From c9b3404c68b0b5b1f2f3008736d77c476cc0e398 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnther=20Deschner?= Date: Wed, 12 Jan 2011 11:55:34 +0100 Subject: [PATCH] s3-winbind: prefer dcerpc_netr_X functions. Guenther Signed-off-by: Andreas Schneider --- source3/winbindd/winbindd_ads.c | 14 ++++++++-- source3/winbindd/winbindd_cm.c | 32 +++++++++++++++------ source3/winbindd/winbindd_dual_srv.c | 42 ++++++++++++++++++---------- source3/winbindd/winbindd_misc.c | 1 - 4 files changed, 61 insertions(+), 28 deletions(-) diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c index 6acdc0ba9e7..a392305b551 100644 --- a/source3/winbindd/winbindd_ads.c +++ b/source3/winbindd/winbindd_ads.c @@ -23,7 +23,7 @@ #include "includes.h" #include "winbindd.h" -#include "../librpc/gen_ndr/cli_netlogon.h" +#include "../librpc/gen_ndr/ndr_netlogon_c.h" #include "../libds/common/flags.h" #include "ads.h" #include "secrets.h" @@ -1292,10 +1292,12 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, struct netr_DomainTrustList *trusts) { NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + WERROR werr; int i; uint32 flags; struct rpc_pipe_client *cli; int ret_count; + struct dcerpc_binding_handle *b; DEBUG(3,("ads: trusted_domains\n")); @@ -1322,14 +1324,20 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain, return NT_STATUS_UNSUCCESSFUL; } - result = rpccli_netr_DsrEnumerateDomainTrusts(cli, mem_ctx, + b = cli->binding_handle; + + result = dcerpc_netr_DsrEnumerateDomainTrusts(b, mem_ctx, cli->desthost, flags, trusts, - NULL); + &werr); if (!NT_STATUS_IS_OK(result)) { return result; } + + if (!W_ERROR_IS_OK(werr)) { + return werror_to_ntstatus(werr); + } if (trusts->count == 0) { return NT_STATUS_OK; } diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 1986bee660d..b36f79fb3c7 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -61,7 +61,7 @@ #include "includes.h" #include "winbindd.h" #include "../libcli/auth/libcli_auth.h" -#include "../librpc/gen_ndr/cli_netlogon.h" +#include "../librpc/gen_ndr/ndr_netlogon_c.h" #include "rpc_client/cli_netlogon.h" #include "../librpc/gen_ndr/cli_samr.h" #include "../librpc/gen_ndr/cli_lsa.h" @@ -603,6 +603,7 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain, unsigned int orig_timeout; const char *tmp = NULL; const char *p; + struct dcerpc_binding_handle *b; /* Hmmmm. We can only open one connection to the NETLOGON pipe at the * moment.... */ @@ -627,6 +628,8 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain, return False; } + b = netlogon_pipe->binding_handle; + /* This call can take a long time - allow the server to time out. 35 seconds should do it. */ @@ -635,7 +638,7 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain, if (our_domain->active_directory) { struct netr_DsRGetDCNameInfo *domain_info = NULL; - result = rpccli_netr_DsRGetDCName(netlogon_pipe, + result = dcerpc_netr_DsRGetDCName(b, mem_ctx, our_domain->dcname, domain->name, @@ -662,7 +665,7 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain, } } } else { - result = rpccli_netr_GetAnyDCName(netlogon_pipe, mem_ctx, + result = dcerpc_netr_GetAnyDCName(b, mem_ctx, our_domain->dcname, domain->name, &tmp, @@ -673,27 +676,27 @@ static bool get_dc_name_via_netlogon(struct winbindd_domain *domain, rpccli_set_timeout(netlogon_pipe, orig_timeout); if (!NT_STATUS_IS_OK(result)) { - DEBUG(10,("rpccli_netr_GetAnyDCName failed: %s\n", + DEBUG(10,("dcerpc_netr_GetAnyDCName failed: %s\n", nt_errstr(result))); talloc_destroy(mem_ctx); return false; } if (!W_ERROR_IS_OK(werr)) { - DEBUG(10,("rpccli_netr_GetAnyDCName failed: %s\n", + DEBUG(10,("dcerpc_netr_GetAnyDCName failed: %s\n", win_errstr(werr))); talloc_destroy(mem_ctx); return false; } - /* rpccli_netr_GetAnyDCName gives us a name with \\ */ + /* dcerpc_netr_GetAnyDCName gives us a name with \\ */ p = strip_hostname(tmp); fstrcpy(dcname, p); talloc_destroy(mem_ctx); - DEBUG(10,("rpccli_netr_GetAnyDCName returned %s\n", dcname)); + DEBUG(10,("dcerpc_netr_GetAnyDCName returned %s\n", dcname)); if (!resolve_name(dcname, dc_ss, 0x20, true)) { return False; @@ -1704,6 +1707,7 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain ) { struct winbindd_domain *our_domain; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + WERROR werr; struct netr_DomainTrustList trusts; int i; uint32 flags = (NETR_TRUST_FLAG_IN_FOREST | @@ -1711,6 +1715,7 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain ) NETR_TRUST_FLAG_INBOUND); struct rpc_pipe_client *cli; TALLOC_CTX *mem_ctx = NULL; + struct dcerpc_binding_handle *b; DEBUG(5, ("set_dc_type_and_flags_trustinfo: domain %s\n", domain->name )); @@ -1745,16 +1750,18 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain ) return False; } + b = cli->binding_handle; + if ( (mem_ctx = talloc_init("set_dc_type_and_flags_trustinfo")) == NULL ) { DEBUG(0,("set_dc_type_and_flags_trustinfo: talloc_init() failed!\n")); return False; } - result = rpccli_netr_DsrEnumerateDomainTrusts(cli, mem_ctx, + result = dcerpc_netr_DsrEnumerateDomainTrusts(b, mem_ctx, cli->desthost, flags, &trusts, - NULL); + &werr); if (!NT_STATUS_IS_OK(result)) { DEBUG(0,("set_dc_type_and_flags_trustinfo: " "failed to query trusted domain list: %s\n", @@ -1762,6 +1769,13 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain ) talloc_destroy(mem_ctx); return false; } + if (!W_ERROR_IS_OK(werr)) { + DEBUG(0,("set_dc_type_and_flags_trustinfo: " + "failed to query trusted domain list: %s\n", + win_errstr(werr))); + talloc_destroy(mem_ctx); + return false; + } /* Now find the domain name and get the flags */ diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 1501fd8c6db..18d0f0e053a 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -24,7 +24,7 @@ #include "winbindd/winbindd.h" #include "winbindd/winbindd_proto.h" #include "librpc/gen_ndr/srv_wbint.h" -#include "../librpc/gen_ndr/cli_netlogon.h" +#include "../librpc/gen_ndr/ndr_netlogon_c.h" #include "idmap.h" #include "../libcli/security/security.h" @@ -291,6 +291,7 @@ NTSTATUS _wbint_DsGetDcName(struct pipes_struct *p, struct wbint_DsGetDcName *r) NTSTATUS status; WERROR werr; unsigned int orig_timeout; + struct dcerpc_binding_handle *b; if (domain == NULL) { return dsgetdcname(p->mem_ctx, winbind_messaging_context(), @@ -307,14 +308,16 @@ NTSTATUS _wbint_DsGetDcName(struct pipes_struct *p, struct wbint_DsGetDcName *r) return status; } + b = netlogon_pipe->binding_handle; + /* This call can take a long time - allow the server to time out. 35 seconds should do it. */ orig_timeout = rpccli_set_timeout(netlogon_pipe, 35000); if (domain->active_directory) { - status = rpccli_netr_DsRGetDCName( - netlogon_pipe, p->mem_ctx, domain->dcname, + status = dcerpc_netr_DsRGetDCName(b, + p->mem_ctx, domain->dcname, r->in.domain_name, NULL, r->in.domain_guid, r->in.flags, r->out.dc_info, &werr); if (NT_STATUS_IS_OK(status) && W_ERROR_IS_OK(werr)) { @@ -333,22 +336,22 @@ NTSTATUS _wbint_DsGetDcName(struct pipes_struct *p, struct wbint_DsGetDcName *r) } if (r->in.flags & DS_PDC_REQUIRED) { - status = rpccli_netr_GetDcName( - netlogon_pipe, p->mem_ctx, domain->dcname, + status = dcerpc_netr_GetDcName(b, + p->mem_ctx, domain->dcname, r->in.domain_name, &dc_info->dc_unc, &werr); } else { - status = rpccli_netr_GetAnyDCName( - netlogon_pipe, p->mem_ctx, domain->dcname, + status = dcerpc_netr_GetAnyDCName(b, + p->mem_ctx, domain->dcname, r->in.domain_name, &dc_info->dc_unc, &werr); } if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("rpccli_netr_Get[Any]DCName failed: %s\n", + DEBUG(10, ("dcerpc_netr_Get[Any]DCName failed: %s\n", nt_errstr(status))); goto done; } if (!W_ERROR_IS_OK(werr)) { - DEBUG(10, ("rpccli_netr_Get[Any]DCName failed: %s\n", + DEBUG(10, ("dcerpc_netr_Get[Any]DCName failed: %s\n", win_errstr(werr))); status = werror_to_ntstatus(werr); goto done; @@ -526,6 +529,7 @@ NTSTATUS _wbint_PingDc(struct pipes_struct *p, struct wbint_PingDc *r) union netr_CONTROL_QUERY_INFORMATION info; WERROR werr; fstring logon_server; + struct dcerpc_binding_handle *b; domain = wb_child_domain(); if (domain == NULL) { @@ -538,6 +542,8 @@ NTSTATUS _wbint_PingDc(struct pipes_struct *p, struct wbint_PingDc *r) return status; } + b = netlogon_pipe->binding_handle; + fstr_sprintf(logon_server, "\\\\%s", domain->dcname); /* @@ -546,23 +552,29 @@ NTSTATUS _wbint_PingDc(struct pipes_struct *p, struct wbint_PingDc *r) * call to work, but the main point here is testing that the * netlogon pipe works. */ - status = rpccli_netr_LogonControl(netlogon_pipe, p->mem_ctx, + status = dcerpc_netr_LogonControl(b, p->mem_ctx, logon_server, NETLOGON_CONTROL_QUERY, 2, &info, &werr); if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) { - DEBUG(2, ("rpccli_netr_LogonControl timed out\n")); + DEBUG(2, ("dcerpc_netr_LogonControl timed out\n")); invalidate_cm_connection(&domain->conn); return status; } - if (!NT_STATUS_EQUAL(status, NT_STATUS_CTL_FILE_NOT_SUPPORTED)) { - DEBUG(2, ("rpccli_netr_LogonControl returned %s, expected " - "NT_STATUS_CTL_FILE_NOT_SUPPORTED\n", - nt_errstr(status))); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(2, ("dcerpc_netr_LogonControl failed: %s\n", + nt_errstr(status))); return status; } + if (!W_ERROR_EQUAL(werr, WERR_NOT_SUPPORTED)) { + DEBUG(2, ("dcerpc_netr_LogonControl returned %s, expected " + "WERR_NOT_SUPPORTED\n", + win_errstr(werr))); + return werror_to_ntstatus(werr); + } + DEBUG(5, ("winbindd_dual_ping_dc succeeded\n")); return NT_STATUS_OK; } diff --git a/source3/winbindd/winbindd_misc.c b/source3/winbindd/winbindd_misc.c index 84e8c3880db..caf213b5511 100644 --- a/source3/winbindd/winbindd_misc.c +++ b/source3/winbindd/winbindd_misc.c @@ -22,7 +22,6 @@ #include "includes.h" #include "winbindd.h" -#include "../librpc/gen_ndr/cli_netlogon.h" #undef DBGC_CLASS #define DBGC_CLASS DBGC_WINBIND