The branch, master has been updated
via 234f936 s3:popt_common: Fix password processing.
via 3101fccc s3:util: fix usage of popt_burn_cmdline_password()
via 4a73adf s3-winbind: use new reconnect logic in rpc_lookup_sids()
also.
via 7a49c96 s3-winbindd: rework reconnect logic in
winbindd_lookup_names().
via cd51774 s3-winbindd: rework reconnect logic in
winbindd_lookup_sids().
via 82ace10 s3-winbindd: remove lookup_sids_fn_t.
via d924381 s3-winbindd: remove lookup_names_fn_t.
via 3c486df s3-rpc_client: make dcerpc_lsa_lookup_names_generic()
public.
via 2d38154 s3-rpc_cli: make dcerpc_lsa_lookup_sids_generic() public.
via 7bd9a3b s3-winbindd: add cm_connect_lsat().
via 457c933 s3-rpc_cli: Remove some unused wrapping code.
from d5693d9 Fix Bug 9422 - large read requests cause server to issue
malformed reply
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 234f9365b93b267f5a42dcc75512f08ccfb840c8
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Nov 30 12:07:39 2012 +0100
s3:popt_common: Fix password processing.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org>
Autobuild-Date(master): Fri Nov 30 14:01:08 CET 2012 on sn-devel-104
commit 3101fcccff3ef847a123b10b2b99611e52504414
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Nov 30 09:31:34 2012 +0100
s3:util: fix usage of popt_burn_cmdline_password()
We should only call popt_burn_cmdline_password() after poptFreeContext(),
otherwise we remove the password to early.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 4a73adf6e53fb810056a80a87c72b1370323c583
Author: Günther Deschner <g...@samba.org>
Date: Thu Nov 29 14:31:19 2012 +0100
s3-winbind: use new reconnect logic in rpc_lookup_sids() also.
Volker, please check.
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 7a49c966930ad79e954be582816c45e251d477f8
Author: Günther Deschner <g...@samba.org>
Date: Thu Nov 29 12:03:53 2012 +0100
s3-winbindd: rework reconnect logic in winbindd_lookup_names().
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit cd517743166c55f3a9eb8b5232e9de061b9c8307
Author: Günther Deschner <g...@samba.org>
Date: Thu Nov 29 12:03:16 2012 +0100
s3-winbindd: rework reconnect logic in winbindd_lookup_sids().
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 82ace10492c7f71294ece4814817015cb0786bc1
Author: Günther Deschner <g...@samba.org>
Date: Wed Nov 28 20:41:21 2012 +0100
s3-winbindd: remove lookup_sids_fn_t.
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit d9243815b484456dc79e99bc8062179fe96b2ecb
Author: Günther Deschner <g...@samba.org>
Date: Wed Nov 28 17:03:40 2012 +0100
s3-winbindd: remove lookup_names_fn_t.
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 3c486dfee47d4d232f88bce05c0b583ed8c6a63b
Author: Günther Deschner <g...@samba.org>
Date: Wed Nov 28 17:00:49 2012 +0100
s3-rpc_client: make dcerpc_lsa_lookup_names_generic() public.
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 2d38154f91d8cc7bf1269bdc134d161c438eac92
Author: Günther Deschner <g...@samba.org>
Date: Wed Nov 28 16:57:57 2012 +0100
s3-rpc_cli: make dcerpc_lsa_lookup_sids_generic() public.
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 7bd9a3b86f4622369f3be57904a022202d934fec
Author: Günther Deschner <g...@samba.org>
Date: Wed Nov 28 16:57:24 2012 +0100
s3-winbindd: add cm_connect_lsat().
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 457c933ff04e8ffc11ad1b94bbd9d28c48109066
Author: Günther Deschner <g...@samba.org>
Date: Wed Nov 28 14:53:27 2012 +0100
s3-rpc_cli: Remove some unused wrapping code.
