1
0
mirror of https://github.com/samba-team/samba.git synced 2025-08-09 17:49:29 +03:00

s3:winbindd: make sure we don't try rpc requests against unaccessable domains

This makes sure we don't crash while trying to dereference domain->conn.cli->foo
while trying to establish a rpc connection to the server.

metze
This commit is contained in:
Stefan Metzmacher
2010-04-01 09:29:38 +02:00
parent 658dc77446
commit d930904b99

View File

@ -1632,7 +1632,13 @@ static NTSTATUS init_dc_connection_network(struct winbindd_domain *domain)
NTSTATUS result;
/* Internal connections never use the network. */
if (domain->internal || !winbindd_can_contact_domain(domain)) {
if (domain->internal) {
domain->initialized = True;
return NT_STATUS_OK;
}
if (!winbindd_can_contact_domain(domain)) {
invalidate_cm_connection(&domain->conn);
domain->initialized = True;
return NT_STATUS_OK;
}
@ -1665,6 +1671,23 @@ NTSTATUS init_dc_connection(struct winbindd_domain *domain)
return init_dc_connection_network(domain);
}
static NTSTATUS init_dc_connection_rpc(struct winbindd_domain *domain)
{
NTSTATUS status;
status = init_dc_connection(domain);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (!domain->internal && domain->conn.cli == NULL) {
/* happens for trusted domains without inbound trust */
return NT_STATUS_TRUSTED_DOMAIN_FAILURE;
}
return NT_STATUS_OK;
}
/******************************************************************************
Set the trust flags (direction and forest location) for a domain
******************************************************************************/
@ -2011,7 +2034,7 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
char *machine_account = NULL;
char *domain_name = NULL;
result = init_dc_connection(domain);
result = init_dc_connection_rpc(domain);
if (!NT_STATUS_IS_OK(result)) {
return result;
}
@ -2194,7 +2217,7 @@ NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain,
DEBUG(10,("cm_connect_lsa_tcp\n"));
status = init_dc_connection(domain);
status = init_dc_connection_rpc(domain);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@ -2240,7 +2263,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
struct netlogon_creds_CredentialState *p_creds;
result = init_dc_connection(domain);
result = init_dc_connection_rpc(domain);
if (!NT_STATUS_IS_OK(result))
return result;
@ -2372,7 +2395,7 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
*cli = NULL;
result = init_dc_connection(domain);
result = init_dc_connection_rpc(domain);
if (!NT_STATUS_IS_OK(result)) {
return result;
}