summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source/winbindd/winbindd.h1
-rw-r--r--source/winbindd/winbindd_cm.c59
-rw-r--r--source/winbindd/winbindd_proto.h3
3 files changed, 63 insertions, 0 deletions
diff --git a/source/winbindd/winbindd.h b/source/winbindd/winbindd.h
index d8e6ec4c7fc..f97eed07fc3 100644
--- a/source/winbindd/winbindd.h
+++ b/source/winbindd/winbindd.h
@@ -122,6 +122,7 @@ struct winbindd_cm_conn {
POLICY_HND sam_connect_handle, sam_domain_handle;
struct rpc_pipe_client *lsa_pipe;
+ struct rpc_pipe_client *lsa_pipe_tcp;
POLICY_HND lsa_policy;
struct rpc_pipe_client *netlogon_pipe;
diff --git a/source/winbindd/winbindd_cm.c b/source/winbindd/winbindd_cm.c
index 176104abce6..2f823cb6066 100644
--- a/source/winbindd/winbindd_cm.c
+++ b/source/winbindd/winbindd_cm.c
@@ -1542,6 +1542,14 @@ void invalidate_cm_connection(struct winbindd_cm_conn *conn)
}
}
+ if (conn->lsa_pipe_tcp != NULL) {
+ TALLOC_FREE(conn->lsa_pipe_tcp);
+ /* Ok, it must be dead. Drop timeout to 0.5 sec. */
+ if (conn->cli) {
+ cli_set_timeout(conn->cli, 500);
+ }
+ }
+
if (conn->netlogon_pipe != NULL) {
TALLOC_FREE(conn->netlogon_pipe);
/* Ok, it must be dead. Drop timeout to 0.5 sec. */
@@ -2150,6 +2158,57 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
return result;
}
+/**********************************************************************
+ open an schanneld ncacn_ip_tcp connection to LSA
+***********************************************************************/
+
+NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ struct rpc_pipe_client **cli)
+{
+ struct winbindd_cm_conn *conn;
+ NTSTATUS status;
+
+ DEBUG(10,("cm_connect_lsa_tcp\n"));
+
+ status = init_dc_connection(domain);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ conn = &domain->conn;
+
+ if (conn->lsa_pipe_tcp &&
+ conn->lsa_pipe_tcp->transport_type == NCACN_IP_TCP &&
+ conn->lsa_pipe_tcp->auth->auth_level == PIPE_AUTH_LEVEL_PRIVACY) {
+ goto done;
+ }
+
+ TALLOC_FREE(conn->lsa_pipe_tcp);
+
+ status = cli_rpc_pipe_open_schannel(conn->cli,
+ &ndr_table_lsarpc.syntax_id,
+ NCACN_IP_TCP,
+ PIPE_AUTH_LEVEL_PRIVACY,
+ domain->name,
+ &conn->lsa_pipe_tcp);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10,("cli_rpc_pipe_open_schannel failed: %s\n",
+ nt_errstr(status)));
+ goto done;
+ }
+
+ done:
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(conn->lsa_pipe_tcp);
+ return status;
+ }
+
+ *cli = conn->lsa_pipe_tcp;
+
+ return status;
+}
+
NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
struct rpc_pipe_client **cli, POLICY_HND *lsa_policy)
{
diff --git a/source/winbindd/winbindd_proto.h b/source/winbindd/winbindd_proto.h
index 9203c5a9743..53d424be5af 100644
--- a/source/winbindd/winbindd_proto.h
+++ b/source/winbindd/winbindd_proto.h
@@ -233,6 +233,9 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
struct rpc_pipe_client **cli, POLICY_HND *sam_handle);
NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
struct rpc_pipe_client **cli, POLICY_HND *lsa_policy);
+NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ struct rpc_pipe_client **cli);
NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
struct rpc_pipe_client **cli);
generated by cgit (git 2.34.1) at 2024-06-24 04:38:22 +0000