s4:libnet: use a connected CLDAP socket.

This is needed because we don't (want) to specify an explicit
local address. And the socket family (ipv4 vs. ipv6) needs to
be autodetected based on the remote address before the
socket() syscall.

Otherwise we would try to connect to a ipv4 address through an
ipv6only socket.

metze

diff --git a/source4/libnet/config.mk b/source4/libnet/config.mk
index eede8c871de080e1885315714de08617b1044976..b99887889e8e9e3416bfabe9b264fbc0201d000f 100644 (file)
--- a/source4/libnet/config.mk
+++ b/source4/libnet/config.mk
@@ -1,5 +1,5 @@
 [SUBSYSTEM::LIBSAMBA-NET]
-PUBLIC_DEPENDENCIES = CREDENTIALS dcerpc dcerpc_samr RPC_NDR_LSA RPC_NDR_SRVSVC RPC_NDR_DRSUAPI LIBCLI_COMPOSITE LIBCLI_RESOLVE LIBCLI_FINDDCS LIBCLI_CLDAP LIBCLI_FINDDCS gensec_schannel LIBCLI_AUTH LIBNDR SMBPASSWD PROVISION LIBCLI_SAMSYNC HDB_SAMBA4
+PUBLIC_DEPENDENCIES = CREDENTIALS dcerpc dcerpc_samr RPC_NDR_LSA RPC_NDR_SRVSVC RPC_NDR_DRSUAPI LIBCLI_COMPOSITE LIBCLI_RESOLVE LIBCLI_FINDDCS LIBCLI_CLDAP LIBCLI_FINDDCS gensec_schannel LIBCLI_AUTH LIBNDR SMBPASSWD PROVISION LIBCLI_SAMSYNC HDB_SAMBA4 LIBTSOCKET
 
 LIBSAMBA-NET_OBJ_FILES = $(addprefix $(libnetsrcdir)/, \
        libnet.o libnet_passwd.o libnet_time.o libnet_rpc.o \

diff --git a/source4/libnet/libnet_become_dc.c b/source4/libnet/libnet_become_dc.c
index f3e4ec7ccdfde6dc58ca1a4298734711d5fd8e30..101896ff6714f235f85c4d3316a1e074b77500ff 100644 (file)
--- a/source4/libnet/libnet_become_dc.c
+++ b/source4/libnet/libnet_become_dc.c
@@ -34,6 +34,7 @@
 #include "librpc/gen_ndr/ndr_drsuapi.h"
 #include "auth/gensec/gensec.h"
 #include "param/param.h"
+#include "lib/tsocket/tsocket.h"
 
 /*****************************************************************************
  * Windows 2003 (w2k3) does the following steps when changing the server role
@@ -753,9 +754,11 @@ static void becomeDC_send_cldap(struct libnet_BecomeDC_state *s)
 {
        struct composite_context *c = s->creq;
        struct tevent_req *req;
+       struct tsocket_address *dest_address;
+       int ret;
 
-       s->cldap.io.in.dest_address     = s->source_dsa.address;
-       s->cldap.io.in.dest_port        = lp_cldap_port(s->libnet->lp_ctx);
+       s->cldap.io.in.dest_address     = NULL;
+       s->cldap.io.in.dest_port        = 0;
        s->cldap.io.in.realm            = s->domain.dns_name;
        s->cldap.io.in.host             = s->dest_dsa.netbios_name;
        s->cldap.io.in.user             = NULL;
@@ -765,8 +768,17 @@ static void becomeDC_send_cldap(struct libnet_BecomeDC_state *s)
        s->cldap.io.in.version          = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
        s->cldap.io.in.map_response     = true;
 
+       ret = tsocket_address_inet_from_strings(s, "ip",
+                                               s->source_dsa.address,
+                                               lp_cldap_port(s->libnet->lp_ctx),
+                                               &dest_address);
+       if (ret != 0) {
+               c->status = map_nt_error_from_unix(errno);
+               if (!composite_is_ok(c)) return;
+       }
+
        c->status = cldap_socket_init(s, s->libnet->event_ctx,
-                                     NULL, NULL, &s->cldap.sock);//TODO
+                                     NULL, dest_address, &s->cldap.sock);
        if (!composite_is_ok(c)) return;
 
        req = cldap_netlogon_send(s, s->cldap.sock, &s->cldap.io);

diff --git a/source4/libnet/libnet_site.c b/source4/libnet/libnet_site.c
index 8a002b24a4b1e03346f8964743e65cdd8b196fa4..410fb4b517ca3b44fc24ab8469210c301d378bd8 100644 (file)
--- a/source4/libnet/libnet_site.c
+++ b/source4/libnet/libnet_site.c
@@ -25,6 +25,7 @@
 #include "librpc/rpc/dcerpc.h"
 #include "libcli/resolve/resolve.h"
 #include "param/param.h"
+#include "lib/tsocket/tsocket.h"
 
