} - -NTSTATUS wb_get_netlogon_pipe_recv(struct composite_context *c) -{ - return composite_wait(c); -} - -NTSTATUS wb_get_netlogon_pipe(struct wbsrv_call *call) -{ - struct composite_context *c = wb_get_netlogon_pipe_send(call); - return wb_get_netlogon_pipe_recv(c); -} -- cgit From 12fb2fc09e494721ce5fc92545bddca02346443f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 9 Oct 2005 20:57:49 +0000 Subject: r10853: Convert wbinfo -n to properly init the domain. Volker (This used to be commit 512ae49270197146e5967acd654dd97452cf4e77) --- source4/winbind/wb_async_helpers.c | 419 ++----------------------------------- 1 file changed, 18 insertions(+), 401 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 5a0c70461d..001b147307 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -354,244 +354,6 @@ NTSTATUS wb_get_schannel_creds(struct cli_credentials *wks_creds, return wb_get_schannel_creds_recv(c, mem_ctx, netlogon_pipe); } -struct get_lsa_pipe_state { - struct composite_context *ctx; - const char *domain_name; - const struct dom_sid *domain_sid; - - struct smb_composite_connect conn; - struct dcerpc_pipe *lsa_pipe; - - struct lsa_ObjectAttribute objectattr; - struct lsa_OpenPolicy2 openpolicy; - struct policy_handle policy_handle; - - struct lsa_QueryInfoPolicy queryinfo; - - struct lsa_Close close; -}; - -static void get_lsa_pipe_recv_dcs(struct composite_context *ctx); -static void get_lsa_pipe_recv_tree(struct composite_context *ctx); -static void get_lsa_pipe_recv_pipe(struct composite_context *ctx); -static void get_lsa_pipe_recv_openpol(struct rpc_request *req); -static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req); -static void get_lsa_pipe_recv_close(struct rpc_request *req); - -struct composite_context *wb_get_lsa_pipe_send(struct event_context *event_ctx, - struct messaging_context *msg_ctx, - const char *domain_name, - const struct dom_sid *domain_sid) -{ - struct composite_context *result, *ctx; - struct get_lsa_pipe_state *state; - - result = talloc_zero(NULL, struct composite_context); - if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->event_ctx = event_ctx; - - state = talloc(result, struct get_lsa_pipe_state); - if (state == NULL) goto failed; - result->private_data = state; - state->ctx = result; - - state->domain_name = domain_name; - state->domain_sid = domain_sid; - - ctx = wb_finddcs_send(domain_name, domain_sid, event_ctx, msg_ctx); - if (ctx == NULL) goto failed; - - ctx->async.fn = get_lsa_pipe_recv_dcs; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void get_lsa_pipe_recv_dcs(struct composite_context *ctx) -{ - struct get_lsa_pipe_state *state = - talloc_get_type(ctx->async.private_data, - struct get_lsa_pipe_state); - - int num_dcs; - struct nbt_dc_name *dcs; - - state->ctx->status = wb_finddcs_recv(ctx, state, &num_dcs, &dcs); - if (!comp_is_ok(state->ctx)) return; - - if (num_dcs < 1) { - comp_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS); - return; - } - - state->conn.in.dest_host = dcs[0].address; - state->conn.in.port = 0; - state->conn.in.called_name = dcs[0].name; - state->conn.in.service = "IPC$"; - state->conn.in.service_type = "IPC"; - state->conn.in.workgroup = state->domain_name; - - state->conn.in.credentials = cli_credentials_init(state); - if (comp_nomem(state->conn.in.credentials, state->ctx)) return; - cli_credentials_set_conf(state->conn.in.credentials); - cli_credentials_set_anonymous(state->conn.in.credentials); - - ctx = smb_composite_connect_send(&state->conn, state, - state->ctx->event_ctx); - comp_cont(state->ctx, ctx, get_lsa_pipe_recv_tree, state); -} - -static void get_lsa_pipe_recv_tree(struct composite_context *ctx) -{ - struct get_lsa_pipe_state *state = - talloc_get_type(ctx->async.private_data, - struct get_lsa_pipe_state); - - state->ctx->status = smb_composite_connect_recv(ctx, state); - if (!comp_is_ok(state->ctx)) return; - - state->lsa_pipe = dcerpc_pipe_init(state, state->ctx->event_ctx); - if (comp_nomem(state->lsa_pipe, state->ctx)) return; - - ctx = dcerpc_pipe_open_smb_send(state->lsa_pipe->conn, - state->conn.out.tree, "\\lsarpc"); - comp_cont(state->ctx, ctx, get_lsa_pipe_recv_pipe, state); -} - -static void get_lsa_pipe_recv_pipe(struct composite_context *ctx) -{ - struct get_lsa_pipe_state *state = - talloc_get_type(ctx->async.private_data, - struct get_lsa_pipe_state); - struct rpc_request *req; - - state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); - if (!comp_is_ok(state->ctx)) return; - - talloc_unlink(state, state->conn.out.tree); /* The pipe owns it now */ - state->conn.out.tree = NULL; - - state->ctx->status = dcerpc_bind_auth_none(state->lsa_pipe, - DCERPC_LSARPC_UUID, - DCERPC_LSARPC_VERSION); - if (!comp_is_ok(state->ctx)) return; - - state->openpolicy.in.system_name = - talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(state->lsa_pipe)); - if (comp_nomem(state->openpolicy.in.system_name, state->ctx)) return; - - ZERO_STRUCT(state->objectattr); - state->openpolicy.in.attr = &state->objectattr; - state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - state->openpolicy.out.handle = &state->policy_handle; - - req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state, - &state->openpolicy); - rpc_cont(state->ctx, req, get_lsa_pipe_recv_openpol, state); -} - -static void get_lsa_pipe_recv_openpol(struct rpc_request *req) -{ - struct get_lsa_pipe_state *state = - talloc_get_type(req->async.private, struct get_lsa_pipe_state); - - state->ctx->status = dcerpc_ndr_request_recv(req); - if (!comp_is_ok(state->ctx)) return; - state->ctx->status = state->openpolicy.out.result; - if (!comp_is_ok(state->ctx)) return; - - state->queryinfo.in.handle = &state->policy_handle; - state->queryinfo.in.level = LSA_POLICY_INFO_ACCOUNT_DOMAIN; - - req = dcerpc_lsa_QueryInfoPolicy_send(state->lsa_pipe, state, - &state->queryinfo); - rpc_cont(state->ctx, req, get_lsa_pipe_recv_queryinfo, state); -} - -static void get_lsa_pipe_recv_queryinfo(struct rpc_request *req) -{ - struct get_lsa_pipe_state *state = - talloc_get_type(req->async.private, struct get_lsa_pipe_state); - struct lsa_DomainInfo *dominfo; - - state->ctx->status = dcerpc_ndr_request_recv(req); - if (!comp_is_ok(state->ctx)) return; - state->ctx->status = state->queryinfo.out.result; - if (!comp_is_ok(state->ctx)) return; - - dominfo = &state->queryinfo.out.info->account_domain; - - if (strcasecmp(state->domain_name, dominfo->name.string) != 0) { - DEBUG(2, ("Expected domain name %s, DC %s said %s\n", - state->domain_name, - dcerpc_server_name(state->lsa_pipe), - dominfo->name.string)); - comp_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE); - return; - } - - if (!dom_sid_equal(state->domain_sid, dominfo->sid)) { - DEBUG(2, ("Expected domain sid %s, DC %s said %s\n", - dom_sid_string(state, state->domain_sid), - dcerpc_server_name(state->lsa_pipe), - dom_sid_string(state, dominfo->sid))); - comp_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE); - return; - } - - state->close.in.handle = &state->policy_handle; - state->close.out.handle = &state->policy_handle; - - req = dcerpc_lsa_Close_send(state->lsa_pipe, state, - &state->close); - rpc_cont(state->ctx, req, get_lsa_pipe_recv_close, state); -} - -static void get_lsa_pipe_recv_close(struct rpc_request *req) -{ - struct get_lsa_pipe_state *state = - talloc_get_type(req->async.private, struct get_lsa_pipe_state); - - state->ctx->status = dcerpc_ndr_request_recv(req); - if (!comp_is_ok(state->ctx)) return; - state->ctx->status = state->close.out.result; - if (!comp_is_ok(state->ctx)) return; - - comp_done(state->ctx); -} - -NTSTATUS wb_get_lsa_pipe_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, - struct dcerpc_pipe **pipe) -{ - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - struct get_lsa_pipe_state *state = - talloc_get_type(c->private_data, - struct get_lsa_pipe_state); - *pipe = talloc_steal(mem_ctx, state->lsa_pipe); - } - talloc_free(c); - return status; -} - -NTSTATUS wb_get_lsa_pipe(struct event_context *event_ctx, - struct messaging_context *msg_ctx, - const char *domain_name, - const struct dom_sid *domain_sid, - TALLOC_CTX *mem_ctx, - struct dcerpc_pipe **pipe) -{ - struct composite_context *c = - wb_get_lsa_pipe_send(event_ctx, msg_ctx, domain_name, - domain_sid); - return wb_get_lsa_pipe_recv(c, mem_ctx, pipe); -} - struct lsa_lookupnames_state { struct composite_context *ctx; uint32_t num_names; @@ -731,133 +493,6 @@ NTSTATUS wb_lsa_lookupnames(struct dcerpc_pipe *lsa_pipe, return wb_lsa_lookupnames_recv(c, mem_ctx, sids); } -struct lsa_lookupname_state { - struct composite_context *ctx; - struct dcerpc_pipe *lsa_pipe; - const char *name; - struct wb_sid_object *sid; - - struct lsa_ObjectAttribute objectattr; - struct lsa_OpenPolicy2 openpolicy; - struct policy_handle policy_handle; - struct lsa_Close close; -}; - -static void lsa_lookupname_recv_open(struct rpc_request *req); -static void lsa_lookupname_recv_sids(struct composite_context *ctx); - -struct composite_context *wb_lsa_lookupname_send(struct dcerpc_pipe *lsa_pipe, - const char *name) -{ - struct composite_context *result; - struct rpc_request *req; - struct lsa_lookupname_state *state; - - result = talloc_zero(NULL, struct composite_context); - if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->event_ctx = lsa_pipe->conn->event_ctx; - - state = talloc(result, struct lsa_lookupname_state); - if (state == NULL) goto failed; - result->private_data = state; - - state->lsa_pipe = lsa_pipe; - state->name = talloc_strdup(state, name); - if (state->name == NULL) goto failed; - state->ctx = result; - - state->openpolicy.in.system_name = - talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(state->lsa_pipe)); - ZERO_STRUCT(state->objectattr); - state->openpolicy.in.attr = &state->objectattr; - state->openpolicy.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - state->openpolicy.out.handle = &state->policy_handle; - - req = dcerpc_lsa_OpenPolicy2_send(state->lsa_pipe, state, - &state->openpolicy); - if (req == NULL) goto failed; - - req->async.callback = lsa_lookupname_recv_open; - req->async.private = state; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void lsa_lookupname_recv_open(struct rpc_request *req) -{ - struct lsa_lookupname_state *state = - talloc_get_type(req->async.private, - struct lsa_lookupname_state); - struct composite_context *ctx; - - state->ctx->status = dcerpc_ndr_request_recv(req); - if (!comp_is_ok(state->ctx)) return; - state->ctx->status = state->openpolicy.out.result; - if (!comp_is_ok(state->ctx)) return; - - ctx = wb_lsa_lookupnames_send(state->lsa_pipe, &state->policy_handle, - 1, &state->name); - comp_cont(state->ctx, ctx, lsa_lookupname_recv_sids, state); -} - -static void lsa_lookupname_recv_sids(struct composite_context *ctx) -{ - struct lsa_lookupname_state *state = - talloc_get_type(ctx->async.private_data, - struct lsa_lookupname_state); - struct rpc_request *req; - struct wb_sid_object **sids; - - state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids); - - if (NT_STATUS_IS_OK(state->ctx->status)) { - state->sid = NULL; - if (sids != NULL) { - state->sid = sids[0]; - } - } - - state->close.in.handle = &state->policy_handle; - state->close.out.handle = &state->policy_handle; - - req = dcerpc_lsa_Close_send(state->lsa_pipe, state, - &state->close); - if (req != NULL) { - req->async.callback = - (void(*)(struct rpc_request *))talloc_free; - } - - comp_done(state->ctx); -} - -NTSTATUS wb_lsa_lookupname_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - struct wb_sid_object **sid) -{ - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - struct lsa_lookupname_state *state = - talloc_get_type(c->private_data, - struct lsa_lookupname_state); - *sid = talloc_steal(mem_ctx, state->sid); - } - talloc_free(c); - return status; -} - -NTSTATUS wb_lsa_lookupname(struct dcerpc_pipe *lsa_pipe, const char *name, - TALLOC_CTX *mem_ctx, struct wb_sid_object **sid) -{ - struct composite_context *c = - wb_lsa_lookupname_send(lsa_pipe, name); - return wb_lsa_lookupname_recv(c, mem_ctx, sid); -} - struct cmd_lookupname_state { struct composite_context *ctx; struct wbsrv_call *call; @@ -866,7 +501,7 @@ struct cmd_lookupname_state { struct wb_sid_object *result; }; -static void cmd_lookupname_recv_lsa(struct composite_context *ctx); +static void cmd_lookupname_recv_init(struct composite_context *ctx); static void cmd_lookupname_recv_sid(struct composite_context *ctx); struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, @@ -891,20 +526,21 @@ struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, state->domain = service->domains; - if (state->domain->lsa_pipe != NULL) { - ctx = wb_lsa_lookupname_send(state->domain->lsa_pipe, name); + if (state->domain->initialized) { + ctx = wb_lsa_lookupnames_send(state->domain->lsa_pipe, + state->domain->lsa_policy, + 1, &name); if (ctx == NULL) goto failed; ctx->async.fn = cmd_lookupname_recv_sid; ctx->async.private_data = state; return result; } - ctx = wb_get_lsa_pipe_send(result->event_ctx, - call->wbconn->conn->msg_ctx, - state->domain->name, - state->domain->sid); + ctx = wb_init_domain_send(state->domain, + result->event_ctx, + call->wbconn->conn->msg_ctx); if (ctx == NULL) goto failed; - ctx->async.fn = cmd_lookupname_recv_lsa; + ctx->async.fn = cmd_lookupname_recv_init; ctx->async.private_data = state; return result; @@ -913,25 +549,18 @@ struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, return NULL; } -static void cmd_lookupname_recv_lsa(struct composite_context *ctx) +static void cmd_lookupname_recv_init(struct composite_context *ctx) { struct cmd_lookupname_state *state = talloc_get_type(ctx->async.private_data, struct cmd_lookupname_state); - struct wbsrv_service *service = - state->call->wbconn->listen_socket->service; - - struct dcerpc_pipe *pipe; - state->ctx->status = wb_get_lsa_pipe_recv(ctx, state, &pipe); + state->ctx->status = wb_init_domain_recv(ctx); if (!comp_is_ok(state->ctx)) return; - if (state->domain->lsa_pipe == NULL) { - /* Only put the new pipe in if nobody else was faster. */ - state->domain->lsa_pipe = talloc_steal(service, pipe); - } - - ctx = wb_lsa_lookupname_send(state->domain->lsa_pipe, state->name); + ctx = wb_lsa_lookupnames_send(state->domain->lsa_pipe, + state->domain->lsa_policy, + 1, &state->name); comp_cont(state->ctx, ctx, cmd_lookupname_recv_sid, state); } @@ -940,9 +569,11 @@ static void cmd_lookupname_recv_sid(struct composite_context *ctx) struct cmd_lookupname_state *state = talloc_get_type(ctx->async.private_data, struct cmd_lookupname_state); + struct wb_sid_object **sids; + + state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids); + state->result = sids[0]; - state->ctx->status = wb_lsa_lookupname_recv(ctx, state, - &state->result); if (!comp_is_ok(state->ctx)) return; comp_done(state->ctx); @@ -998,20 +629,6 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) state->domain = service->domains; - if (state->domain->schannel_creds != NULL) { - talloc_free(state->domain->schannel_creds); - } - - state->domain->schannel_creds = cli_credentials_init(service); - if (state->domain->schannel_creds == NULL) goto failed; - - cli_credentials_set_conf(state->domain->schannel_creds); - - state->ctx->status = - cli_credentials_set_machine_account(state->domain-> - schannel_creds); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed; - ctx = wb_init_domain_send(state->domain, result->event_ctx, call->wbconn->conn->msg_ctx); if (ctx == NULL) goto failed; -- cgit From d617556ef50863d6a03c81a04f0f6b05848a250e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 10 Oct 2005 19:57:55 +0000 Subject: r10878: Reply to some comments by tridge and metze: * rename the composite helper functions from comp_* to composite_* * Move the lsa initialization to wb_connect_lsa.c * Equip smb_composite_connect with a fallback_to_anonymous The latter two simplify wb_init_domain.c quite a bit. Volker (This used to be commit deb127e04ea01ae93394da5ebffb39d81caeb6d9) --- source4/winbind/wb_async_helpers.c | 68 ++++++++++++++++++++------------------ 1 file changed, 36 insertions(+), 32 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 001b147307..d7cbd702ea 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -103,17 +103,17 @@ static void finddcs_resolve(struct composite_context *ctx) const char *address; state->ctx->status = resolve_name_recv(ctx, state, &address); - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; state->num_dcs = 1; state->dcs = talloc_array(state, struct nbt_dc_name, state->num_dcs); - if (comp_nomem(state->dcs, state->ctx)) return; + if (composite_nomem(state->dcs, state->ctx)) return; state->dcs[0].address = talloc_steal(state->dcs, address); nbt_servers = irpc_servers_byname(state->msg_ctx, "nbt_server"); if ((nbt_servers == NULL) || (nbt_servers[0] == 0)) { - comp_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS); + composite_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS); return; } @@ -122,15 +122,15 @@ static void finddcs_resolve(struct composite_context *ctx) state->r.in.my_computername = lp_netbios_name(); state->r.in.my_accountname = talloc_asprintf(state, "%s$", lp_netbios_name()); - if (comp_nomem(state->r.in.my_accountname, state->ctx)) return; + if (composite_nomem(state->r.in.my_accountname, state->ctx)) return; state->r.in.account_control = ACB_WSTRUST; state->r.in.domain_sid = dom_sid_dup(state, state->domain_sid); - if (comp_nomem(state->r.in.domain_sid, state->ctx)) return; + if (composite_nomem(state->r.in.domain_sid, state->ctx)) return; ireq = irpc_call_send(state->msg_ctx, nbt_servers[0], &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME, &state->r, state); - irpc_cont(state->ctx, ireq, finddcs_getdc, state); + composite_continue_irpc(state->ctx, ireq, finddcs_getdc, state); } static void finddcs_getdc(struct irpc_request *ireq) @@ -139,10 +139,10 @@ static void finddcs_getdc(struct irpc_request *ireq) talloc_get_type(ireq->async.private, struct finddcs_state); state->ctx->status = irpc_call_recv(ireq); - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; state->dcs[0].name = talloc_steal(state->dcs, state->r.out.dcname); - comp_done(state->ctx); + composite_done(state->ctx); } NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, @@ -228,31 +228,32 @@ static void get_schannel_creds_recv_pipe(struct composite_context *ctx) struct rpc_request *req; state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; state->ctx->status = dcerpc_bind_auth_none(state->p, DCERPC_NETLOGON_UUID, DCERPC_NETLOGON_VERSION); - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; state->r.in.computer_name = cli_credentials_get_workstation(state->wks_creds); state->r.in.server_name = talloc_asprintf(state, "\\\\%s", dcerpc_server_name(state->p)); - if (comp_nomem(state->r.in.server_name, state->ctx)) return; + if (composite_nomem(state->r.in.server_name, state->ctx)) return; state->r.in.credentials = talloc(state, struct netr_Credential); - if (comp_nomem(state->r.in.credentials, state->ctx)) return; + if (composite_nomem(state->r.in.credentials, state->ctx)) return; state->r.out.credentials = talloc(state, struct netr_Credential); - if (comp_nomem(state->r.out.credentials, state->ctx)) return; + if (composite_nomem(state->r.out.credentials, state->ctx)) return; generate_random_buffer(state->r.in.credentials->data, sizeof(state->r.in.credentials->data)); req = dcerpc_netr_ServerReqChallenge_send(state->p, state, &state->r); - rpc_cont(state->ctx, req, get_schannel_creds_recv_chal, state); + composite_continue_rpc(state->ctx, req, + get_schannel_creds_recv_chal, state); } static void get_schannel_creds_recv_chal(struct rpc_request *req) @@ -263,15 +264,15 @@ static void get_schannel_creds_recv_chal(struct rpc_request *req) const struct samr_Password *mach_pwd; state->ctx->status = dcerpc_ndr_request_recv(req); - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; state->ctx->status = state->r.out.result; - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; state->creds_state = talloc(state, struct creds_CredentialState); - if (comp_nomem(state->creds_state, state->ctx)) return; + if (composite_nomem(state->creds_state, state->ctx)) return; mach_pwd = cli_credentials_get_nt_hash(state->wks_creds, state); - if (comp_nomem(mach_pwd, state->ctx)) return; + if (composite_nomem(mach_pwd, state->ctx)) return; state->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; @@ -293,7 +294,8 @@ static void get_schannel_creds_recv_chal(struct rpc_request *req) state->a.out.credentials = &state->netr_cred; req = dcerpc_netr_ServerAuthenticate2_send(state->p, state, &state->a); - rpc_cont(state->ctx, req, get_schannel_creds_recv_auth, state); + composite_continue_rpc(state->ctx, req, + get_schannel_creds_recv_auth, state); } static void get_schannel_creds_recv_auth(struct rpc_request *req) @@ -314,7 +316,8 @@ static void get_schannel_creds_recv_auth(struct rpc_request *req) goto done; } - cli_credentials_set_netlogon_creds(state->wks_creds, state->creds_state); + cli_credentials_set_netlogon_creds(state->wks_creds, + state->creds_state); state->ctx->state = COMPOSITE_STATE_DONE; @@ -428,17 +431,17 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) int i; state->ctx->status = dcerpc_ndr_request_recv(req); - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; state->ctx->status = state->r.out.result; if (!NT_STATUS_IS_OK(state->ctx->status) && !NT_STATUS_EQUAL(state->ctx->status, STATUS_SOME_UNMAPPED)) { - comp_error(state->ctx, state->ctx->status); + composite_error(state->ctx, state->ctx->status); return; } state->result = talloc_array(state, struct wb_sid_object *, state->num_names); - if (comp_nomem(state->result, state->ctx)) return; + if (composite_nomem(state->result, state->ctx)) return; for (i=0; inum_names; i++) { struct lsa_TranslatedSid *sid = &state->r.out.sids->sids[i]; @@ -446,7 +449,7 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) state->result[i] = talloc_zero(state->result, struct wb_sid_object); - if (comp_nomem(state->result[i], state->ctx)) return; + if (composite_nomem(state->result[i], state->ctx)) return; state->result[i]->type = sid->sid_type; if (state->result[i]->type == SID_NAME_UNKNOWN) { @@ -454,7 +457,8 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) } if (sid->sid_index >= state->r.out.domains->count) { - comp_error(state->ctx, NT_STATUS_INVALID_PARAMETER); + composite_error(state->ctx, + NT_STATUS_INVALID_PARAMETER); return; } @@ -464,7 +468,7 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) dom->sid, sid->rid); } - comp_done(state->ctx); + composite_done(state->ctx); } NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c, @@ -556,12 +560,12 @@ static void cmd_lookupname_recv_init(struct composite_context *ctx) struct cmd_lookupname_state); state->ctx->status = wb_init_domain_recv(ctx); - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; ctx = wb_lsa_lookupnames_send(state->domain->lsa_pipe, state->domain->lsa_policy, 1, &state->name); - comp_cont(state->ctx, ctx, cmd_lookupname_recv_sid, state); + composite_continue(state->ctx, ctx, cmd_lookupname_recv_sid, state); } static void cmd_lookupname_recv_sid(struct composite_context *ctx) @@ -574,9 +578,9 @@ static void cmd_lookupname_recv_sid(struct composite_context *ctx) state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids); state->result = sids[0]; - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; - comp_done(state->ctx); + composite_done(state->ctx); } NTSTATUS wb_cmd_lookupname_recv(struct composite_context *c, @@ -649,9 +653,9 @@ static void cmd_checkmachacc_recv_init(struct composite_context *ctx) struct cmd_checkmachacc_state); state->ctx->status = wb_init_domain_recv(ctx); - if (!comp_is_ok(state->ctx)) return; + if (!composite_is_ok(state->ctx)) return; - comp_done(state->ctx); + composite_done(state->ctx); } NTSTATUS wb_cmd_checkmachacc_recv(struct composite_context *c) -- cgit From 207a6bf3976d516e40c1ffa7312243e6ff92c791 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 14 Oct 2005 21:05:45 +0000 Subject: r11068: Fix pam_auth_crap, remove the sync code. I don't know what it was when I tested it, but I can not reproduce the problem I had with abartlett's initial implementation anymore. Fix a bug found using valgrind. Volker (This used to be commit 0c6c71ae3cd0a2f97eab2cc24a752976c32a39fc) --- source4/winbind/wb_async_helpers.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index d7cbd702ea..4850ec0d57 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -533,7 +533,7 @@ struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, if (state->domain->initialized) { ctx = wb_lsa_lookupnames_send(state->domain->lsa_pipe, state->domain->lsa_policy, - 1, &name); + 1, &state->name); if (ctx == NULL) goto failed; ctx->async.fn = cmd_lookupname_recv_sid; ctx->async.private_data = state; @@ -576,10 +576,8 @@ static void cmd_lookupname_recv_sid(struct composite_context *ctx) struct wb_sid_object **sids; state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids); - state->result = sids[0]; - if (!composite_is_ok(state->ctx)) return; - + state->result = sids[0]; composite_done(state->ctx); } -- cgit From d102d5ab5785eaaa401b78a16c3446ae7ae59e78 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Oct 2005 08:17:22 +0000 Subject: r11082: Fix a segfault (This used to be commit 576a724bf1350ba7f38f95118224bdee98e0be5a) --- source4/winbind/wb_async_helpers.