s3-winbindd: add cm_connect_lsa_tcp().

Guenther

diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
index b61017e513f3a7b31fd951fd06b2a93c42583179..c0df6fde3e00d7ec2fac73acd750ea6c3eb75de3 100644 (file)
--- a/source3/winbindd/winbindd.h
+++ b/source3/winbindd/winbindd.h
@@ -115,6 +115,7 @@ struct winbindd_cm_conn {
        struct policy_handle sam_connect_handle, sam_domain_handle;
 
        struct rpc_pipe_client *lsa_pipe;
+       struct rpc_pipe_client *lsa_pipe_tcp;
        struct policy_handle lsa_policy;
 
        struct rpc_pipe_client *netlogon_pipe;

diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 450bb1bc06cd9249813aed642578ba745b1f8ab4..b430fbb401ab868f32a297e016472fc46c5e27a0 100644 (file)
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -1561,6 +1561,14 @@ void invalidate_cm_connection(struct winbindd_cm_conn *conn)
                }
        }
 
+       if (conn->lsa_pipe_tcp != NULL) {
+               TALLOC_FREE(conn->lsa_pipe_tcp);
+               /* Ok, it must be dead. Drop timeout to 0.5 sec. */
+               if (conn->cli) {
+                       cli_set_timeout(conn->cli, 500);
+               }
+       }
+
        if (conn->netlogon_pipe != NULL) {
                TALLOC_FREE(conn->netlogon_pipe);
                /* Ok, it must be dead. Drop timeout to 0.5 sec. */
@@ -2167,6 +2175,57 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
        return result;
 }
 
+/**********************************************************************
+ open an schanneld ncacn_ip_tcp connection to LSA
+***********************************************************************/
+
+NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain,
+                           TALLOC_CTX *mem_ctx,
+                           struct rpc_pipe_client **cli)
+{
+       struct winbindd_cm_conn *conn;
+       NTSTATUS status;
+
+       DEBUG(10,("cm_connect_lsa_tcp\n"));
+
+       status = init_dc_connection(domain);
+       if (!NT_STATUS_IS_OK(status)) {
+               goto done;
+       }
+
+       conn = &domain->conn;
+
+       if (conn->lsa_pipe_tcp &&
+           conn->lsa_pipe_tcp->transport->transport == NCACN_IP_TCP &&
+           conn->lsa_pipe_tcp->auth->auth_level == DCERPC_AUTH_LEVEL_PRIVACY) {
+               goto done;
+       }
+
+       TALLOC_FREE(conn->lsa_pipe_tcp);
+
+       status = cli_rpc_pipe_open_schannel(conn->cli,
+                                           &ndr_table_lsarpc.syntax_id,
+                                           NCACN_IP_TCP,
+                                           DCERPC_AUTH_LEVEL_PRIVACY,
+                                           domain->name,
+                                           &conn->lsa_pipe_tcp);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(10,("cli_rpc_pipe_open_schannel failed: %s\n",
+                       nt_errstr(status)));
+               goto done;
+       }
+
+ done:
+       if (!NT_STATUS_IS_OK(status)) {
+               TALLOC_FREE(conn->lsa_pipe_tcp);
+               return status;
+       }
+
+       *cli = conn->lsa_pipe_tcp;
+
+       return status;
+}
+
 NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
                        struct rpc_pipe_client **cli, struct policy_handle *lsa_policy)
 {

diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 427579faf15cba162c753e0dfa972cc9b30dd6d0..49034d79b79fe1e6f9beb7cc851d70f1290aad87 100644 (file)
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -247,6 +247,9 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
                        struct rpc_pipe_client **cli, struct policy_handle *sam_handle);
 NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
                        struct rpc_pipe_client **cli, struct policy_handle *lsa_policy);
+NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain,
+                           TALLOC_CTX *mem_ctx,
+                           struct rpc_pipe_client **cli);
 NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
                             struct rpc_pipe_client **cli);