 /**
  * 1. Setup a CLDAP socket.
@@ -41,6 +42,8 @@ NTSTATUS libnet_FindSite(TALLOC_CTX *ctx, struct libnet_context *lctx, struct li
 
        struct cldap_socket *cldap = NULL;
        struct cldap_netlogon search;
+       int ret;
+       struct tsocket_address *dest_address;
 
        tmp_ctx = talloc_named(ctx, 0, "libnet_FindSite temp context");
        if (!tmp_ctx) {
@@ -50,14 +53,24 @@ NTSTATUS libnet_FindSite(TALLOC_CTX *ctx, struct libnet_context *lctx, struct li
 
        /* Resolve the site name. */
        ZERO_STRUCT(search);
-       search.in.dest_address = r->in.dest_address;
-       search.in.dest_port = r->in.cldap_port;
+       search.in.dest_address = NULL;
+       search.in.dest_port = 0;
        search.in.acct_control = -1;
        search.in.version = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
        search.in.map_response = true;
 
+       ret = tsocket_address_inet_from_strings(tmp_ctx, "ip",
+                                               r->in.dest_address,
+                                               r->in.cldap_port,
+                                               &dest_address);
+       if (ret != 0) {
+               r->out.error_string = NULL;
+               status = map_nt_error_from_unix(errno);
+               return status;
+       }
+
        /* we want to use non async calls, so we're not passing an event context */
-       status = cldap_socket_init(tmp_ctx, NULL, NULL, NULL, &cldap);//TODO
+       status = cldap_socket_init(tmp_ctx, NULL, NULL, dest_address, &cldap);
        if (!NT_STATUS_IS_OK(status)) {
                talloc_free(tmp_ctx);
                r->out.error_string = NULL;

diff --git a/source4/libnet/libnet_unbecome_dc.c b/source4/libnet/libnet_unbecome_dc.c
index 6e1ecf072d26aeabdfe390635c2cda492af0d06f..5fd0d556022f526a428ad89e78027c133e16373c 100644 (file)
--- a/source4/libnet/libnet_unbecome_dc.c
+++ b/source4/libnet/libnet_unbecome_dc.c
@@ -28,6 +28,7 @@
 #include "../libds/common/flags.h"
 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
 #include "param/param.h"
+#include "lib/tsocket/tsocket.h"
 
 /*****************************************************************************
  * Windows 2003 (w2k3) does the following steps when changing the server role
@@ -256,9 +257,11 @@ static void unbecomeDC_send_cldap(struct libnet_UnbecomeDC_state *s)
 {
        struct composite_context *c = s->creq;
        struct tevent_req *req;
+       struct tsocket_address *dest_address;
+       int ret;
 
-       s->cldap.io.in.dest_address     = s->source_dsa.address;
-       s->cldap.io.in.dest_port        = lp_cldap_port(s->libnet->lp_ctx);
+       s->cldap.io.in.dest_address     = NULL;
+       s->cldap.io.in.dest_port        = 0;
        s->cldap.io.in.realm            = s->domain.dns_name;
        s->cldap.io.in.host             = s->dest_dsa.netbios_name;
        s->cldap.io.in.user             = NULL;
@@ -268,8 +271,17 @@ static void unbecomeDC_send_cldap(struct libnet_UnbecomeDC_state *s)
        s->cldap.io.in.version          = NETLOGON_NT_VERSION_5 | NETLOGON_NT_VERSION_5EX;
        s->cldap.io.in.map_response     = true;
 
+       ret = tsocket_address_inet_from_strings(s, "ip",
+                                               s->source_dsa.address,
+                                               lp_cldap_port(s->libnet->lp_ctx),
+                                               &dest_address);
+       if (ret != 0) {
+               c->status = map_nt_error_from_unix(errno);
+               if (!composite_is_ok(c)) return;
+       }
+
        c->status = cldap_socket_init(s, s->libnet->event_ctx,
-                                     NULL, NULL, &s->cldap.sock);//TODO
+                                     NULL, dest_address, &s->cldap.sock);
        if (!composite_is_ok(c)) return;
 
        req = cldap_netlogon_send(s, s->cldap.sock, &s->cldap.io);