mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
s4:winbind: use ncalrpc for connections to ourself
That avoids recursion if "smbd" is used as file server. metze
This commit is contained in:
parent
8e8fde51b4
commit
692c42c427
@ -27,6 +27,8 @@
|
||||
#include "winbind/wb_server.h"
|
||||
#include "smbd/service_task.h"
|
||||
#include "libcli/finddc.h"
|
||||
#include "lib/socket/netif.h"
|
||||
#include "param/param.h"
|
||||
|
||||
struct get_dom_info_state {
|
||||
struct composite_context *ctx;
|
||||
@ -65,6 +67,24 @@ struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx,
|
||||
state->info->sid = dom_sid_dup(state->info, sid);
|
||||
if (state->info->sid == NULL) goto failed;
|
||||
|
||||
if ((lpcfg_server_role(service->task->lp_ctx) != ROLE_DOMAIN_MEMBER) &&
|
||||
dom_sid_equal(sid, service->primary_sid) &&
|
||||
service->sec_channel_type != SEC_CHAN_RODC) {
|
||||
struct interface *ifaces = NULL;
|
||||
|
||||
load_interface_list(state, service->task->lp_ctx, &ifaces);
|
||||
|
||||
state->info->dc = talloc(state->info, struct nbt_dc_name);
|
||||
|
||||
state->info->dc->address = talloc_strdup(state->info->dc,
|
||||
iface_list_n_ip(ifaces, 0));
|
||||
state->info->dc->name = talloc_strdup(state->info->dc,
|
||||
lpcfg_netbios_name(service->task->lp_ctx));
|
||||
|
||||
composite_done(state->ctx);
|
||||
return result;
|
||||
}
|
||||
|
||||
dom_sid = dom_sid_dup(mem_ctx, sid);
|
||||
if (dom_sid == NULL) goto failed;
|
||||
|
||||
|
@ -78,23 +78,34 @@ static struct dcerpc_binding *init_domain_binding(struct init_domain_state *stat
|
||||
const struct ndr_interface_table *table)
|
||||
{
|
||||
struct dcerpc_binding *binding;
|
||||
char *s;
|
||||
NTSTATUS status;
|
||||
|
||||
/* Make a binding string */
|
||||
{
|
||||
char *s = talloc_asprintf(state, "ncacn_np:%s", state->domain->dc_name);
|
||||
if ((lpcfg_server_role(state->service->task->lp_ctx) != ROLE_DOMAIN_MEMBER) &&
|
||||
dom_sid_equal(state->domain->info->sid, state->service->primary_sid) &&
|
||||
state->service->sec_channel_type != SEC_CHAN_RODC) {
|
||||
s = talloc_asprintf(state, "ncalrpc:%s", state->domain->dc_name);
|
||||
if (s == NULL) return NULL;
|
||||
status = dcerpc_parse_binding(state, s, &binding);
|
||||
talloc_free(s);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return NULL;
|
||||
}
|
||||
} else {
|
||||
s = talloc_asprintf(state, "ncacn_np:%s", state->domain->dc_name);
|
||||
if (s == NULL) return NULL;
|
||||
|
||||
}
|
||||
status = dcerpc_parse_binding(state, s, &binding);
|
||||
talloc_free(s);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Alter binding to contain hostname, but also address (so we don't look it up twice) */
|
||||
binding->target_hostname = state->domain->dc_name;
|
||||
binding->host = state->domain->dc_address;
|
||||
|
||||
if (binding->transport == NCALRPC) {
|
||||
return binding;
|
||||
}
|
||||
|
||||
/* This shouldn't make a network call, as the mappings for named pipes are well known */
|
||||
status = dcerpc_epm_map_binding(binding, binding, table, state->service->task->event_ctx,
|
||||
state->service->task->lp_ctx);
|
||||
|
Loading…
Reference in New Issue
Block a user