#include "includes.h"
#include "../libcli/cldap/cldap.h"
+#include "../librpc/gen_ndr/ndr_netlogon.h"
#include "../lib/tsocket/tsocket.h"
#include "../lib/util/tevent_ntstatus.h"
#include "libads/cldap.h"
static void cldap_multi_netlogon_done(struct tevent_req *subreq);
static void cldap_multi_netlogon_next(struct tevent_req *subreq);
+/****************************************************************
+****************************************************************/
+
+#define RETURN_ON_FALSE(x) if (!(x)) return false;
+
+bool check_cldap_reply_required_flags(uint32_t ret_flags,
+ uint32_t req_flags)
+{
+ if (req_flags == 0) {
+ return true;
+ }
+
+ if (req_flags & DS_PDC_REQUIRED)
+ RETURN_ON_FALSE(ret_flags & NBT_SERVER_PDC);
+
+ if (req_flags & DS_GC_SERVER_REQUIRED)
+ RETURN_ON_FALSE(ret_flags & NBT_SERVER_GC);
+
+ if (req_flags & DS_ONLY_LDAP_NEEDED)
+ RETURN_ON_FALSE(ret_flags & NBT_SERVER_LDAP);
+
+ if ((req_flags & DS_DIRECTORY_SERVICE_REQUIRED) ||
+ (req_flags & DS_DIRECTORY_SERVICE_PREFERRED))
+ RETURN_ON_FALSE(ret_flags & NBT_SERVER_DS);
+
+ if (req_flags & DS_KDC_REQUIRED)
+ RETURN_ON_FALSE(ret_flags & NBT_SERVER_KDC);
+
+ if (req_flags & DS_TIMESERV_REQUIRED)
+ RETURN_ON_FALSE(ret_flags & NBT_SERVER_TIMESERV);
+
+ if (req_flags & DS_WRITABLE_REQUIRED)
+ RETURN_ON_FALSE(ret_flags & NBT_SERVER_WRITABLE);
+
+ return true;
+}
+
/*
* Do a parallel cldap ping to the servers. The first "min_servers"
* are fired directly, the remaining ones in 100msec intervals. If
/* The following definitions come from libads/cldap.c */
+bool check_cldap_reply_required_flags(uint32_t ret_flags,
+ uint32_t req_flags);
+
struct tevent_req *cldap_multi_netlogon_send(
TALLOC_CTX *mem_ctx, struct tevent_context *ev,
const struct tsocket_address * const *servers,
SAFE_FREE(ads->config.client_site_name);
SAFE_FREE(ads->server.workgroup);
- ads->config.flags = cldap_reply.server_type;
+ if (!check_cldap_reply_required_flags(cldap_reply.server_type,
+ ads->config.flags)) {
+ ret = false;
+ goto out;
+ }
+
ads->config.ldap_server_name = SMB_STRDUP(cldap_reply.pdc_dns_name);
ads->config.realm = SMB_STRDUP(cldap_reply.dns_domain);
if (!strupper_m(ads->config.realm)) {
sitename_store( cldap_reply.domain_name, cldap_reply.client_site);
sitename_store( cldap_reply.dns_domain, cldap_reply.client_site);
+ /* Leave this until last so that the flags are not clobbered */
+ ads->config.flags = cldap_reply.server_type;
+
ret = true;
out:
check_negative_conn_cache(domain, server)))
continue;
+ /* Returns ok only if it matches the correct server type */
ok = ads_try_connect(ads, false, &ip_list[i].ss);
+
if (ok) {
return NT_STATUS_OK;
}
/****************************************************************
****************************************************************/
-#define RETURN_ON_FALSE(x) if (!(x)) return false;
-
-static bool check_cldap_reply_required_flags(uint32_t ret_flags,
- uint32_t req_flags)
-{
- if (req_flags == 0) {
- return true;
- }
-
- if (req_flags & DS_PDC_REQUIRED)
- RETURN_ON_FALSE(ret_flags & NBT_SERVER_PDC);
-
- if (req_flags & DS_GC_SERVER_REQUIRED)
- RETURN_ON_FALSE(ret_flags & NBT_SERVER_GC);
-
- if (req_flags & DS_ONLY_LDAP_NEEDED)
- RETURN_ON_FALSE(ret_flags & NBT_SERVER_LDAP);
-
- if ((req_flags & DS_DIRECTORY_SERVICE_REQUIRED) ||
- (req_flags & DS_DIRECTORY_SERVICE_PREFERRED))
- RETURN_ON_FALSE(ret_flags & NBT_SERVER_DS);
-
- if (req_flags & DS_KDC_REQUIRED)
- RETURN_ON_FALSE(ret_flags & NBT_SERVER_KDC);
-
- if (req_flags & DS_TIMESERV_REQUIRED)
- RETURN_ON_FALSE(ret_flags & NBT_SERVER_TIMESERV);
-
- if (req_flags & DS_WRITABLE_REQUIRED)
- RETURN_ON_FALSE(ret_flags & NBT_SERVER_WRITABLE);
-
- return true;
-}
-
-/****************************************************************
-****************************************************************/
-
static NTSTATUS dsgetdcname_cache_fetch(TALLOC_CTX *mem_ctx,
const char *domain_name,
const struct GUID *domain_guid,