From 7ee94fac38c1f8734b4ce869d817769beea96017 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Sat, 12 Sep 2009 23:30:39 +0200 Subject: s3-winbindd: add cm_connect_lsa_tcp(). Guenther (cherry picked from commit 58f2deb94024f002e3c3df47f45454edc97f47e1) (cherry picked from commit 7e4e12f120c666f31af042ab59fd9478017740ea) --- source/winbindd/winbindd.h | 1 + source/winbindd/winbindd_cm.c | 59 ++++++++++++++++++++++++++++++++++++++++ source/winbindd/winbindd_proto.h | 3 ++ 3 files changed, 63 insertions(+) diff --git a/source/winbindd/winbindd.h b/source/winbindd/winbindd.h index d8e6ec4c7fc..f97eed07fc3 100644 --- a/source/winbindd/winbindd.h +++ b/source/winbindd/winbindd.h @@ -122,6 +122,7 @@ struct winbindd_cm_conn { POLICY_HND sam_connect_handle, sam_domain_handle; struct rpc_pipe_client *lsa_pipe; + struct rpc_pipe_client *lsa_pipe_tcp; POLICY_HND lsa_policy; struct rpc_pipe_client *netlogon_pipe; diff --git a/source/winbindd/winbindd_cm.c b/source/winbindd/winbindd_cm.c index 176104abce6..2f823cb6066 100644 --- a/source/winbindd/winbindd_cm.c +++ b/source/winbindd/winbindd_cm.c @@ -1542,6 +1542,14 @@ void invalidate_cm_connection(struct winbindd_cm_conn *conn) } } + if (conn->lsa_pipe_tcp != NULL) { + TALLOC_FREE(conn->lsa_pipe_tcp); + /* Ok, it must be dead. Drop timeout to 0.5 sec. */ + if (conn->cli) { + cli_set_timeout(conn->cli, 500); + } + } + if (conn->netlogon_pipe != NULL) { TALLOC_FREE(conn->netlogon_pipe); /* Ok, it must be dead. Drop timeout to 0.5 sec. */ @@ -2150,6 +2158,57 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, return result; } +/********************************************************************** + open an schanneld ncacn_ip_tcp connection to LSA +***********************************************************************/ + +NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, + struct rpc_pipe_client **cli) +{ + struct winbindd_cm_conn *conn; + NTSTATUS status; + + DEBUG(10,("cm_connect_lsa_tcp\n")); + + status = init_dc_connection(domain); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + + conn = &domain->conn; + + if (conn->lsa_pipe_tcp && + conn->lsa_pipe_tcp->transport_type == NCACN_IP_TCP && + conn->lsa_pipe_tcp->auth->auth_level == PIPE_AUTH_LEVEL_PRIVACY) { + goto done; + } + + TALLOC_FREE(conn->lsa_pipe_tcp); + + status = cli_rpc_pipe_open_schannel(conn->cli, + &ndr_table_lsarpc.syntax_id, + NCACN_IP_TCP, + PIPE_AUTH_LEVEL_PRIVACY, + domain->name, + &conn->lsa_pipe_tcp); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10,("cli_rpc_pipe_open_schannel failed: %s\n", + nt_errstr(status))); + goto done; + } + + done: + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(conn->lsa_pipe_tcp); + return status; + } + + *cli = conn->lsa_pipe_tcp; + + return status; +} + NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, struct rpc_pipe_client **cli, POLICY_HND *lsa_policy) { diff --git a/source/winbindd/winbindd_proto.h b/source/winbindd/winbindd_proto.h index 9203c5a9743..53d424be5af 100644 --- a/source/winbindd/winbindd_proto.h +++ b/source/winbindd/winbindd_proto.h @@ -233,6 +233,9 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, struct rpc_pipe_client **cli, POLICY_HND *sam_handle); NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, struct rpc_pipe_client **cli, POLICY_HND *lsa_policy); +NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain, + TALLOC_CTX *mem_ctx, + struct rpc_pipe_client **cli); NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, struct rpc_pipe_client **cli); -- cgit