Attachment 4228 Details for Bug 24281 – Patch für winbind4 zur Vermeidung von Rekursion wenn "smbd" als File-Server verwendet wird.

[patch] Patch für winbind4 zur Vermeidung von Rekursion wenn "smbd" als File-Server verwendet wird.

ncalrpc.patch (text/plain), 3.37 KB, created by Arvid Requate on 2012-02-27 15:39:50 CET

(hide)

Description:

Filename:

MIME Type:

Creator: Arvid Requate

Created: 2012-02-27 15:39:50 CET

Size: 3.37 KB

patch

obsolete

>From 2951d27856bbf38b6b25ba385239bc754408ba74 Mon Sep 17 00:00:00 2001
>From: Stefan Metzmacher <metze@samba.org>
>Date: Fri, 24 Feb 2012 15:58:40 +0100
>Subject: [PATCH] s4:winbind: use ncalrpc for connections to ourself
>
>That avoids recursion if "smbd" is used as file server.
>
>metze
>---
> source4/winbind/wb_dom_info.c    |   20 ++++++++++++++++++++
> source4/winbind/wb_init_domain.c |   25 ++++++++++++++++++-------
> 2 files changed, 38 insertions(+), 7 deletions(-)
>
>diff --git a/source4/winbind/wb_dom_info.c b/source4/winbind/wb_dom_info.c
>index 5402c1c..e2b5def 100644
>--- a/source4/winbind/wb_dom_info.c
>+++ b/source4/winbind/wb_dom_info.c
>@@ -27,6 +27,8 @@
> #include "winbind/wb_server.h"
> #include "smbd/service_task.h"
> #include "libcli/finddc.h"
>+#include "lib/socket/netif.h"
>+#include "param/param.h"
> 
> struct get_dom_info_state {
> 	struct composite_context *ctx;
>@@ -65,6 +67,24 @@ struct composite_context *wb_get_dom_info_send(TALLOC_CTX *mem_ctx,
> 	state->info->sid = dom_sid_dup(state->info, sid);
> 	if (state->info->sid == NULL) goto failed;
> 
>+	if ((lpcfg_server_role(service->task->lp_ctx) != ROLE_DOMAIN_MEMBER) &&
>+	    dom_sid_equal(sid, service->primary_sid) &&
>+	    service->sec_channel_type != SEC_CHAN_RODC) {
>+		struct interface *ifaces = NULL;
>+
>+		load_interface_list(state, service->task->lp_ctx, &ifaces);
>+
>+		state->info->dc = talloc(state->info, struct nbt_dc_name);
>+
>+		state->info->dc->address = talloc_strdup(state->info->dc,
>+						iface_list_n_ip(ifaces, 0));
>+		state->info->dc->name = talloc_strdup(state->info->dc,
>+						lpcfg_netbios_name(service->task->lp_ctx));
>+
>+		composite_done(state->ctx);
>+		return result;
>+	}
>+
> 	dom_sid = dom_sid_dup(mem_ctx, sid);
> 	if (dom_sid == NULL) goto failed;
> 
>diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c
>index 9d807d8..4d6177b 100644
>--- a/source4/winbind/wb_init_domain.c
>+++ b/source4/winbind/wb_init_domain.c
>@@ -78,23 +78,34 @@ static struct dcerpc_binding *init_domain_binding(struct init_domain_state *stat
> 						  const struct ndr_interface_table *table) 
> {
> 	struct dcerpc_binding *binding;
>+	char *s;
> 	NTSTATUS status;
> 
> 	/* Make a binding string */
>-	{
>-		char *s = talloc_asprintf(state, "ncacn_np:%s", state->domain->dc_name);
>+	if ((lpcfg_server_role(state->service->task->lp_ctx) != ROLE_DOMAIN_MEMBER) &&
>+	    dom_sid_equal(state->domain->info->sid, state->service->primary_sid) &&
>+	    state->service->sec_channel_type != SEC_CHAN_RODC) {
>+		s = talloc_asprintf(state, "ncalrpc:%s", state->domain->dc_name);
> 		if (s == NULL) return NULL;
>-		status = dcerpc_parse_binding(state, s, &binding);
>-		talloc_free(s);
>-		if (!NT_STATUS_IS_OK(status)) {
>-			return NULL;
>-		}
>+	} else {
>+		s = talloc_asprintf(state, "ncacn_np:%s", state->domain->dc_name);
>+		if (s == NULL) return NULL;
>+
>+	}
>+	status = dcerpc_parse_binding(state, s, &binding);
>+	talloc_free(s);
>+	if (!NT_STATUS_IS_OK(status)) {
>+		return NULL;
> 	}
> 
> 	/* Alter binding to contain hostname, but also address (so we don't look it up twice) */
> 	binding->target_hostname = state->domain->dc_name;
> 	binding->host = state->domain->dc_address;
> 
>+	if (binding->transport == NCALRPC) {
>+		return binding;
>+	}
>+
> 	/* This shouldn't make a network call, as the mappings for named pipes are well known */
> 	status = dcerpc_epm_map_binding(binding, binding, table, state->service->task->event_ctx,
> 					state->service->task->lp_ctx);
>-- 
>1.7.0.4
>

Actions: View | Diff

Attachments on bug 24281: 4111 | 4112 | 4228