Guenther
Signed-off-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/lib/popt_common.c | 13 +----
source3/rpc_client/cli_lsarpc.c | 101 +++++++-------------------------
source3/rpc_client/cli_lsarpc.h | 39 +++++++------
source3/utils/smbcacls.c | 1 -
source3/utils/smbcquotas.c | 1 -
source3/winbindd/winbindd_cm.c | 31 ++++++++++
source3/winbindd/winbindd_msrpc.c | 116 ++++++++++++++++---------------------
source3/winbindd/winbindd_proto.h | 4 +
source3/winbindd/winbindd_rpc.c | 23 ++-----
9 files changed, 136 insertions(+), 193 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c
index c072839..1ec8619 100644
--- a/source3/lib/popt_common.c
+++ b/source3/lib/popt_common.c
@@ -515,15 +515,6 @@ static void popt_common_credentials_callback(poptContext
con,
exit(ENOMEM);
}
set_cmdline_auth_info_username(auth_info, puser);
-
- if ((p = strchr_m(puser,'%'))) {
- size_t len;
- *p = 0;
- len = strlen(p+1);
- set_cmdline_auth_info_password(auth_info, p+1);
- memset(strchr_m(getenv("USER"),'%')+1,'X',len);
- }
- SAFE_FREE(puser);
}
if (getenv("PASSWD")) {
@@ -546,13 +537,13 @@ static void popt_common_credentials_callback(poptContext
con,
if ((lp=strchr_m(puser,'%'))) {
size_t len;
- *lp = 0;
+ *lp = '\0';
set_cmdline_auth_info_username(auth_info,
puser);
set_cmdline_auth_info_password(auth_info,
lp+1);
len = strlen(lp+1);
- memset(strchr_m(arg,'%')+1,'X',len);
+ memset(lp + 1, '\0', len);
} else {
set_cmdline_auth_info_username(auth_info,
puser);
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index c6e402d..126f370 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -330,16 +330,16 @@ static NTSTATUS dcerpc_lsa_lookup_sids_noalloc(struct
dcerpc_binding_handle *h,
* at 20480 for win2k3, but we keep it at a save 1000 for now. */
#define LOOKUP_SIDS_HUNK_SIZE 1000
-static NTSTATUS dcerpc_lsa_lookup_sids_generic(struct dcerpc_binding_handle *h,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *pol,
- int num_sids,
- const struct dom_sid *sids,
- char ***pdomains,
- char ***pnames,
- enum lsa_SidType **ptypes,
- bool use_lookupsids3,
- NTSTATUS *presult)
+NTSTATUS dcerpc_lsa_lookup_sids_generic(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *pol,
+ int num_sids,
+ const struct dom_sid *sids,
+ char ***pdomains,
+ char ***pnames,
+ enum lsa_SidType **ptypes,
+ bool use_lookupsids3,
+ NTSTATUS *presult)
{
NTSTATUS status = NT_STATUS_OK;
NTSTATUS result = NT_STATUS_OK;
@@ -539,48 +539,19 @@ NTSTATUS dcerpc_lsa_lookup_sids3(struct
dcerpc_binding_handle *h,
result);
}
-NTSTATUS rpccli_lsa_lookup_sids3(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *pol,
- int num_sids,
- const struct dom_sid *sids,
- char ***pdomains,
- char ***pnames,
- enum lsa_SidType **ptypes)
-{
- NTSTATUS status;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- status = dcerpc_lsa_lookup_sids_generic(cli->binding_handle,
- mem_ctx,
- pol,
- num_sids,
- sids,
- pdomains,
- pnames,
- ptypes,
- true,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- return result;
-}
-
/** Lookup a list of names */
-static NTSTATUS dcerpc_lsa_lookup_names_generic(struct dcerpc_binding_handle
*h,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *pol,
- uint32_t num_names,
- const char **names,
- const char ***dom_names,
- enum lsa_LookupNamesLevel level,
- struct dom_sid **sids,
- enum lsa_SidType **types,
- bool use_lookupnames4,
- NTSTATUS *presult)
+NTSTATUS dcerpc_lsa_lookup_names_generic(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *pol,
+ uint32_t num_names,
+ const char **names,
+ const char ***dom_names,
+ enum lsa_LookupNamesLevel level,
+ struct dom_sid **sids,
+ enum lsa_SidType **types,
+ bool use_lookupnames4,
+ NTSTATUS *presult)
{
NTSTATUS status;
struct lsa_String *lsa_names = NULL;
@@ -790,33 +761,3 @@ NTSTATUS dcerpc_lsa_lookup_names4(struct
