[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-1122-gfced9df

Volker Lendecke vlendec at samba.org
Sun Aug 23 02:19:50 MDT 2009 

The branch, master has been updated
       via  fced9dfc1ea45f902e9281679f479ae18d229c17 (commit)
       via  1603c608c9c8c6b42a18dd5545c5d15fc2f0af48 (commit)
       via  a0bf0cb0fb1d2f98311449949aa9e15f6523cb3b (commit)
       via  963419be1bdc7e4ae97e8739da305691109a13a7 (commit)
       via  fc3d427af8bba3b6d11ba6f66b48533ae918d675 (commit)
       via  a09b9ed9e2d4ce02dffa156049f266ba5bb59c49 (commit)
      from  da9356711b14d7475bcfe4cf0bb1874c018db276 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit fced9dfc1ea45f902e9281679f479ae18d229c17
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 22 15:29:03 2009 +0200

    s3:winbind: Fallback to the forest root for lookupname
    
    Thanks to Steven Danneman for watching me closely :-)

commit 1603c608c9c8c6b42a18dd5545c5d15fc2f0af48
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 22 17:10:16 2009 +0200

    s3:winbind: Even on a domain controller, "our" domain is internal
    
    It happens to be what we also share out via NETLOGON/SAMR, but winbind has
    direct access to it via the passdb domain methods

commit a0bf0cb0fb1d2f98311449949aa9e15f6523cb3b
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 22 17:12:28 2009 +0200

    s3:winbind: Do not drop the first user in sam_query_user_list

commit 963419be1bdc7e4ae97e8739da305691109a13a7
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 22 17:13:09 2009 +0200

    s3:winbind: For internal domains it is pointless to connect to a DC

commit fc3d427af8bba3b6d11ba6f66b48533ae918d675
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 22 17:14:32 2009 +0200

    s3:winbind: winbindd_dual_ndrcmd should output what it's doing

commit a09b9ed9e2d4ce02dffa156049f266ba5bb59c49
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 22 18:35:52 2009 +0200

    s3:winbind: Fix the talloc hierarchy in wb_queryuser_done
    
    We need to return state->userinfo beyond the end of wb_queryuser_recv, so the
    unmarshalled strings are children of that, not the state that is lost sooner.
    
    Metze, this scheme works fine as long as we only have a single malloc'ed
    entity that is returned. I think we need a different scheme in the future
    when we might have more than one independent object to be returned.

-----------------------------------------------------------------------

Summary of changes:
 source3/winbindd/wb_lookupname.c     |   49 ++++++++++++++++++++++++++++++++++
 source3/winbindd/wb_queryuser.c      |    2 +-
 source3/winbindd/winbindd_cm.c       |    6 ++++
 source3/winbindd/winbindd_dual_ndr.c |    4 +++
 source3/winbindd/winbindd_passdb.c   |    7 +++--
 source3/winbindd/winbindd_util.c     |   12 +++-----
 6 files changed, 69 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/winbindd/wb_lookupname.c b/source3/winbindd/wb_lookupname.c
index d4e9b9a..12e1bab 100644
--- a/source3/winbindd/wb_lookupname.c
+++ b/source3/winbindd/wb_lookupname.c
@@ -22,11 +22,16 @@
 #include "librpc/gen_ndr/cli_wbint.h"
 
 struct wb_lookupname_state {
+	struct tevent_context *ev;
+	const char *dom_name;
+	const char *name;
+	uint32_t flags;
 	struct dom_sid sid;
 	enum lsa_SidType type;
 };
 
 static void wb_lookupname_done(struct tevent_req *subreq);
+static void wb_lookupname_root_done(struct tevent_req *subreq);
 
 struct tevent_req *wb_lookupname_send(TALLOC_CTX *mem_ctx,
 				      struct tevent_context *ev,
@@ -42,6 +47,10 @@ struct tevent_req *wb_lookupname_send(TALLOC_CTX *mem_ctx,
 	if (req == NULL) {
 		return NULL;
 	}
+	state->ev = ev;
+	state->dom_name = dom_name;
+	state->name = name;
+	state->flags = flags;
 
 	domain = find_lookup_domain_from_name(dom_name);
 	if (domain == NULL) {
@@ -73,6 +82,46 @@ static void wb_lookupname_done(struct tevent_req *subreq)
 		subreq, struct tevent_req);
 	struct wb_lookupname_state *state = tevent_req_data(
 		req, struct wb_lookupname_state);
+	struct winbindd_domain *root_domain;
+	NTSTATUS status, result;
+
+	status = rpccli_wbint_LookupName_recv(subreq, state, &result);
+	TALLOC_FREE(subreq);
+	if (!NT_STATUS_IS_OK(status)) {
+		tevent_req_nterror(req, status);
+		return;
+	}
+	if (NT_STATUS_IS_OK(result)) {
+		tevent_req_done(req);
+		return;
+	}
+
+	/*
+	 * "our" DC did not find it, lets retry with the forest root
+	 * domain
+	 */
+
+	root_domain = find_root_domain();
+	if (root_domain == NULL) {
+		tevent_req_nterror(req, result);
+		return;
+	}
+
+	subreq = rpccli_wbint_LookupName_send(
+		state, state->ev, root_domain->child.rpccli, state->dom_name,
+		state->name, state->flags, &state->type, &state->sid);
+	if (tevent_req_nomem(subreq, req)) {
+		return;
+	}
+	tevent_req_set_callback(subreq, wb_lookupname_root_done, req);
+}
+
+static void wb_lookupname_root_done(struct tevent_req *subreq)
+{
+	struct tevent_req *req = tevent_req_callback_data(
+		subreq, struct tevent_req);
+	struct wb_lookupname_state *state = tevent_req_data(
+		req, struct wb_lookupname_state);
 	NTSTATUS status, result;
 