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 4850ec0d57..0480304abe 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -139,6 +139,7 @@ static void finddcs_getdc(struct irpc_request *ireq) talloc_get_type(ireq->async.private, struct finddcs_state); state->ctx->status = irpc_call_recv(ireq); + talloc_free(ireq); if (!composite_is_ok(state->ctx)) return; state->dcs[0].name = talloc_steal(state->dcs, state->r.out.dcname); -- cgit From 42ececdfae15a34205638cc6e3ec53d6f3ac2148 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Oct 2005 19:18:05 +0000 Subject: r11093: Implement wb_queue_domain_send: If the domain is not yet initialized, do that first. And if a request is being processed, queue it. This correctly survived 3 endless loops with wbinfo's doing different things while starting up smbd. The number of indirections starts to become a bit scary, but what can you do without a decent programming language that provides closures :-) One thing that we might consider is to auto-generate async rpc requests that return composite_context structs instead of rpc_requests. Otherwise I'd have to write a lot of wrappers like composite_netr_LogonSamLogon_send. The alternative would be to write two versions of wb_queue_domain_send which I would like to avoid. This is cluttered enough already. Volker (This used to be commit 66c1b674f9870de73cce0e611909caf9eff34baa) --- source4/winbind/wb_async_helpers.c | 135 +++++++++++++++++++++---------------- 1 file changed, 78 insertions(+), 57 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 0480304abe..146a957727 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -66,6 +66,7 @@ struct composite_context *wb_finddcs_send(const char *domain_name, result = talloc_zero(NULL, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; + result->async.fn = NULL; result->event_ctx = event_ctx; state = talloc(result, struct finddcs_state); @@ -197,6 +198,7 @@ struct composite_context *wb_get_schannel_creds_send(struct cli_credentials *wks result = talloc_zero(NULL, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; + result->async.fn = NULL; result->event_ctx = ev; state = talloc(result, struct get_schannel_creds_state); @@ -384,6 +386,7 @@ struct composite_context *wb_lsa_lookupnames_send(struct dcerpc_pipe *lsa_pipe, result = talloc_zero(NULL, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; + result->async.fn = NULL; result->event_ctx = lsa_pipe->conn->event_ctx; state = talloc(result, struct lsa_lookupnames_state); @@ -506,94 +509,68 @@ struct cmd_lookupname_state { struct wb_sid_object *result; }; -static void cmd_lookupname_recv_init(struct composite_context *ctx); -static void cmd_lookupname_recv_sid(struct composite_context *ctx); +static struct composite_context *lookupname_send_req(void *p); +static NTSTATUS lookupname_recv_req(struct composite_context *ctx, void *p); struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, const char *name) { - struct composite_context *result, *ctx; struct cmd_lookupname_state *state; struct wbsrv_service *service = call->wbconn->listen_socket->service; - result = talloc_zero(call, struct composite_context); - if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->event_ctx = call->event_ctx; - - state = talloc(result, struct cmd_lookupname_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - + state = talloc(NULL, struct cmd_lookupname_state); + state->domain = service->domains; state->call = call; state->name = talloc_strdup(state, name); - - state->domain = service->domains; - - if (state->domain->initialized) { - ctx = wb_lsa_lookupnames_send(state->domain->lsa_pipe, - state->domain->lsa_policy, - 1, &state->name); - if (ctx == NULL) goto failed; - ctx->async.fn = cmd_lookupname_recv_sid; - ctx->async.private_data = state; - return result; + state->ctx = wb_queue_domain_send(state, state->domain, + call->event_ctx, + call->wbconn->conn->msg_ctx, + lookupname_send_req, + lookupname_recv_req, + state); + if (state->ctx == NULL) { + talloc_free(state); + return NULL; } - - ctx = wb_init_domain_send(state->domain, - result->event_ctx, - call->wbconn->conn->msg_ctx); - if (ctx == NULL) goto failed; - ctx->async.fn = cmd_lookupname_recv_init; - ctx->async.private_data = state; - return result; - - failed: - talloc_free(result); - return NULL; + state->ctx->private_data = state; + return state->ctx; } -static void cmd_lookupname_recv_init(struct composite_context *ctx) +static struct composite_context *lookupname_send_req(void *p) { struct cmd_lookupname_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_lookupname_state); + talloc_get_type(p, struct cmd_lookupname_state); - state->ctx->status = wb_init_domain_recv(ctx); - if (!composite_is_ok(state->ctx)) return; - - ctx = wb_lsa_lookupnames_send(state->domain->lsa_pipe, - state->domain->lsa_policy, - 1, &state->name); - composite_continue(state->ctx, ctx, cmd_lookupname_recv_sid, state); + return wb_lsa_lookupnames_send(state->domain->lsa_pipe, + state->domain->lsa_policy, + 1, &state->name); } -static void cmd_lookupname_recv_sid(struct composite_context *ctx) +static NTSTATUS lookupname_recv_req(struct composite_context *ctx, void *p) { struct cmd_lookupname_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_lookupname_state); + talloc_get_type(p, struct cmd_lookupname_state); struct wb_sid_object **sids; + NTSTATUS status; - state->ctx->status = wb_lsa_lookupnames_recv(ctx, state, &sids); - if (!composite_is_ok(state->ctx)) return; - state->result = sids[0]; - composite_done(state->ctx); + status = wb_lsa_lookupnames_recv(ctx, state, &sids); + if (NT_STATUS_IS_OK(status)) { + state->result = sids[0]; + } + return status; } NTSTATUS wb_cmd_lookupname_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, struct wb_sid_object **sid) { + struct cmd_lookupname_state *state = + talloc_get_type(c->private_data, struct cmd_lookupname_state); NTSTATUS status = composite_wait(c); if (NT_STATUS_IS_OK(status)) { - struct cmd_lookupname_state *state = - talloc_get_type(c->private_data, - struct cmd_lookupname_state); *sid = talloc_steal(mem_ctx, state->result); } - talloc_free(c); + talloc_free(state); return status; } @@ -622,6 +599,7 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) result = talloc(call, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; + result->async.fn = NULL; result->event_ctx = call->event_ctx; state = talloc(result, struct cmd_checkmachacc_state); @@ -669,3 +647,46 @@ NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) struct composite_context *c = wb_cmd_checkmachacc_send(call); return wb_cmd_checkmachacc_recv(c); } + +static void composite_netr_LogonSamLogon_recv_rpc(struct rpc_request *req); + +struct composite_context *composite_netr_LogonSamLogon_send(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct netr_LogonSamLogon *r) +{ + struct composite_context *result; + struct rpc_request *req; + + result = talloc(mem_ctx, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->async.fn = NULL; + result->event_ctx = p->conn->event_ctx; + + req = dcerpc_netr_LogonSamLogon_send(p, mem_ctx, r); + if (req == NULL) goto failed; + req->async.callback = composite_netr_LogonSamLogon_recv_rpc; + req->async.private = result; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void composite_netr_LogonSamLogon_recv_rpc(struct rpc_request *req) +{ + struct composite_context *ctx = + talloc_get_type(req->async.private, struct composite_context); + + ctx->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(ctx)) return; + composite_done(ctx); +} + +NTSTATUS composite_netr_LogonSamLogon_recv(struct composite_context *ctx) +{ + NTSTATUS status = composite_wait(ctx); + talloc_free(ctx); + return status; +} -- cgit From 17355fbbd4c4a904bb75c1d8ba98948edaf0fe68 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Oct 2005 22:01:15 +0000 Subject: r11094: Connect to SAM, implement getdcname (This used to be commit a14398715eceecf204caf815a8769ba8214d0576) --- source4/winbind/wb_async_helpers.c | 82 +------------------------------------- 1 file changed, 1 insertion(+), 81 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 146a957727..eeed108719 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -501,87 +501,6 @@ NTSTATUS wb_lsa_lookupnames(struct dcerpc_pipe *lsa_pipe, return wb_lsa_lookupnames_recv(c, mem_ctx, sids); } -struct cmd_lookupname_state { - struct composite_context *ctx; - struct wbsrv_call *call; - struct wbsrv_domain *domain; - const char *name; - struct wb_sid_object *result; -}; - -static struct composite_context *lookupname_send_req(void *p); -static NTSTATUS lookupname_recv_req(struct composite_context *ctx, void *p); - -struct composite_context *wb_cmd_lookupname_send(struct wbsrv_call *call, - const char *name) -{ - struct cmd_lookupname_state *state; - struct wbsrv_service *service = call->wbconn->listen_socket->service; - - state = talloc(NULL, struct cmd_lookupname_state); - state->domain = service->domains; - state->call = call; - state->name = talloc_strdup(state, name); - state->ctx = wb_queue_domain_send(state, state->domain, - call->event_ctx, - call->wbconn->conn->msg_ctx, - lookupname_send_req, - lookupname_recv_req, - state); - if (state->ctx == NULL) { - talloc_free(state); - return NULL; - } - state->ctx->private_data = state; - return state->ctx; -} - -static struct composite_context *lookupname_send_req(void *p) -{ - struct cmd_lookupname_state *state = - talloc_get_type(p, struct cmd_lookupname_state); - - return wb_lsa_lookupnames_send(state->domain->lsa_pipe, - state->domain->lsa_policy, - 1, &state->name); -} - -static NTSTATUS lookupname_recv_req(struct composite_context *ctx, void *p) -{ - struct cmd_lookupname_state *state = - talloc_get_type(p, struct cmd_lookupname_state); - struct wb_sid_object **sids; - NTSTATUS status; - - status = wb_lsa_lookupnames_recv(ctx, state, &sids); - if (NT_STATUS_IS_OK(status)) { - state->result = sids[0]; - } - return status; -} - -NTSTATUS wb_cmd_lookupname_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - struct wb_sid_object **sid) -{ - struct cmd_lookupname_state *state = - talloc_get_type(c->private_data, struct cmd_lookupname_state); - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - *sid = talloc_steal(mem_ctx, state->result); - } - talloc_free(state); - return status; -} - -NTSTATUS wb_cmd_lookupname(struct wbsrv_call *call, const char *name, - TALLOC_CTX *mem_ctx, struct wb_sid_object **sid) -{ - struct composite_context *c = - wb_cmd_lookupname_send(call, name); - return wb_cmd_lookupname_recv(c, mem_ctx, sid); -} - struct cmd_checkmachacc_state { struct composite_context *ctx; struct wbsrv_call *call; @@ -690,3 +609,4 @@ NTSTATUS composite_netr_LogonSamLogon_recv(struct composite_context *ctx) talloc_free(ctx); return status; } + -- cgit From d68319431e62e43c0ecb23328e3162128d823958 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 16 Oct 2005 12:43:09 +0000 Subject: r11095: Implement wb_getuserdomgroups. Tridge, if you have the time, you might want to look at a problem I'm having with unix domain stream sockets. From a comment in this commit: /* Using composite_trigger_error here causes problems with the client * socket. Linux 2.6.8 gives me a ECONNRESET on the next read after * writing the reply when I don't wait the 100 milliseconds. */ This is in winbind/wb_cmd_userdomgroups.c:93. The problem I have is that I can not *immediately* send an error reply to the client because the next receive fails. Waiting 100 milliseconds helps. It might also be a problem with epoll(), I don't really know. I'd appreciate if you took a brief look at this, maybe I'm doing something wrong. Thanks, Volker (This used to be commit 3e535cce743710a68a4264e4f66e9c0c4d6770c6) --- source4/winbind/wb_async_helpers.c | 138 +++++++++++++++++++++++++++++++++++++ 1 file changed, 138 insertions(+) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index eeed108719..c8749896df 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -610,3 +610,141 @@ NTSTATUS composite_netr_LogonSamLogon_recv(struct composite_context *ctx) return status; } +struct samr_getuserdomgroups_state { + struct composite_context *ctx; + struct dcerpc_pipe *samr_pipe; + + int num_rids; + uint32_t *rids; + + struct policy_handle *user_handle; + struct samr_OpenUser o; + struct samr_GetGroupsForUser g; + struct samr_Close c; +}; + +static void samr_usergroups_recv_open(struct rpc_request *req); +static void samr_usergroups_recv_groups(struct rpc_request *req); +static void samr_usergroups_recv_close(struct rpc_request *req); + +struct composite_context *wb_samr_userdomgroups_send(struct dcerpc_pipe *samr_pipe, + struct policy_handle *domain_handle, + uint32_t rid) +{ + struct composite_context *result; + struct rpc_request *req; + struct samr_getuserdomgroups_state *state; + + result = talloc_zero(NULL, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->async.fn = NULL; + result->event_ctx = samr_pipe->conn->event_ctx; + + state = talloc(result, struct samr_getuserdomgroups_state); + if (state == NULL) goto failed; + result->private_data = state; + state->ctx = result; + + state->samr_pipe = samr_pipe; + + state->user_handle = talloc(state, struct policy_handle); + if (state->user_handle == NULL) goto failed; + + state->o.in.domain_handle = domain_handle; + state->o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; + state->o.in.rid = rid; + state->o.out.user_handle = state->user_handle; + + req = dcerpc_samr_OpenUser_send(state->samr_pipe, state, &state->o); + if (req == NULL) goto failed; + + req->async.callback = samr_usergroups_recv_open; + req->async.private = state; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void samr_usergroups_recv_open(struct rpc_request *req) +{ + struct samr_getuserdomgroups_state *state = + talloc_get_type(req->async.private, + struct samr_getuserdomgroups_state); + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(state->ctx)) return; + state->ctx->status = state->o.out.result; + if (!composite_is_ok(state->ctx)) return; + + state->g.in.user_handle = state->user_handle; + + req = dcerpc_samr_GetGroupsForUser_send(state->samr_pipe, state, + &state->g); + composite_continue_rpc(state->ctx, req, samr_usergroups_recv_groups, + state); +} + +static void samr_usergroups_recv_groups(struct rpc_request *req) +{ + struct samr_getuserdomgroups_state *state = + talloc_get_type(req->async.private, + struct samr_getuserdomgroups_state); + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(state->ctx)) return; + state->ctx->status = state->g.out.result; + if (!composite_is_ok(state->ctx)) return; + + state->c.in.handle = state->user_handle; + state->c.out.handle = state->user_handle; + + req = dcerpc_samr_Close_send(state->samr_pipe, state, &state->c); + composite_continue_rpc(state->ctx, req, samr_usergroups_recv_close, + state); +} + +static void samr_usergroups_recv_close(struct rpc_request *req) +{ + struct samr_getuserdomgroups_state *state = + talloc_get_type(req->async.private, + struct samr_getuserdomgroups_state); + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(state->ctx)) return; + state->ctx->status = state->c.out.result; + if (!composite_is_ok(state->ctx)) return; + + composite_done(state->ctx); +} + +NTSTATUS wb_samr_userdomgroups_recv(struct composite_context *ctx, + TALLOC_CTX *mem_ctx, + int *num_rids, uint32_t **rids) +{ + struct samr_getuserdomgroups_state *state = + talloc_get_type(ctx->private_data, + struct samr_getuserdomgroups_state); + + int i; + NTSTATUS status = composite_wait(ctx); + if (!NT_STATUS_IS_OK(status)) goto done; + + *num_rids = state->g.out.rids->count; + *rids = talloc_array(mem_ctx, uint32_t, *num_rids); + if (*rids == NULL) { + status = NT_STATUS_NO_MEMORY; + goto done; + } + + for (i=0; i<*num_rids; i++) { + (*rids)[i] = state->g.out.rids->rids[i].rid; + } + + done: + talloc_free(ctx); + return status; +} + -- cgit From 0f51ae83f09fa90362cae12a37ca4debc35f8491 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 19 Oct 2005 13:45:44 +0000 Subject: r11181: Implement wbinfo -s and wbinfo --user-sids. The patch is so large because --user-sids required the extension to trusted domains. Implement "winbind sealed pipes" parameter for debugging purposes. Volker (This used to be commit 3821a17bdb68b2f1389b5a150502c057d28569d2) --- source4/winbind/wb_async_helpers.c | 158 ++++++++++++++++++++++++++++++++++++- 1 file changed, 157 insertions(+), 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index c8749896df..35f3ec3bb7 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -360,6 +360,163 @@ NTSTATUS wb_get_schannel_creds(struct cli_credentials *wks_creds, return wb_get_schannel_creds_recv(c, mem_ctx, netlogon_pipe); } +struct lsa_lookupsids_state { + struct composite_context *ctx; + int num_sids; + struct lsa_LookupSids r; + struct lsa_SidArray sids; + struct lsa_TransNameArray names; + uint32_t count; + struct wb_sid_object **result; +}; + +static void lsa_lookupsids_recv_names(struct rpc_request *req); + +struct composite_context *wb_lsa_lookupsids_send(struct dcerpc_pipe *lsa_pipe, + struct policy_handle *handle, + int num_sids, + const struct dom_sid **sids) +{ + struct composite_context *result; + struct rpc_request *req; + struct lsa_lookupsids_state *state; + int i; + + result = talloc_zero(NULL, struct composite_context); + if (result == NULL) goto failed; + result->state = COMPOSITE_STATE_IN_PROGRESS; + result->async.fn = NULL; + result->event_ctx = lsa_pipe->conn->event_ctx; + + state = talloc(result, struct lsa_lookupsids_state); + if (state == NULL) goto failed; + result->private_data = state; + state->ctx = result; + + state->sids.num_sids = num_sids; + state->sids.sids = talloc_array(state, struct lsa_SidPtr, num_sids); + if (state->sids.sids == NULL) goto failed; + + for (i=0; isids.sids[i].sid = dom_sid_dup(state->sids.sids, + sids[i]); + if (state->sids.sids[i].sid == NULL) goto failed; + } + + state->count = 0; + state->num_sids = num_sids; + state->names.count = 0; + state->names.names = NULL; + + state->r.in.handle = handle; + state->r.in.sids = &state->sids; + state->r.in.names = &state->names; + state->r.in.level = 1; + state->r.in.count = &state->count; + state->r.out.names = &state->names; + state->r.out.count = &state->count; + + req = dcerpc_lsa_LookupSids_send(lsa_pipe, state, &state->r); + if (req == NULL) goto failed; + + req->async.callback = lsa_lookupsids_recv_names; + req->async.private = state; + return result; + + failed: + talloc_free(result); + return NULL; +} + +static void lsa_lookupsids_recv_names(struct rpc_request *req) +{ + struct lsa_lookupsids_state *state = + talloc_get_type(req->async.private, + struct lsa_lookupsids_state); + int i; + + state->ctx->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(state->ctx)) return; + state->ctx->status = state->r.out.result; + if (!NT_STATUS_IS_OK(state->ctx->status) && + !NT_STATUS_EQUAL(state->ctx->status, STATUS_SOME_UNMAPPED)) { + composite_error(state->ctx, state->ctx->status); + return; + } + + state->result = talloc_array(state, struct wb_sid_object *, + state->num_sids); + if (composite_nomem(state->result, state->ctx)) return; + + for (i=0; inum_sids; i++) { + struct lsa_TranslatedName *name = + &state->r.out.names->names[i]; + struct lsa_TrustInformation *dom; + + state->result[i] = talloc_zero(state->result, + struct wb_sid_object); + if (composite_nomem(state->result[i], state->ctx)) return; + + state->result[i]->type = name->sid_type; + if (state->result[i]->type == SID_NAME_UNKNOWN) { + continue; + } + + if (name->sid_index >= state->r.out.domains->count) { + composite_error(state->ctx, + NT_STATUS_INVALID_PARAMETER); + return; + } + + dom = &state->r.out.domains->domains[name->sid_index]; + state->result[i]->domain = talloc_reference(state->result[i], + dom->name.string); + if ((name->sid_type == SID_NAME_DOMAIN) || + (name->name.string == NULL)) { + state->result[i]->name = + talloc_strdup(state->result[i], ""); + } else { + state->result[i]->name = + talloc_steal(state->result[i], + name->name.string); + } + + if (composite_nomem(state->result[i]->name, state->ctx)) { + return; + } + } + + composite_done(state->ctx); +} + +NTSTATUS wb_lsa_lookupsids_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct wb_sid_object ***names) +{ + NTSTATUS status = composite_wait(c); + if (NT_STATUS_IS_OK(status)) { + struct lsa_lookupsids_state *state = + talloc_get_type(c->private_data, + struct lsa_lookupsids_state); + *names = talloc_steal(mem_ctx, state->result); + } + talloc_free(c); + return status; +} + +NTSTATUS wb_lsa_lookupsids(struct dcerpc_pipe *lsa_pipe, + struct policy_handle *handle, + int num_sids, const struct dom_sid **sids, + TALLOC_CTX *mem_ctx, + struct wb_sid_object ***names) +{ + struct composite_context *c = + wb_lsa_lookupsids_send(lsa_pipe, handle, num_sids, sids); + return wb_lsa_lookupnames_recv(c, mem_ctx, names); +} + + + struct lsa_lookupnames_state { struct composite_context *ctx; uint32_t num_names; @@ -747,4 +904,3 @@ NTSTATUS wb_samr_userdomgroups_recv(struct composite_context *ctx, talloc_free(ctx); return status; } - -- cgit From d6e070b74af8891c5e6ee15d57f8c0db3aac2f14 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 24 Oct 2005 09:34:12 +0000 Subject: r11274: Start a connection attempt to the DC's port 389. To do this properly, make socket_connect and ldap_connect properly async. Volker (This used to be commit bcc71fc1deeed443d7cf00220ce264011ddf588d) --- source4/winbind/wb_async_helpers.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 35f3ec3bb7..29fd167a93 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -686,8 +686,7 @@ struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) state->domain = service->domains; - ctx = wb_init_domain_send(state->domain, result->event_ctx, - call->wbconn->conn->msg_ctx); + ctx = wb_init_domain_send(service, state->domain); if (ctx == NULL) goto failed; ctx->async.fn = cmd_checkmachacc_recv_init; ctx->async.private_data = state; -- cgit From 6b6a739eca1e16c0c101289b1984a639fce10223 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 5 Nov 2005 09:34:07 +0000 Subject: r11517: Cleanup time, this looks larger than it is. This mainly gets rid of wb_domain_request, now that we have queued rpc requests. Volker (This used to be commit 848522d1b64c1c283ac1ea7ce7f1a7a1b014a2aa) --- source4/winbind/wb_async_helpers.c | 98 +++++++++++++------------------------- 1 file changed, 32 insertions(+), 66 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 29fd167a93..f00c0725b4 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -54,7 +54,8 @@ struct finddcs_state { static void finddcs_resolve(struct composite_context *ctx); static void finddcs_getdc(struct irpc_request *ireq); -struct composite_context *wb_finddcs_send(const char *domain_name, +struct composite_context *wb_finddcs_send(TALLOC_CTX *mem_ctx, + const char *domain_name, const struct dom_sid *domain_sid, struct event_context *event_ctx, struct messaging_context *msg_ctx) @@ -63,7 +64,7 @@ struct composite_context *wb_finddcs_send(const char *domain_name, struct finddcs_state *state; struct nbt_name name; - result = talloc_zero(NULL, struct composite_context); + result = talloc(mem_ctx, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; result->async.fn = NULL; @@ -150,7 +151,7 @@ static void finddcs_getdc(struct irpc_request *ireq) NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, int *num_dcs, struct nbt_dc_name **dcs) { - NTSTATUS status =composite_wait(c); + NTSTATUS status = composite_wait(c); if (NT_STATUS_IS_OK(status)) { struct finddcs_state *state = talloc_get_type(c->private_data, struct finddcs_state); @@ -161,13 +162,14 @@ NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, return status; } -NTSTATUS wb_finddcs(const char *domain_name, const struct dom_sid *domain_sid, +NTSTATUS wb_finddcs(TALLOC_CTX *mem_ctx, + const char *domain_name, const struct dom_sid *domain_sid, struct event_context *event_ctx, struct messaging_context *msg_ctx, - TALLOC_CTX *mem_ctx, int *num_dcs, struct nbt_dc_name **dcs) { - struct composite_context *c = wb_finddcs_send(domain_name, domain_sid, + struct composite_context *c = wb_finddcs_send(mem_ctx, + domain_name, domain_sid, event_ctx, msg_ctx); return wb_finddcs_recv(c, mem_ctx, num_dcs, dcs); } @@ -188,14 +190,15 @@ static void get_schannel_creds_recv_auth(struct rpc_request *req); static void get_schannel_creds_recv_chal(struct rpc_request *req); static void get_schannel_creds_recv_pipe(struct composite_context *ctx); -struct composite_context *wb_get_schannel_creds_send(struct cli_credentials *wks_creds, +struct composite_context *wb_get_schannel_creds_send(TALLOC_CTX *mem_ctx, + struct cli_credentials *wks_creds, struct smbcli_tree *tree, struct event_context *ev) { struct composite_context *result, *ctx; struct get_schannel_creds_state *state; - result = talloc_zero(NULL, struct composite_context); + result = talloc(mem_ctx, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; result->async.fn = NULL; @@ -349,14 +352,15 @@ NTSTATUS wb_get_schannel_creds_recv(struct composite_context *c, return status; } -NTSTATUS wb_get_schannel_creds(struct cli_credentials *wks_creds, +NTSTATUS wb_get_schannel_creds(TALLOC_CTX *mem_ctx, + struct cli_credentials *wks_creds, struct smbcli_tree *tree, struct event_context *event_ctx, - TALLOC_CTX *mem_ctx, struct dcerpc_pipe **netlogon_pipe) { struct composite_context *c = - wb_get_schannel_creds_send(wks_creds, tree, event_ctx); + wb_get_schannel_creds_send(mem_ctx, wks_creds, tree, + event_ctx); return wb_get_schannel_creds_recv(c, mem_ctx, netlogon_pipe); } @@ -372,7 +376,8 @@ struct lsa_lookupsids_state { static void lsa_lookupsids_recv_names(struct