#include "lib/messaging/irpc.h"
#include "librpc/gen_ndr/ndr_irpc.h"
#include "cldap_server/cldap_server.h"
-#include "lib/socket/socket.h"
+#include "lib/tsocket/tsocket.h"
struct netlogon_server_pipe_state {
struct netr_Credential client_challenge;
creds->sid = samdb_result_dom_sid(creds, msgs[0], "objectSid");
nt_status = schannel_save_creds_state(mem_ctx,
- lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
lp_private_dir(dce_call->conn->dce_ctx->lp_ctx),
creds);
}
nt_status = schannel_check_creds_state(mem_ctx,
- lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
lp_private_dir(dce_call->conn->dce_ctx->lp_ctx),
computer_name,
received_authenticator,
struct netlogon_creds_CredentialState *creds;
nt_status = schannel_get_creds_state(mem_ctx,
- lp_iconv_convenience(dce_call->conn->dce_ctx->lp_ctx),
lp_private_dir(dce_call->conn->dce_ctx->lp_ctx),
r->in.computer_name, &creds);
if (!NT_STATUS_IS_OK(nt_status)) {
/*
- netr_NetrEnumerateTurstedDomains
+ netr_NetrEnumerateTrustedDomains
*/
-static WERROR dcesrv_netr_NetrEnumerateTrustedDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+static NTSTATUS dcesrv_netr_NetrEnumerateTrustedDomains(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct netr_NetrEnumerateTrustedDomains *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
"securityIdentifier", "trustPartner", NULL };
const char * const attrs2[] = { "dNSHostName",
"msDS-SupportedEncryptionTypes", NULL };
- const char * const attrs3[] = { NULL };
const char *temp_str, *temp_str2;
const char *old_dns_hostname;
struct ldb_context *sam_ctx;
- struct ldb_message **res0, **res1, **res2, **res3, *new_msg;
+ struct ldb_message **res1, **res2, **res3, *new_msg;
struct ldb_dn *workstation_dn;
struct netr_DomainInformation *domain_info;
struct netr_LsaPolicyInformation *lsa_policy_info;
NT_STATUS_NOT_OK_RETURN(status);
sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx,
- dce_call->conn->dce_ctx->lp_ctx,
- system_session(dce_call->conn->dce_ctx->lp_ctx));
+ dce_call->conn->dce_ctx->lp_ctx,
+ system_session(dce_call->conn->dce_ctx->lp_ctx));
if (sam_ctx == NULL) {
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
switch (r->in.level) {
case 1: /* Domain information */
- /*
- * Updates the DNS hostname when the client wishes that the
- * server should handle this for him
- * ("NETR_WS_FLAG_HANDLES_SPN_UPDATE" not set).
- * See MS-NRPC section 3.5.4.3.9
- */
- if ((r->in.query->workstation_info->workstation_flags
- & NETR_WS_FLAG_HANDLES_SPN_UPDATE) != 0) {
- update_dns_hostname = false;
+ if (r->in.query->workstation_info == NULL) {
+ return NT_STATUS_INVALID_PARAMETER;
}
/*
update_dns_hostname = false;
}
- /*
- * Check that the DNS hostname when it should be updated
- * will be used only by maximum one host.
- */
- ret = gendb_search(sam_ctx, mem_ctx,
- ldb_get_default_basedn(sam_ctx),
- &res0, attrs3, "(dNSHostName=%s)",
- r->in.query->workstation_info->dns_hostname);
- if (ret < 0) {
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
- if (ret >= 1) {
- update_dns_hostname = false;
- }
-
- talloc_free(res0);
-
/* Prepare the workstation DN */
workstation_dn = ldb_dn_new_fmt(mem_ctx, sam_ctx, "<SID=%s>",
dom_sid_string(mem_ctx, creds->sid));
old_dns_hostname = samdb_result_string(res1[0], "dNSHostName",
NULL);
+ /*
+ * Updates the DNS hostname when the client wishes that the
+ * server should handle this for him
+ * ("NETR_WS_FLAG_HANDLES_SPN_UPDATE" not set). And this is
+ * obviously only checked when we do already have a
+ * "dNSHostName".