 	status = rpccli_wbint_LookupName_recv(subreq, state, &result);
diff --git a/source3/winbindd/wb_queryuser.c b/source3/winbindd/wb_queryuser.c
index 1af4400..7a2f1de 100644
--- a/source3/winbindd/wb_queryuser.c
+++ b/source3/winbindd/wb_queryuser.c
@@ -77,7 +77,7 @@ static void wb_queryuser_done(struct tevent_req *subreq)
 		req, struct wb_queryuser_state);
 	NTSTATUS status, result;
 
-	status = rpccli_wbint_QueryUser_recv(subreq, state, &result);
+	status = rpccli_wbint_QueryUser_recv(subreq, state->info, &result);
 	TALLOC_FREE(subreq);
 	if (!NT_STATUS_IS_OK(status)) {
 		tevent_req_nterror(req, status);
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 460c773..44924a6 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -485,6 +485,12 @@ void set_domain_online_request(struct winbindd_domain *domain)
 		return;
 	}
 
+	if (domain->internal) {
+		DEBUG(10, ("set_domain_online_request: Internal domains are "
+			   "always online\n"));
+		return;
+	}
+
 	/* We've been told it's safe to go online and
 	   try and connect to a DC. But I don't believe it
 	   because network manager seems to lie.
diff --git a/source3/winbindd/winbindd_dual_ndr.c b/source3/winbindd/winbindd_dual_ndr.c
index f72d661..e6f3265 100644
--- a/source3/winbindd/winbindd_dual_ndr.c
+++ b/source3/winbindd/winbindd_dual_ndr.c
@@ -239,6 +239,10 @@ enum winbindd_result winbindd_dual_ndrcmd(struct winbindd_domain *domain,
 		return WINBINDD_ERROR;
 	}
 
+	DEBUG(10, ("winbindd_dual_ndrcmd: Running command %s (%s)\n",
+		   fns[state->request->data.ndrcmd].name,
+		   domain ? domain->name : "no domain"));
+
 	ZERO_STRUCT(p);
 	p.mem_ctx = talloc_stackframe();
 	p.in_data.data.buffer_size = state->request->extra_len;
diff --git a/source3/winbindd/winbindd_passdb.c b/source3/winbindd/winbindd_passdb.c
index 4b3095a..5a2c31f 100644
--- a/source3/winbindd/winbindd_passdb.c
+++ b/source3/winbindd/winbindd_passdb.c
@@ -460,9 +460,10 @@ static NTSTATUS sam_query_user_list(struct winbindd_domain *domain,
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	*num_entries = pdb_search_entries(ps,
-					1, 0xffffffff,
-					&entries);
+	*num_entries = pdb_search_entries(ps, 0, 0xffffffff, &entries);
+
+	DEBUG(10, ("sam_query_user_list: found %d users\n",
+		   (int)*num_entries));
 
 	*info = TALLOC_ZERO_ARRAY(mem_ctx, struct wbint_userinfo, *num_entries);
 	if (!(*info)) {
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 993ef54..5c2ebab 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -76,9 +76,6 @@ static bool is_internal_domain(const DOM_SID *sid)
 	if (sid == NULL)
 		return False;
 
-	if ( IS_DC )
-		return sid_check_is_builtin(sid);
-
 	return (sid_check_is_domain(sid) || sid_check_is_builtin(sid));
 }
 
@@ -87,9 +84,6 @@ static bool is_in_internal_domain(const DOM_SID *sid)
 	if (sid == NULL)
 		return False;
 
-	if ( IS_DC )
-		return sid_check_is_in_builtin(sid);
-
 	return (sid_check_is_in_our_domain(sid) || sid_check_is_in_builtin(sid));
 }
 
@@ -569,7 +563,11 @@ enum winbindd_result winbindd_dual_init_connection(struct winbindd_domain *domai
 		fstrcpy(domain->dcname, state->request->data.init_conn.dcname);
 	}
 
-	init_dc_connection(domain);
+	if (domain->internal) {
+		domain->initialized = true;
+	} else {
+		init_dc_connection(domain);
+	}
 
 	if (!domain->initialized) {
 		/* If we return error here we can't do any cached authentication,


-- 
Samba Shared Repository

More information about the samba-cvs mailing list