rpc_request *req); -struct composite_context *wb_lsa_lookupsids_send(struct dcerpc_pipe *lsa_pipe, +struct composite_context *wb_lsa_lookupsids_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe *lsa_pipe, struct policy_handle *handle, int num_sids, const struct dom_sid **sids) @@ -382,7 +387,7 @@ struct composite_context *wb_lsa_lookupsids_send(struct dcerpc_pipe *lsa_pipe, struct lsa_lookupsids_state *state; int i; - result = talloc_zero(NULL, struct composite_context); + result = talloc(mem_ctx, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; result->async.fn = NULL; @@ -504,14 +509,15 @@ NTSTATUS wb_lsa_lookupsids_recv(struct composite_context *c, return status; } -NTSTATUS wb_lsa_lookupsids(struct dcerpc_pipe *lsa_pipe, +NTSTATUS wb_lsa_lookupsids(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe *lsa_pipe, struct policy_handle *handle, int num_sids, const struct dom_sid **sids, - TALLOC_CTX *mem_ctx, struct wb_sid_object ***names) { struct composite_context *c = - wb_lsa_lookupsids_send(lsa_pipe, handle, num_sids, sids); + wb_lsa_lookupsids_send(mem_ctx, lsa_pipe, handle, + num_sids, sids); return wb_lsa_lookupnames_recv(c, mem_ctx, names); } @@ -528,7 +534,8 @@ struct lsa_lookupnames_state { static void lsa_lookupnames_recv_sids(struct rpc_request *req); -struct composite_context *wb_lsa_lookupnames_send(struct dcerpc_pipe *lsa_pipe, +struct composite_context *wb_lsa_lookupnames_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe *lsa_pipe, struct policy_handle *handle, int num_names, const char **names) @@ -540,7 +547,7 @@ struct composite_context *wb_lsa_lookupnames_send(struct dcerpc_pipe *lsa_pipe, struct lsa_String *lsa_names; int i; - result = talloc_zero(NULL, struct composite_context); + result = talloc(mem_ctx, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; result->async.fn = NULL; @@ -647,14 +654,15 @@ NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c, return status; } -NTSTATUS wb_lsa_lookupnames(struct dcerpc_pipe *lsa_pipe, +NTSTATUS wb_lsa_lookupnames(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe *lsa_pipe, struct policy_handle *handle, int num_names, const char **names, - TALLOC_CTX *mem_ctx, struct wb_sid_object ***sids) { struct composite_context *c = - wb_lsa_lookupnames_send(lsa_pipe, handle, num_names, names); + wb_lsa_lookupnames_send(mem_ctx, lsa_pipe, handle, + num_names, names); return wb_lsa_lookupnames_recv(c, mem_ctx, sids); } @@ -723,49 +731,6 @@ NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) return wb_cmd_checkmachacc_recv(c); } -static void composite_netr_LogonSamLogon_recv_rpc(struct rpc_request *req); - -struct composite_context *composite_netr_LogonSamLogon_send(struct dcerpc_pipe *p, - TALLOC_CTX *mem_ctx, - struct netr_LogonSamLogon *r) -{ - struct composite_context *result; - struct rpc_request *req; - - result = talloc(mem_ctx, struct composite_context); - if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->async.fn = NULL; - result->event_ctx = p->conn->event_ctx; - - req = dcerpc_netr_LogonSamLogon_send(p, mem_ctx, r); - if (req == NULL) goto failed; - req->async.callback = composite_netr_LogonSamLogon_recv_rpc; - req->async.private = result; - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void composite_netr_LogonSamLogon_recv_rpc(struct rpc_request *req) -{ - struct composite_context *ctx = - talloc_get_type(req->async.private, struct composite_context); - - ctx->status = dcerpc_ndr_request_recv(req); - if (!composite_is_ok(ctx)) return; - composite_done(ctx); -} - -NTSTATUS composite_netr_LogonSamLogon_recv(struct composite_context *ctx) -{ - NTSTATUS status = composite_wait(ctx); - talloc_free(ctx); - return status; -} - struct samr_getuserdomgroups_state { struct composite_context *ctx; struct dcerpc_pipe *samr_pipe; @@ -783,7 +748,8 @@ static void samr_usergroups_recv_open(struct rpc_request *req); static void samr_usergroups_recv_groups(struct rpc_request *req); static void samr_usergroups_recv_close(struct rpc_request *req); -struct composite_context *wb_samr_userdomgroups_send(struct dcerpc_pipe *samr_pipe, +struct composite_context *wb_samr_userdomgroups_send(TALLOC_CTX *mem_ctx, + struct dcerpc_pipe *samr_pipe, struct policy_handle *domain_handle, uint32_t rid) { @@ -791,7 +757,7 @@ struct composite_context *wb_samr_userdomgroups_send(struct dcerpc_pipe *samr_pi struct rpc_request *req; struct samr_getuserdomgroups_state *state; - result = talloc_zero(NULL, struct composite_context); + result = talloc(mem_ctx, struct composite_context); if (result == NULL) goto failed; result->state = COMPOSITE_STATE_IN_PROGRESS; result->async.fn = NULL; -- cgit From 69307693dc47cdaa931551c99914e85273037886 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 5 Nov 2005 23:46:57 +0000 Subject: r11528: Separate finding dcs from initializing a domain. Makes it easier to possibly support cldap and other stuff in the future. This temporarily disables wbinfo -t, but that will come back soon. Try an ldap bind using gss-spnego. This got me krb5 binds against "our" w2k3 and a trusted w2k, although with some memleaks from krb5 and a BAD_OPTION tgs-rep error. Volker (This used to be commit d14948fdf687c8f70ef9ec35445b7eb04da84253) --- source4/winbind/wb_async_helpers.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index f00c0725b4..915638abb7 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -666,6 +666,8 @@ NTSTATUS wb_lsa_lookupnames(TALLOC_CTX *mem_ctx, return wb_lsa_lookupnames_recv(c, mem_ctx, sids); } +#if 0 + struct cmd_checkmachacc_state { struct composite_context *ctx; struct wbsrv_call *call; @@ -730,6 +732,7 @@ NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) struct composite_context *c = wb_cmd_checkmachacc_send(call); return wb_cmd_checkmachacc_recv(c); } +#endif struct samr_getuserdomgroups_state { struct composite_context *ctx; -- cgit From f7732560eea1c5d1de316fb2d64b78ad7507549b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 14 Nov 2005 20:13:00 +0000 Subject: r11727: Minor cleanup (This used to be commit 681451af727d12294ecee1b8fddc595b0148003f) --- source4/winbind/wb_async_helpers.c | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 915638abb7..51907c1350 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -311,30 +311,21 @@ static void get_schannel_creds_recv_auth(struct rpc_request *req) struct get_schannel_creds_state); state->ctx->status = dcerpc_ndr_request_recv(req); - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!composite_is_ok(state->ctx)) return; state->ctx->status = state->a.out.result; - if (!NT_STATUS_IS_OK(state->ctx->status)) goto done; + if (!composite_is_ok(state->ctx)) return; if (!creds_client_check(state->creds_state, state->a.out.credentials)) { DEBUG(5, ("Server got us invalid creds\n")); - state->ctx->status = NT_STATUS_UNSUCCESSFUL; - goto done; + composite_error(state->ctx, NT_STATUS_UNSUCCESSFUL); + return; } cli_credentials_set_netlogon_creds(state->wks_creds, state->creds_state); - state->ctx->state = COMPOSITE_STATE_DONE; - - done: - if (!NT_STATUS_IS_OK(state->ctx->status)) { - state->ctx->state = COMPOSITE_STATE_ERROR; - } - if ((state->ctx->state >= COMPOSITE_STATE_DONE) && - (state->ctx->async.fn != NULL)) { - state->ctx->async.fn(state->ctx); - } + composite_done(state->ctx); } NTSTATUS wb_get_schannel_creds_recv(struct composite_context *c, -- cgit From a6852523d677f6c39a92e0e2b5d970211b29558b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 20 Nov 2005 17:34:56 +0000 Subject: r11812: Convert winbind to the async bind routines. Also remove tridge's hack for the winbind "bug" :-) Volker (This used to be commit fb9a3c7ef376f289288c71bc47d67f548ddb7194) --- source4/winbind/wb_async_helpers.c | 127 +++++++++++++++++++++++-------------- 1 file changed, 78 insertions(+), 49 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 51907c1350..cfbfe5f74f 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -175,7 +175,6 @@ NTSTATUS wb_finddcs(TALLOC_CTX *mem_ctx, } struct get_schannel_creds_state { - struct composite_context *ctx; struct cli_credentials *wks_creds; struct dcerpc_pipe *p; struct netr_ServerReqChallenge r; @@ -186,6 +185,7 @@ struct get_schannel_creds_state { struct netr_ServerAuthenticate2 a; }; +static void get_schannel_creds_recv_anonbind(struct composite_context *creq); static void get_schannel_creds_recv_auth(struct rpc_request *req); static void get_schannel_creds_recv_chal(struct rpc_request *req); static void get_schannel_creds_recv_pipe(struct composite_context *ctx); @@ -195,90 +195,117 @@ struct composite_context *wb_get_schannel_creds_send(TALLOC_CTX *mem_ctx, struct smbcli_tree *tree, struct event_context *ev) { - struct composite_context *result, *ctx; + struct composite_context *c, *creq; struct get_schannel_creds_state *state; - result = talloc(mem_ctx, struct composite_context); - if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->async.fn = NULL; - result->event_ctx = ev; + c = talloc_zero(mem_ctx, struct composite_context); + if (c == NULL) return NULL; - state = talloc(result, struct get_schannel_creds_state); - if (state == NULL) goto failed; - result->private_data = state; - state->ctx = result; + state = talloc(c, struct get_schannel_creds_state); + if (state == NULL) { + c->status = NT_STATUS_NO_MEMORY; + goto failed; + } + + c->state = COMPOSITE_STATE_IN_PROGRESS; + c->private_data = state; + c->event_ctx = ev; state->wks_creds = wks_creds; state->p = dcerpc_pipe_init(state, ev); - if (state->p == NULL) goto failed; + if (state->p == NULL) { + c->status = NT_STATUS_NO_MEMORY; + goto failed; + } - ctx = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon"); - if (ctx == NULL) goto failed; + creq = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon"); + if (creq == NULL) { + c->status = NT_STATUS_NO_MEMORY; + goto failed; + } - ctx->async.fn = get_schannel_creds_recv_pipe; - ctx->async.private_data = state; - return result; + creq->async.fn = get_schannel_creds_recv_pipe; + creq->async.private_data = c; + + return c; failed: - talloc_free(result); - return NULL; + composite_trigger_error(c); + return c; } -static void get_schannel_creds_recv_pipe(struct composite_context *ctx) +static void get_schannel_creds_recv_pipe(struct composite_context *creq) { + struct composite_context *c = + talloc_get_type(creq->async.private_data, + struct composite_context); struct get_schannel_creds_state *state = - talloc_get_type(ctx->async.private_data, + talloc_get_type(c->private_data, struct get_schannel_creds_state); - struct rpc_request *req; - state->ctx->status = dcerpc_pipe_open_smb_recv(ctx); - if (!composite_is_ok(state->ctx)) return; + c->status = dcerpc_pipe_open_smb_recv(creq); + if (!composite_is_ok(c)) return; - state->ctx->status = dcerpc_bind_auth_none(state->p, - DCERPC_NETLOGON_UUID, - DCERPC_NETLOGON_VERSION); - if (!composite_is_ok(state->ctx)) return; + creq = dcerpc_bind_auth_none_send(state, state->p, + DCERPC_NETLOGON_UUID, + DCERPC_NETLOGON_VERSION); + composite_continue(c, creq, get_schannel_creds_recv_anonbind, c); +} + +static void get_schannel_creds_recv_anonbind(struct composite_context *creq) +{ + struct composite_context *c = + talloc_get_type(creq->async.private_data, + struct composite_context); + struct get_schannel_creds_state *state = + talloc_get_type(c->private_data, + struct get_schannel_creds_state); + struct rpc_request *req; + + c->status = dcerpc_bind_auth_none_recv(creq); + if (!composite_is_ok(c)) return; state->r.in.computer_name = cli_credentials_get_workstation(state->wks_creds); state->r.in.server_name = talloc_asprintf(state, "\\\\%s", dcerpc_server_name(state->p)); - if (composite_nomem(state->r.in.server_name, state->ctx)) return; + if (composite_nomem(state->r.in.server_name, c)) return; state->r.in.credentials = talloc(state, struct netr_Credential); - if (composite_nomem(state->r.in.credentials, state->ctx)) return; + if (composite_nomem(state->r.in.credentials, c)) return; state->r.out.credentials = talloc(state, struct netr_Credential); - if (composite_nomem(state->r.out.credentials, state->ctx)) return; + if (composite_nomem(state->r.out.credentials, c)) return; generate_random_buffer(state->r.in.credentials->data, sizeof(state->r.in.credentials->data)); req = dcerpc_netr_ServerReqChallenge_send(state->p, state, &state->r); - composite_continue_rpc(state->ctx, req, - get_schannel_creds_recv_chal, state); + composite_continue_rpc(c, req, get_schannel_creds_recv_chal, c); } static void get_schannel_creds_recv_chal(struct rpc_request *req) { - struct get_schannel_creds_state *state = + struct composite_context *c = talloc_get_type(req->async.private, + struct composite_context); + struct get_schannel_creds_state *state = + talloc_get_type(c->private_data, struct get_schannel_creds_state); const struct