+ * See MS-NRPC section 3.5.4.3.9
+ */
+ if ((old_dns_hostname != NULL) &&
+ (r->in.query->workstation_info->workstation_flags
+ & NETR_WS_FLAG_HANDLES_SPN_UPDATE) != 0) {
+ update_dns_hostname = false;
+ }
+
/* Gets host informations and put them in our directory */
new_msg = ldb_msg_new(mem_ctx);
NT_STATUS_HAVE_NO_MEMORY(new_msg);
struct ldb_context *sam_ctx;
struct netr_DsRGetDCNameInfo *info;
struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
- struct socket_address *addr;
+ const struct tsocket_address *remote_address;
+ char *addr = NULL;
const char *server_site_name;
char *guid_str;
struct netlogon_samlogon_response response;
return WERR_DS_UNAVAILABLE;
}
- addr = dce_call->conn->transport.get_peer_addr(dce_call->conn, mem_ctx);
- W_ERROR_HAVE_NO_MEMORY(addr);
+ remote_address = dcesrv_connection_get_remote_address(dce_call->conn);
+ if (tsocket_address_is_inet(remote_address, "ip")) {
+ addr = tsocket_address_inet_addr_string(remote_address, mem_ctx);
+ W_ERROR_HAVE_NO_MEMORY(addr);
+ }
/* "server_unc" is ignored by w2k3 */
r->in.domain_name,
NULL, guid_str,
r->in.client_account,
- r->in.mask, addr->addr,
+ r->in.mask, addr,
NETLOGON_NT_VERSION_5EX_WITH_IP,
- lp_ctx, &response);
+ lp_ctx, &response, true);
if (!NT_STATUS_IS_OK(status)) {
return ntstatus_to_werror(status);
}
struct ldb_context *sam_ctx;
struct netr_DsRAddressToSitenamesExWCtr *ctr;
struct loadparm_context *lp_ctx = dce_call->conn->dce_ctx->lp_ctx;
- uint16_t sin_family;
+ sa_family_t sin_family;
struct sockaddr_in *addr;
+#ifdef HAVE_IPV6
struct sockaddr_in6 *addr6;
char addr_str[INET6_ADDRSTRLEN];
+#else
+ char addr_str[INET_ADDRSTRLEN];
+#endif
char *subnet_name;
const char *res;
uint32_t i;
ctr->sitename[i].string = NULL;
ctr->subnetname[i].string = NULL;
- if (r->in.addresses[i].size < sizeof(sin_family)) {
+ if (r->in.addresses[i].size < sizeof(sa_family_t)) {
continue;
}
- sin_family = SVAL(r->in.addresses[i].buffer, 0);
+ /* The first two byte of the buffer are reserved for the
+ * "sin_family" but for now only the first one is used. */
+ sin_family = r->in.addresses[i].buffer[0];
switch (sin_family) {
case AF_INET:
res = inet_ntop(AF_INET, &addr->sin_addr,
addr_str, sizeof(addr_str));
break;
+#ifdef HAVE_IPV6
case AF_INET6:
if (r->in.addresses[i].size < sizeof(struct sockaddr_in6)) {
continue;
res = inet_ntop(AF_INET6, &addr6->sin6_addr,
addr_str, sizeof(addr_str));
break;
+#endif
default:
continue;
- break;
}
if (res == NULL) {
r2.out.ctr = talloc(mem_ctx, struct netr_DsRAddressToSitenamesExWCtr *);
W_ERROR_HAVE_NO_MEMORY(r2.out.ctr);
- werr = dcesrv_netr_DsRAddressToSitenamesExW(dce_call, mem_ctx, &r2);
-
ctr = talloc(mem_ctx, struct netr_DsRAddressToSitenamesWCtr);
W_ERROR_HAVE_NO_MEMORY(ctr);
ctr->sitename = talloc_array(ctr, struct lsa_String, ctr->count);
W_ERROR_HAVE_NO_MEMORY(ctr->sitename);
+ werr = dcesrv_netr_DsRAddressToSitenamesExW(dce_call, mem_ctx, &r2);
+
for (i=0; i<ctr->count; i++) {
ctr->sitename[i].string = (*r2.out.ctr)->sitename[i].string;
}
/* NOTE: we currently are always the root of the forest */
if (r->in.trust_flags & NETR_TRUST_FLAG_IN_FOREST) {
- int n = trusts->count;
+ uint32_t n = trusts->count;
ret = gendb_search_dn(sam_ctx, mem_ctx, NULL,
&dom_res, dom_attrs);
struct ldb_context *sam_ctx;
WERROR werr;
- if (lp_server_role(lp_ctx) != ROLE_DOMAIN_CONTROLLER) {
- return WERR_CALL_NOT_IMPLEMENTED;
- }
-
if (r->in.flags & 0xFFFFFFFE) {
return WERR_INVALID_FLAGS;
}
NTSTATUS status;
WERROR werr;
- if (lp_server_role(lp_ctx) != ROLE_DOMAIN_CONTROLLER) {
- return NT_STATUS_NOT_IMPLEMENTED;
- }
-
status = dcesrv_netr_creds_server_step_check(dce_call,
mem_ctx,
r->in.computer_name,