dcerpc_binding_handle *h,
true,
result);
}
-
-NTSTATUS rpccli_lsa_lookup_names4(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *pol,
- int num_names,
- const char **names,
- const char ***dom_names,
- int level,
- struct dom_sid **sids,
- enum lsa_SidType **types)
-{
- NTSTATUS status;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- status = dcerpc_lsa_lookup_names4(cli->binding_handle,
- mem_ctx,
- pol,
- num_names,
- names,
- dom_names,
- level,
- sids,
- types,
- &result);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- return result;
-}
diff --git a/source3/rpc_client/cli_lsarpc.h b/source3/rpc_client/cli_lsarpc.h
index a26193e..36afe0b 100644
--- a/source3/rpc_client/cli_lsarpc.h
+++ b/source3/rpc_client/cli_lsarpc.h
@@ -125,7 +125,16 @@ NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client
*cli,
char ***pdomains,
char ***pnames,
enum lsa_SidType **ptypes);
-
+NTSTATUS dcerpc_lsa_lookup_sids_generic(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *pol,
+ int num_sids,
+ const struct dom_sid *sids,
+ char ***pdomains,
+ char ***pnames,
+ enum lsa_SidType **ptypes,
+ bool use_lookupsids3,
+ NTSTATUS *presult);
/**
* @brief Look up the names that correspond to an array of sids.
*
@@ -158,15 +167,6 @@ NTSTATUS dcerpc_lsa_lookup_sids3(struct
dcerpc_binding_handle *h,
char ***pnames,
enum lsa_SidType **ptypes,
NTSTATUS *result);
-NTSTATUS rpccli_lsa_lookup_sids3(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *pol,
- int num_sids,
- const struct dom_sid *sids,
- char ***pdomains,
- char ***pnames,
- enum lsa_SidType **ptypes);
-
NTSTATUS dcerpc_lsa_lookup_names(struct dcerpc_binding_handle *h,
TALLOC_CTX *mem_ctx,
struct policy_handle *pol,
@@ -196,14 +196,17 @@ NTSTATUS dcerpc_lsa_lookup_names4(struct
dcerpc_binding_handle *h,
struct dom_sid **sids,
enum lsa_SidType **types,
NTSTATUS *result);
-NTSTATUS rpccli_lsa_lookup_names4(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *pol, int num_names,
- const char **names,
- const char ***dom_names,
- int level,
- struct dom_sid **sids,
- enum lsa_SidType **types);
+NTSTATUS dcerpc_lsa_lookup_names_generic(struct dcerpc_binding_handle *h,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *pol,
+ uint32_t num_names,
+ const char **names,
+ const char ***dom_names,
+ enum lsa_LookupNamesLevel level,
+ struct dom_sid **sids,
+ enum lsa_SidType **types,
+ bool use_lookupnames4,
+ NTSTATUS *presult);
bool fetch_domain_sid( char *domain, char *remote_machine, struct dom_sid
*psid);
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
index d22e2f3..da190dd 100644
--- a/source3/utils/smbcacls.c
+++ b/source3/utils/smbcacls.c
@@ -1371,7 +1371,6 @@ static struct cli_state *connect_one(struct
user_auth_info *auth_info,
popt_common_set_auth_info(auth_info);
pc = poptGetContext("smbcacls", argc, argv, long_options, 0);
- popt_burn_cmdline_password(argc, argv);
poptSetOtherOptionHelp(pc, "//server1/share1 filename\nACLs look like: "
"'ACL:user:[ALLOWED|DENIED]/flags/permissions'");
diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c
index d248bbe..7363d6b 100644
--- a/source3/utils/smbcquotas.c
+++ b/source3/utils/smbcquotas.c
@@ -608,7 +608,6 @@
FSQFLAGS:QUOTA_ENABLED/DENY_DISK/LOG_SOFTLIMIT/LOG_HARD_LIMIT", "SETSTRING" },
popt_common_set_auth_info(smbcquotas_auth_info);
pc = poptGetContext("smbcquotas", argc, argv, long_options, 0);
- popt_burn_cmdline_password(argc, argv);
poptSetOtherOptionHelp(pc, "//server1/share1");
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 57027eb..33eeb32 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2565,6 +2565,37 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
}
/****************************************************************************
+Open a LSA connection to a DC, suiteable for LSA lookup calls.