samr_Password *mach_pwd; - state->ctx->status = dcerpc_ndr_request_recv(req); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->r.out.result; - if (!composite_is_ok(state->ctx)) return; + c->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(c)) return; + c->status = state->r.out.result; + if (!composite_is_ok(c)) return; state->creds_state = talloc(state, struct creds_CredentialState); - if (composite_nomem(state->creds_state, state->ctx)) return; + if (composite_nomem(state->creds_state, c)) return; mach_pwd = cli_credentials_get_nt_hash(state->wks_creds, state); - if (composite_nomem(mach_pwd, state->ctx)) return; + if (composite_nomem(mach_pwd, c)) return; state->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; @@ -300,32 +327,34 @@ static void get_schannel_creds_recv_chal(struct rpc_request *req) state->a.out.credentials = &state->netr_cred; req = dcerpc_netr_ServerAuthenticate2_send(state->p, state, &state->a); - composite_continue_rpc(state->ctx, req, - get_schannel_creds_recv_auth, state); + composite_continue_rpc(c, req, get_schannel_creds_recv_auth, c); } static void get_schannel_creds_recv_auth(struct rpc_request *req) { - struct get_schannel_creds_state *state = + struct composite_context *c = talloc_get_type(req->async.private, + struct composite_context); + struct get_schannel_creds_state *state = + talloc_get_type(c->private_data, struct get_schannel_creds_state); - state->ctx->status = dcerpc_ndr_request_recv(req); - if (!composite_is_ok(state->ctx)) return; - state->ctx->status = state->a.out.result; - if (!composite_is_ok(state->ctx)) return; + c->status = dcerpc_ndr_request_recv(req); + if (!composite_is_ok(c)) return; + c->status = state->a.out.result; + if (!composite_is_ok(c)) return; if (!creds_client_check(state->creds_state, state->a.out.credentials)) { DEBUG(5, ("Server got us invalid creds\n")); - composite_error(state->ctx, NT_STATUS_UNSUCCESSFUL); + composite_error(c, NT_STATUS_UNSUCCESSFUL); return; } cli_credentials_set_netlogon_creds(state->wks_creds, state->creds_state); - composite_done(state->ctx); + composite_done(c); } NTSTATUS wb_get_schannel_creds_recv(struct composite_context *c, -- cgit From 150848248a8b97c58a6f09c83a8784e61f858170 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 2 Dec 2005 07:30:34 +0000 Subject: r12014: free the irpc_request structure with the irpc_call_recv functions, to match all other _recv functions we have metze (This used to be commit bd4f85ab5f60c7430ac88062fa6a9f6cffa9596f) --- source4/winbind/wb_async_helpers.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index cfbfe5f74f..8efd19f96b 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -141,7 +141,6 @@ static void finddcs_getdc(struct irpc_request *ireq) talloc_get_type(ireq->async.private, struct finddcs_state); state->ctx->status = irpc_call_recv(ireq); - talloc_free(ireq); if (!composite_is_ok(state->ctx)) return; state->dcs[0].name = talloc_steal(state->dcs, state->r.out.dcname); -- cgit From 111a920fdb92ccef32f89b2f992bdd3051e5ac54 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 8 Dec 2005 01:13:45 +0000 Subject: r12116: got rid of composite_trigger_done() and composite_trigger_error(), and instead make the normal composite_done() and composite_error() functions automatically trigger a delayed callback if the caller has had no opportunity to setup a async callback this removes one of the common mistakes in writing a composite function (This used to be commit f9413ce792ded682e05134b66d433eeec293e6f1) --- source4/winbind/wb_async_helpers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 8efd19f96b..f6c61c8c36 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -230,7 +230,7 @@ struct composite_context *wb_get_schannel_creds_send(TALLOC_CTX *mem_ctx, return c; failed: - composite_trigger_error(c); + composite_error(c, c->status); return c; } -- cgit From acd6a086b341096fcbea1775ce748587fcc8020a Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 27 Dec 2005 14:28:01 +0000 Subject: r12510: Change the DCE/RPC interfaces to take a pointer to a dcerpc_interface_table struct rather then a tuple of interface name, UUID and version. This removes the requirement for having a global list of DCE/RPC interfaces, except for these parts of the code that use that list explicitly (ndrdump and the scanner torture test). This should also allow us to remove the hack that put the authservice parameter in the dcerpc_binding struct as it can now be read directly from dcerpc_interface_table. I will now modify some of these functions to take a dcerpc_syntax_id structure rather then a full dcerpc_interface_table. (This used to be commit 8aae0f168e54c01d0866ad6e0da141dbd828574f) --- source4/winbind/wb_async_helpers.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index f6c61c8c36..330a6b4534 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -247,8 +247,7 @@ static void get_schannel_creds_recv_pipe(struct composite_context *creq) if (!composite_is_ok(c)) return; creq = dcerpc_bind_auth_none_send(state, state->p, - DCERPC_NETLOGON_UUID, - DCERPC_NETLOGON_VERSION); + &dcerpc_table_netlogon); composite_continue(c, creq, get_schannel_creds_recv_anonbind, c); } -- cgit From d4de4c2d210d2e8c9b5aedf70695594809ad6a0b Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Fri, 30 Dec 2005 13:16:54 +0000 Subject: r12608: Remove some unused #include lines. (This used to be commit 70e7449318aa0e9d2639c76730a7d1683b2f4981) --- source4/winbind/wb_async_helpers.c | 9 --------- 1 file changed, 9 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 330a6b4534..e89c27000b 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -23,19 +23,10 @@ #include "includes.h" #include "libcli/composite/composite.h" -#include "libcli/smb_composite/smb_composite.h" #include "winbind/wb_async_helpers.h" -#include "winbind/wb_server.h" -#include "smbd/service_stream.h" -#include "librpc/gen_ndr/nbt.h" -#include "librpc/gen_ndr/samr.h" #include "lib/messaging/irpc.h" -#include "librpc/gen_ndr/irpc.h" #include "librpc/gen_ndr/ndr_irpc.h" -#include "libcli/raw/libcliraw.h" -#include "librpc/gen_ndr/ndr_netlogon.h" -#include "librpc/gen_ndr/ndr_lsa.h" #include "libcli/auth/credentials.h" struct finddcs_state { -- cgit From 2fad2c945b2a9773b5016ff616929117b1ceb73c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 12 Jan 2006 09:56:15 +0000 Subject: r12868: Remove unused code. This has moved to libcli/finddcs.c. Andrew Bartlett (This used to be commit a30a359c45c3dac4b910ec130b73cc01324b399a) --- source4/winbind/wb_async_helpers.c | 135 ------------------------------------- 1 file changed, 135 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index e89c27000b..f4de7d4284 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -29,141 +29,6 @@ #include "librpc/gen_ndr/ndr_irpc.h" #include "libcli/auth/credentials.h" -struct finddcs_state { - struct composite_context *ctx; - struct messaging_context *msg_ctx; - - const char *domain_name; - const struct dom_sid *domain_sid; - - struct nbtd_getdcname r; - - int num_dcs; - struct nbt_dc_name *dcs; -}; - -static void finddcs_resolve(struct composite_context *ctx); -static void finddcs_getdc(struct irpc_request *ireq); - -struct composite_context *wb_finddcs_send(TALLOC_CTX *mem_ctx, - const char *domain_name, - const struct dom_sid *domain_sid, - struct event_context *event_ctx, - struct messaging_context *msg_ctx) -{ - struct composite_context *result, *ctx; - struct finddcs_state *state; - struct nbt_name name; - - result = talloc(mem_ctx, struct composite_context); - if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->async.fn = NULL; - result->event_ctx = event_ctx; - - state = talloc(result, struct finddcs_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - - state->domain_name = talloc_strdup(state, domain_name); - if (state->domain_name == NULL) goto failed; - state->domain_sid = dom_sid_dup(state, domain_sid); - if (state->domain_sid == NULL) goto failed; - state->msg_ctx = msg_ctx; - - make_nbt_name(&name, state->domain_name, 0x1c); - ctx = resolve_name_send(&name, result->event_ctx, - lp_name_resolve_order()); - - if (ctx == NULL) goto failed; - ctx->async.fn = finddcs_resolve; - ctx->async.private_data = state; - - return result; - -failed: - talloc_free(result); - return NULL; -} - -static void finddcs_resolve(struct composite_context *ctx) -{ - struct finddcs_state *state = - talloc_get_type(ctx->async.private_data, struct finddcs_state); - struct irpc_request *ireq; - uint32_t *nbt_servers; - const char *address; - - state->ctx->status = resolve_name_recv(ctx, state, &address); - if (!composite_is_ok(state->ctx)) return; - - state->num_dcs = 1; - state->dcs = talloc_array(state, struct nbt_dc_name, state->num_dcs); - if (composite_nomem(state->dcs, state->ctx)) return; - - state->dcs[0].address = talloc_steal(state->dcs, address); - - nbt_servers = irpc_servers_byname(state->msg_ctx, "nbt_server"); - if ((nbt_servers == NULL) || (nbt_servers[0] == 0)) { - composite_error(state->ctx, NT_STATUS_NO_LOGON_SERVERS); - return; - } - - state->r.in.domainname = state->domain_name; - state->r.in.ip_address = state->dcs[0].address; - state->r.in.my_computername = lp_netbios_name(); - state->r.in.my_accountname = talloc_asprintf(state, "%s$", - lp_netbios_name()); - if (composite_nomem(state->r.in.my_accountname, state->ctx)) return; - state->r.in.account_control = ACB_WSTRUST; - state->r.in.domain_sid = dom_sid_dup(state, state->domain_sid); - if (composite_nomem(state->r.in.domain_sid, state->ctx)) return; - - ireq = irpc_call_send(state->msg_ctx, nbt_servers[0], - &dcerpc_table_irpc, DCERPC_NBTD_GETDCNAME, - &state->r, state); - composite_continue_irpc(state->ctx, ireq, finddcs_getdc, state); -} - -static void finddcs_getdc(struct irpc_request *ireq) -{ - struct finddcs_state *state = - talloc_get_type(ireq->async.private, struct finddcs_state); - - state->ctx->status = irpc_call_recv(ireq); - if (!composite_is_ok(state->ctx)) return; - - state->dcs[0].name = talloc_steal(state->dcs, state->r.out.dcname); - composite_done(state->ctx); -} - -NTSTATUS wb_finddcs_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, - int *num_dcs, struct nbt_dc_name **dcs) -{ - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - struct finddcs_state *state = - talloc_get_type(c->private_data, struct finddcs_state); - *num_dcs = state->num_dcs; - *dcs = talloc_steal(mem_ctx, state->dcs); - } - talloc_free(c); - return status; -} - -NTSTATUS wb_finddcs(TALLOC_CTX *mem_ctx, - const char *domain_name, const struct dom_sid *domain_sid, - struct event_context *event_ctx, - struct messaging_context *msg_ctx, - int *num_dcs, struct nbt_dc_name **dcs) -{ - struct composite_context *c = wb_finddcs_send(mem_ctx, - domain_name, domain_sid, - event_ctx, msg_ctx); - return wb_finddcs_recv(c, mem_ctx, num_dcs, dcs); -} - struct get_schannel_creds_state { struct cli_credentials *wks_creds; struct dcerpc_pipe *p; -- cgit From 4ac2be99588b48b0652a524bf12fb1aa9c3f5fbb Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 7 Mar 2006 11:07:23 +0000 Subject: r13924: Split more prototypes out of include/proto.h + initial work on header file dependencies (This used to be commit 122835876748a3eaf5e8d31ad1abddab9acb8781) --- source4/winbind/wb_async_helpers.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index f4de7d4284..fbffebc092 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -28,6 +28,10 @@ #include "lib/messaging/irpc.h" #include "librpc/gen_ndr/ndr_irpc.h" #include "libcli/auth/credentials.h" +#include "libcli/security/proto.h" +#include "libcli/auth/proto.h" + +#include "winbind/wb_helper.h" struct get_schannel_creds_state { struct cli_credentials *wks_creds; -- cgit From 3f16241a1d3243447d0244ebac05b447aec94df8 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 14 Mar 2006 01:29:56 +0000 Subject: r14363: Remove credentials.h from the global includes. (This used to be commit 98c4c3051391c6f89df5d133665f51bef66b1563) --- source4/winbind/wb_async_helpers.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index fbffebc092..cf4c83d767 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -30,6 +30,7 @@ #include "libcli/auth/credentials.h" #include "libcli/security/proto.h" #include "libcli/auth/proto.h" +#include "auth/credentials/credentials.h" #include "winbind/wb_helper.h" -- cgit From e3f2414cf9e582a4e4deecc662b64a7bb2679a34 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 14 Mar 2006 15:03:25 +0000 Subject: r14380: Reduce the size of structs.h (This used to be commit 1a16a6f1dfa66499af43a6b88b3ea69a6a75f1fe) --- source4/winbind/wb_async_helpers.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index cf4c83d767..c8611e6300 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -29,8 +29,7 @@ #include "librpc/gen_ndr/ndr_irpc.h" #include "libcli/auth/credentials.h" #include "libcli/security/proto.h" -#include "libcli/auth/proto.h" -#include "auth/credentials/credentials.h" +#include "libcli/auth/libcli_auth.h" #include "winbind/wb_helper.h" @@ -555,7 +554,7 @@ struct cmd_checkmachacc_state { static void cmd_checkmachacc_recv_init(struct composite_context *ctx); -struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) + struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) { struct composite_context *result, *ctx; struct cmd_checkmachacc_state *state; @@ -599,14 +598,14 @@ static void cmd_checkmachacc_recv_init(struct composite_context *ctx) composite_done(state->ctx); } -NTSTATUS wb_cmd_checkmachacc_recv(struct composite_context *c) + NTSTATUS wb_cmd_checkmachacc_recv(struct composite_context *c) { NTSTATUS status = composite_wait(c); talloc_free(c); return status; } -NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) + NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) { struct composite_context *c = wb_cmd_checkmachacc_send(call); return wb_cmd_checkmachacc_recv(c); -- cgit From 1060f6b3f621cb70b075a879f129e57f10fdbf8a Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Tue, 14 Mar 2006 23:35:30 +0000 Subject: r14402: Generate seperate headers for RPC client functions. (This used to be commit 7054ebf0249930843a2baf4d023ae8f62cedb109) --- source4/winbind/wb_async_helpers.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index c8611e6300..ad1aaae0d2 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -30,6 +30,9 @@ #include "libcli/auth/credentials.h" #include "libcli/security/proto.h" #include "libcli/auth/libcli_auth.h" +#include "librpc/gen_ndr/ndr_netlogon_c.h" +#include "librpc/gen_ndr/ndr_lsa_c.h" +#include "librpc/gen_ndr/ndr_samr_c.h" #include "winbind/wb_helper.h" -- cgit From 8528016978b084213ef53d66e1b6e831b1a01acc Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 16 Mar 2006 00:23:11 +0000 Subject: r14464: Don't include ndr_BASENAME.h files unless strictly required, instead try to include just the BASENAME.h files (containing only structs) (This used to be commit 3dd477ca5147f28a962b8437e2611a8222d706bd) --- source4/winbind/wb_async_helpers.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index ad1aaae0d2..c1a95b65fd 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -26,10 +26,11 @@ #include "winbind/wb_async_helpers.h" #include "lib/messaging/irpc.h" -#include "librpc/gen_ndr/ndr_irpc.h" +#include "librpc/gen_ndr/irpc.h" #include "libcli/auth/credentials.h" #include "libcli/security/proto.h" #include "libcli/auth/libcli_auth.h" +#include "librpc/gen_ndr/ndr_netlogon.h" #include "librpc/gen_ndr/ndr_netlogon_c.h" #include "librpc/gen_ndr/ndr_lsa_c.h" #include "librpc/gen_ndr/ndr_samr_c.h" -- cgit From 4f1c8daa36a7a0372c5fd9eab51f3c16ee81c49d Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Thu, 16 Mar 2006 12:43:28 +0000 Subject: r14470: Remove some unnecessary headers. (This used to be commit f7312dab3b9aba2b2b82e8a6e0c483a32a03a63a) --- source4/winbind/wb_async_helpers.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index c1a95b65fd..eb8ccd22bc 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -30,7 +30,6 @@ #include "libcli/auth/credentials.h" #include "libcli/security/proto.h" #include "libcli/auth/libcli_auth.h" -#include "librpc/gen_ndr/ndr_netlogon.h" #include "librpc/gen_ndr/ndr_netlogon_c.h" #include "librpc/gen_ndr/ndr_lsa_c.h" #include "librpc/gen_ndr/ndr_samr_c.h" -- cgit From 1af925f394b1084779f5b1b5a10c2ec512d7e5be Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Sun, 2 Apr 2006 12:02:01 +0000 Subject: r14860: create libcli/security/security.h metze (This used to be commit 9ec706238c173992dc938d537bdf1103bf519dbf) --- source4/winbind/wb_async_helpers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index eb8ccd22bc..7fe64ebcd1 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -28,7 +28,7 @@ #include "lib/messaging/irpc.h" #include "librpc/gen_ndr/irpc.h" #include "libcli/auth/credentials.h" -#include "libcli/security/proto.h" +#include "libcli/security/security.h" #include "libcli/auth/libcli_auth.h" #include "librpc/gen_ndr/ndr_netlogon_c.h" #include "librpc/gen_ndr/ndr_lsa_c.h" -- cgit From e905fed4e03a50f8c17b9ff0726fccc9558ca8c4 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 31 Aug 2006 08:22:13 +0000 Subject: r17956: LSA Cleanup! This commit cleans up a number of aspects of the LSA interface. Firstly, we do 2 simple searches on opening the LSA policy, to obtain the basic information we need. This also avoids us searching for dnsDomain (an invented attribute). While I was at it, I added and tested new LSA calls, including the enumTrustedDomainsEx call. I have also merged the identical structures lsa_DomainInformation and lsa_DomainList. Also in this commit: Fix netlogon use of uninitialised variables. Andrew Bartlett (This used to be commit 3f3fa7f466df56612064029143fbae8effb668aa) --- source4/winbind/wb_async_helpers.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 7fe64ebcd1..53abcf5f65 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -337,7 +337,7 @@ static void lsa_lookupsids_recv_names(struct rpc_request *req) for (i=0; inum_sids; i++) { struct lsa_TranslatedName *name = &state->r.out.names->names[i]; - struct lsa_TrustInformation *dom; + struct lsa_DomainInfo *dom; state->result[i] = talloc_zero(state->result, struct wb_sid_object); @@ -494,7 +494,7 @@ static void lsa_lookupnames_recv_sids(struct rpc_request *req) for (i=0; inum_names; i++) { struct lsa_TranslatedSid *sid = &state->r.out.sids->sids[i]; - struct lsa_TrustInformation *dom; + struct lsa_DomainInfo *dom; state->result[i] = talloc_zero(state->result, struct wb_sid_object); -- cgit From 13dbee3ffea6065a826f010e50c9b4eb2c6ad109 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 7 Nov 2006 00:48:36 +0000 Subject: r19598: Ahead of a merge to current lorikeet-heimdal: Break up auth/auth.h not to include the world. Add credentials_krb5.h with the kerberos dependent prototypes. Andrew Bartlett (This used to be commit 2b569c42e0fbb596ea82484d0e1cb22e193037b9) --- source4/winbind/wb_async_helpers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 53abcf5f65..3a560a9a94 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -27,7 +27,7 @@ #include "lib/messaging/irpc.h" #include "librpc/gen_ndr/irpc.h" -#include "libcli/auth/credentials.h" +#include "auth/credentials/credentials.h" #include "libcli/security/security.h" #include "libcli/auth/libcli_auth.h" #include "librpc/gen_ndr/ndr_netlogon_c.h" -- cgit From 60fd088c480e474c3db8870f1288462a8452cea3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 26 Feb 2007 05:37:19 +0000 Subject: r21535: - fixed a crash in the RAW-ACLS test. When a dcerpc_pipe is created using the pattern in the clilsa code, it didn't fill in the p->binding structure. This affects nearly all users of dcerpc_pipe_open_smb(), so the simplest fix is to ensure that dcerpc_pipe_open_smb() initialises the binding if its not already there. - re-enable the RAW-ACLS test (This used to be commit d8875c286d2be49c01703d8fd58bbc1842054bd9) --- source4/winbind/wb_async_helpers.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 3a560a9a94..11d675d2e9 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -81,7 +81,7 @@ struct composite_context *wb_get_schannel_creds_send(TALLOC_CTX *mem_ctx, goto failed; } - creq = dcerpc_pipe_open_smb_send(state->p->conn, tree, "\\netlogon"); + creq = dcerpc_pipe_open_smb_send(state->p, tree, "\\netlogon"); if (creq == NULL) { c->status = NT_STATUS_NO_MEMORY; goto failed; -- cgit From f5a94f978b9221bbf79e3d0d3fe8ad5d735509a1 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 30 Apr 2007 16:52:30 +0000 Subject: r22612: Fix more cases where we have uninitialised values in the composite_context, because we don't use the creation function. Andrew Bartlett (This used to be commit e37064e356c17d0c87bb7fa7adf0c0d04d8daba2) --- source4/winbind/wb_async_helpers.c | 26 ++++++-------------------- 1 file changed, 6 insertions(+), 20 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 11d675d2e9..91e80e8cc5 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -60,8 +60,8 @@ struct composite_context *wb_get_schannel_creds_send(TALLOC_CTX *mem_ctx, struct composite_context *c, *creq; struct get_schannel_creds_state *state; - c = talloc_zero(mem_ctx, struct composite_context); - if (c == NULL) return NULL; + c = composite_create(mem_ctx, ev); + if (c == NULL) goto failed; state = talloc(c, struct get_schannel_creds_state); if (state == NULL) { @@ -69,9 +69,7 @@ struct composite_context *wb_get_schannel_creds_send(TALLOC_CTX *mem_ctx, goto failed; } - c->state = COMPOSITE_STATE_IN_PROGRESS; c->private_data = state; - c->event_ctx = ev; state->wks_creds = wks_creds; @@ -268,11 +266,8 @@ struct composite_context *wb_lsa_lookupsids_send(TALLOC_CTX *mem_ctx, struct lsa_lookupsids_state *state; int i; - result = talloc(mem_ctx, struct composite_context); + result = composite_create(mem_ctx, lsa_pipe->conn->event_ctx); if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->async.fn = NULL; - result->event_ctx = lsa_pipe->conn->event_ctx; state = talloc(result, struct lsa_lookupsids_state); if (state == NULL) goto failed; @@ -428,11 +423,8 @@ struct composite_context *wb_lsa_lookupnames_send(TALLOC_CTX *mem_ctx, struct lsa_String *lsa_names; int i; - result = talloc(mem_ctx, struct composite_context); + result = composite_create(mem_ctx, lsa_pipe->conn->event_ctx); if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->async.fn = NULL; - result->event_ctx = lsa_pipe->conn->event_ctx; state = talloc(result, struct lsa_lookupnames_state); if (state == NULL) goto failed; @@ -563,11 +555,8 @@ static void cmd_checkmachacc_recv_init(struct composite_context *ctx); struct cmd_checkmachacc_state *state; struct wbsrv_service *service = call->wbconn->listen_socket->service; - result = talloc(call, struct composite_context); + result = composite_create(mem_ctx, call->event_ctx; if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->async.fn = NULL; - result->event_ctx = call->event_ctx; state = talloc(result, struct cmd_checkmachacc_state); if (state == NULL) goto failed; @@ -641,11 +630,8 @@ struct composite_context *wb_samr_userdomgroups_send(TALLOC_CTX *mem_ctx, struct rpc_request *req; struct samr_getuserdomgroups_state *state; - result = talloc(mem_ctx, struct composite_context); + result = composite_create(mem_ctx, samr_pipe->conn->event_ctx); if (result == NULL) goto failed; - result->state = COMPOSITE_STATE_IN_PROGRESS; - result->async.fn = NULL; - result->event_ctx = samr_pipe->conn->event_ctx; state = talloc(result, struct samr_getuserdomgroups_state); if (state == NULL) goto failed; -- cgit From 40cd2d778093d7799b27b6beb37166d8a53f965c Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 16 May 2007 14:52:54 +0000 Subject: r22944: fix bug #4618: rename private -> private_data metze (This used to be commit 58551f2f28fce8f1fcd04736c47ecd7458f32ea2) --- source4/winbind/wb_async_helpers.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 91e80e8cc5..88cf835faa 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -148,7 +148,7 @@ static void get_schannel_creds_recv_anonbind(struct composite_context *creq) static void get_schannel_creds_recv_chal(struct rpc_request *req) { struct composite_context *c = - talloc_get_type(req->async.private, + talloc_get_type(req->async.private_data, struct composite_context); struct get_schannel_creds_state *state = talloc_get_type(c->private_data, @@ -192,7 +192,7 @@ static void get_schannel_creds_recv_chal(struct rpc_request *req) static void get_schannel_creds_recv_auth(struct rpc_request *req) { struct composite_context *c = - talloc_get_type(req->async.private, + talloc_get_type(req->async.private_data, struct composite_context); struct get_schannel_creds_state *state = talloc_get_type(c->private_data, @@ -301,7 +301,7 @@ struct composite_context *wb_lsa_lookupsids_send(TALLOC_CTX *mem_ctx, if (req == NULL) goto failed; req->async.callback = lsa_lookupsids_recv_names; - req->async.private = state; + req->async.private_data = state; return result; failed: @@ -312,7 +312,7 @@ struct composite_context *wb_lsa_lookupsids_send(TALLOC_CTX *mem_ctx, static void lsa_lookupsids_recv_names(struct rpc_request *req) { struct lsa_lookupsids_state *state = - talloc_get_type(req->async.private, + talloc_get_type(req->async.private_data, struct lsa_lookupsids_state); int i; @@ -456,7 +456,7 @@ struct composite_context *wb_lsa_lookupnames_send(TALLOC_CTX *mem_ctx, if (req == NULL) goto failed; req->async.callback = lsa_lookupnames_recv_sids; - req->async.private = state; + req->async.private_data = state; return result; failed: @@ -467,7 +467,7 @@ struct composite_context *wb_lsa_lookupnames_send(TALLOC_CTX *mem_ctx, static void lsa_lookupnames_recv_sids(struct rpc_request *req) { struct lsa_lookupnames_state *state = - talloc_get_type(req->async.private, + talloc_get_type(req->async.private_data, struct lsa_lookupnames_state); int i; @@ -652,7 +652,7 @@ struct composite_context *wb_samr_userdomgroups_send(TALLOC_CTX *mem_ctx, if (req == NULL) goto failed; req->async.callback = samr_usergroups_recv_open; - req->async.private = state; + req->async.private_data = state; return result; failed: @@ -663,7 +663,7 @@ struct composite_context *wb_samr_userdomgroups_send(TALLOC_CTX *mem_ctx, static void samr_usergroups_recv_open(struct rpc_request *req) { struct samr_getuserdomgroups_state *state = - talloc_get_type(req->async.private, + talloc_get_type(req->async.private_data, struct samr_getuserdomgroups_state); state->ctx->status = dcerpc_ndr_request_recv(req); @@ -682,7 +682,7 @@ static void samr_usergroups_recv_open(struct rpc_request *req) static void samr_usergroups_recv_groups(struct rpc_request *req) { struct samr_getuserdomgroups_state *state = - talloc_get_type(req->async.private, + talloc_get_type(req->async.private_data, struct samr_getuserdomgroups_state); state->ctx->status = dcerpc_ndr_request_recv(req); @@ -701,7 +701,7 @@ static void samr_usergroups_recv_groups(struct rpc_request *req) static void samr_usergroups_recv_close(struct rpc_request *req) { struct samr_getuserdomgroups_state *state = - talloc_get_type(req->async.private, + talloc_get_type(req->async.private_data, struct samr_getuserdomgroups_state); state->ctx->status = dcerpc_ndr_request_recv(req); -- cgit From 0479a2f1cbae51fcd8dbdc3c148c808421fb4d25 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 02:07:03 +0000 Subject: r23792: convert Samba4 to GPLv3 There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa) --- source4/winbind/wb_async_helpers.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 88cf835faa..21b00adf60 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -5,7 +5,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, @@ -14,8 +14,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ /* a composite API for finding a DC and its name -- cgit From a87dea2a0894015cf4a3140995791f5468c40038 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 10 Jul 2007 11:37:30 +0000 Subject: r23810: Make things static, and remove unsued code. This includes some of the original ildap ldap client API. ldb provides a much easier abstraction on this to use, and doesn't use these functions. Andrew Bartlett (This used to be commit dc27a7e41c297472675e8c251bb14327a1af3902) --- source4/winbind/wb_async_helpers.c | 231 ------------------------------------- 1 file changed, 231 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 21b00adf60..662dd111dd 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -35,213 +35,6 @@ #include "winbind/wb_helper.h" -struct get_schannel_creds_state { - struct cli_credentials *wks_creds; - struct dcerpc_pipe *p; - struct netr_ServerReqChallenge r; - - struct creds_CredentialState *creds_state; - struct netr_Credential netr_cred; - uint32_t negotiate_flags; - struct netr_ServerAuthenticate2 a; -}; - -static void get_schannel_creds_recv_anonbind(struct composite_context *creq); -static void get_schannel_creds_recv_auth(struct rpc_request *req); -static void get_schannel_creds_recv_chal(struct rpc_request *req); -static void get_schannel_creds_recv_pipe(struct composite_context *ctx); - -struct composite_context *wb_get_schannel_creds_send(TALLOC_CTX *mem_ctx, - struct cli_credentials *wks_creds, - struct smbcli_tree *tree, - struct event_context *ev) -{ - struct composite_context *c, *creq; - struct get_schannel_creds_state *state; - - c = composite_create(mem_ctx, ev); - if (c == NULL) goto failed; - - state = talloc(c, struct get_schannel_creds_state); - if (state == NULL) { - c->status = NT_STATUS_NO_MEMORY; - goto failed; - } - - c->private_data = state; - - state->wks_creds = wks_creds; - - state->p = dcerpc_pipe_init(state, ev); - if (state->p == NULL) { - c->status = NT_STATUS_NO_MEMORY; - goto failed; - } - - creq = dcerpc_pipe_open_smb_send(state->p, tree, "\\netlogon"); - if (creq == NULL) { - c->status = NT_STATUS_NO_MEMORY; - goto failed; - } - - creq->async.fn = get_schannel_creds_recv_pipe; - creq->async.private_data = c; - - return c; - - failed: - composite_error(c, c->status); - return c; -} - -static void get_schannel_creds_recv_pipe(struct composite_context *creq) -{ - struct composite_context *c = - talloc_get_type(creq->async.private_data, - struct composite_context); - struct get_schannel_creds_state *state = - talloc_get_type(c->private_data, - struct get_schannel_creds_state); - - c->status = dcerpc_pipe_open_smb_recv(creq); - if (!composite_is_ok(c)) return; - - creq = dcerpc_bind_auth_none_send(state, state->p, - &dcerpc_table_netlogon); - composite_continue(c, creq, get_schannel_creds_recv_anonbind, c); -} - -static void get_schannel_creds_recv_anonbind(struct composite_context *creq) -{ - struct composite_context *c = - talloc_get_type(creq->async.private_data, - struct composite_context); - struct get_schannel_creds_state *state = - talloc_get_type(c->private_data, - struct get_schannel_creds_state); - struct rpc_request *req; - - c->status = dcerpc_bind_auth_none_recv(creq); - if (!composite_is_ok(c)) return; - - state->r.in.computer_name = - cli_credentials_get_workstation(state->wks_creds); - state->r.in.server_name = - talloc_asprintf(state, "\\\\%s", - dcerpc_server_name(state->p)); - if (composite_nomem(state->r.in.server_name, c)) return; - - state->r.in.credentials = talloc(state, struct netr_Credential); - if (composite_nomem(state->r.in.credentials, c)) return; - - state->r.out.credentials = talloc(state, struct netr_Credential); - if (composite_nomem(state->r.out.credentials, c)) return; - - generate_random_buffer(state->r.in.credentials->data, - sizeof(state->r.in.credentials->data)); - - req = dcerpc_netr_ServerReqChallenge_send(state->p, state, &state->r); - composite_continue_rpc(c, req, get_schannel_creds_recv_chal, c); -} - -static void get_schannel_creds_recv_chal(struct rpc_request *req) -{ - struct composite_context *c = - talloc_get_type(req->async.private_data, - struct composite_context); - struct get_schannel_creds_state *state = - talloc_get_type(c->private_data, - struct get_schannel_creds_state); - const struct samr_Password *mach_pwd; - - c->status = dcerpc_ndr_request_recv(req); - if (!composite_is_ok(c)) return; - c->status = state->r.out.result; - if (!composite_is_ok(c)) return; - - state->creds_state = talloc(state, struct creds_CredentialState); - if (composite_nomem(state->creds_state, c)) return; - - mach_pwd = cli_credentials_get_nt_hash(state->wks_creds, state); - if (composite_nomem(mach_pwd, c)) return; - - state->negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; - - creds_client_init(state->creds_state, state->r.in.credentials, - state->r.out.credentials, mach_pwd, - &state->netr_cred, state->negotiate_flags); - - state->a.in.server_name = - talloc_reference(state, state->r.in.server_name); - state->a.in.account_name = - cli_credentials_get_username(state->wks_creds); - state->a.in.secure_channel_type = - cli_credentials_get_secure_channel_type(state->wks_creds); - state->a.in.computer_name = - cli_credentials_get_workstation(state->wks_creds); - state->a.in.negotiate_flags = &state->negotiate_flags; - state->a.out.negotiate_flags = &state->negotiate_flags; - state->a.in.credentials = &state->netr_cred; - state->a.out.credentials = &state->netr_cred; - - req = dcerpc_netr_ServerAuthenticate2_send(state->p, state, &state->a); - composite_continue_rpc(c, req, get_schannel_creds_recv_auth, c); -} - -static void get_schannel_creds_recv_auth(struct rpc_request *req) -{ - struct composite_context *c = - talloc_get_type(req->async.private_data, - struct composite_context); - struct get_schannel_creds_state *state = - talloc_get_type(c->private_data, - struct get_schannel_creds_state); - - c->status = dcerpc_ndr_request_recv(req); - if (!composite_is_ok(c)) return; - c->status = state->a.out.result; - if (!composite_is_ok(c)) return; - - if (!creds_client_check(state->creds_state, - state->a.out.credentials)) { - DEBUG(5, ("Server got us invalid creds\n")); - composite_error(c, NT_STATUS_UNSUCCESSFUL); - return; - } - - cli_credentials_set_netlogon_creds(state->wks_creds, - state->creds_state); - - composite_done(c); -} - -NTSTATUS wb_get_schannel_creds_recv(struct composite_context *c, - TALLOC_CTX *mem_ctx, - struct dcerpc_pipe **netlogon_pipe) -{ - NTSTATUS status = composite_wait(c); - if (NT_STATUS_IS_OK(status)) { - struct get_schannel_creds_state *state = - talloc_get_type(c->private_data, - struct get_schannel_creds_state); - *netlogon_pipe = talloc_steal(mem_ctx, state->p); - } - talloc_free(c); - return status; -} - -NTSTATUS wb_get_schannel_creds(TALLOC_CTX *mem_ctx, - struct cli_credentials *wks_creds, - struct smbcli_tree *tree, - struct event_context *event_ctx, - struct dcerpc_pipe **netlogon_pipe) -{ - struct composite_context *c = - wb_get_schannel_creds_send(mem_ctx, wks_creds, tree, - event_ctx); - return wb_get_schannel_creds_recv(c, mem_ctx, netlogon_pipe); -} - struct lsa_lookupsids_state { struct composite_context *ctx; int num_sids; @@ -384,19 +177,6 @@ NTSTATUS wb_lsa_lookupsids_recv(struct composite_context *c, return status; } -NTSTATUS wb_lsa_lookupsids(TALLOC_CTX *mem_ctx, - struct dcerpc_pipe *lsa_pipe, - struct policy_handle *handle, - int num_sids, const struct dom_sid **sids, - struct wb_sid_object ***names) -{ - struct composite_context *c = - wb_lsa_lookupsids_send(mem_ctx, lsa_pipe, handle, - num_sids, sids); - return wb_lsa_lookupnames_recv(c, mem_ctx, names); -} - - struct lsa_lookupnames_state { struct composite_context *ctx; @@ -526,17 +306,6 @@ NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c, return status; } -NTSTATUS wb_lsa_lookupnames(TALLOC_CTX *mem_ctx, - struct dcerpc_pipe *lsa_pipe, - struct policy_handle *handle, - int num_names, const char **names, - struct wb_sid_object ***sids) -{ - struct composite_context *c = - wb_lsa_lookupnames_send(mem_ctx, lsa_pipe, handle, - num_names, names); - return wb_lsa_lookupnames_recv(c, mem_ctx, sids); -} #if 0 -- cgit From e0eba5232d3f2cd366b1cbe64fbd3547889c7635 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 15 Apr 2008 16:29:13 +0200 Subject: Fix winbind to check machine account. This enables 'wbinfo -t', by checking the machine account with a SamLogon call. Andrew Bartlett (This used to be commit abefa12029a17e9007f4884f3651d835a10ee9e3) --- source4/winbind/wb_async_helpers.c | 67 -------------------------------------- 1 file changed, 67 deletions(-) (limited to 'source4/winbind/wb_async_helpers.c') diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 662dd111dd..25d52a16b5 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -305,73 +305,6 @@ NTSTATUS wb_lsa_lookupnames_recv(struct composite_context *c, talloc_free(c); return status; } - - -#if 0 - -struct cmd_checkmachacc_state { - struct composite_context *ctx; - struct wbsrv_call *call; - struct wbsrv_domain *domain; -}; - -static void cmd_checkmachacc_recv_init(struct composite_context *ctx); - - struct composite_context *wb_cmd_checkmachacc_send(struct wbsrv_call *call) -{ - struct composite_context *result, *ctx; - struct cmd_checkmachacc_state *state; - struct wbsrv_service *service = call->wbconn->listen_socket->service; - - result = composite_create(mem_ctx, call->event_ctx; - if (result == NULL) goto failed; - - state = talloc(result, struct cmd_checkmachacc_state); - if (state == NULL) goto failed; - state->ctx = result; - result->private_data = state; - state->call = call; - - state->domain = service->domains; - - ctx = wb_init_domain_send(service, state->domain); - if (ctx == NULL) goto failed; - ctx->async.fn = cmd_checkmachacc_recv_init; - ctx->async.private_data = state; - - return result; - - failed: - talloc_free(result); - return NULL; -} - -static void cmd_checkmachacc_recv_init(struct composite_context *ctx) -{ - struct cmd_checkmachacc_state *state = - talloc_get_type(ctx->async.private_data, - struct cmd_checkmachacc_state); - - state->ctx->status = wb_init_domain_recv(ctx); - if (!composite_is_ok(state->ctx)) return; - - composite_done(state->ctx); -} - - NTSTATUS wb_cmd_checkmachacc_recv(struct composite_context *c) -{ - NTSTATUS status = composite_wait(c); - talloc_free(c); - return status; -} - - NTSTATUS wb_cmd_checkmachacc(struct wbsrv_call *call) -{ - struct composite_context *c = wb_cmd_checkmachacc_send(call); - return wb_cmd_checkmachacc_recv(c); -} -#endif - struct samr_getuserdomgroups_state { struct composite_context *ctx; struct dcerpc_pipe *samr_pipe; -- cgit