+****************************************************************************/
+
+NTSTATUS cm_connect_lsat(struct winbindd_domain *domain,
+ TALLOC_CTX *mem_ctx,
+ struct rpc_pipe_client **cli,
+ struct policy_handle *lsa_policy)
+{
+ NTSTATUS status;
+
+ if (domain->can_do_ncacn_ip_tcp) {
+ status = cm_connect_lsa_tcp(domain, mem_ctx, cli);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) ||
+ NT_STATUS_EQUAL(status, NT_STATUS_RPC_SEC_PKG_ERROR) ||
+ NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_ACCESS_DENIED)) {
+ invalidate_cm_connection(&domain->conn);
+ status = cm_connect_lsa_tcp(domain, mem_ctx, cli);
+ }
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ return NT_STATUS_OK;
+ }
+
+ status = cm_connect_lsa(domain, mem_ctx, cli, lsa_policy);
+
+ return status;
+}
+
+/****************************************************************************
Open the netlogon pipe to this DC. Use schannel if specified in client conf.
session key stored in conn->netlogon_pipe->dc->sess_key.
****************************************************************************/
diff --git a/source3/winbindd/winbindd_msrpc.c
b/source3/winbindd/winbindd_msrpc.c
index 39186f8..e86838c 100644
--- a/source3/winbindd/winbindd_msrpc.c
+++ b/source3/winbindd/winbindd_msrpc.c
@@ -1064,16 +1064,6 @@ static NTSTATUS msrpc_password_policy(struct
winbindd_domain *domain,
return status;
}
-typedef NTSTATUS (*lookup_sids_fn_t)(struct dcerpc_binding_handle *h,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *pol,
- int num_sids,
- const struct dom_sid *sids,
- char ***pdomains,
- char ***pnames,
- enum lsa_SidType **ptypes,
- NTSTATUS *result);
-
NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx,
struct winbindd_domain *domain,
uint32_t num_sids,
@@ -1088,25 +1078,21 @@ NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx,
struct dcerpc_binding_handle *b = NULL;
struct policy_handle lsa_policy;
unsigned int orig_timeout;
- lookup_sids_fn_t lookup_sids_fn = dcerpc_lsa_lookup_sids;
-
- if (domain->can_do_ncacn_ip_tcp) {
- status = cm_connect_lsa_tcp(domain, mem_ctx, &cli);
- if (NT_STATUS_IS_OK(status)) {
- lookup_sids_fn = dcerpc_lsa_lookup_sids3;
- goto lookup;
- }
- domain->can_do_ncacn_ip_tcp = false;
- }
- status = cm_connect_lsa(domain, mem_ctx, &cli, &lsa_policy);
+ bool use_lookupsids3 = false;
+ bool retried = false;
+ connect:
+ status = cm_connect_lsat(domain, mem_ctx, &cli, &lsa_policy);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- lookup:
b = cli->binding_handle;
+ if (cli->transport->transport == NCACN_IP_TCP) {
+ use_lookupsids3 = true;
+ }
+
/*
* This call can take a long time
* allow the server to time out.
@@ -1114,21 +1100,23 @@ NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx,
*/
orig_timeout = dcerpc_binding_handle_set_timeout(b, 35000);
- status = lookup_sids_fn(b,
- mem_ctx,
- &lsa_policy,
- num_sids,
- sids,
- domains,
- names,
- types,
- &result);
+ status = dcerpc_lsa_lookup_sids_generic(b,
+ mem_ctx,
+ &lsa_policy,
+ num_sids,
+ sids,
+ domains,
+ names,
+ types,
+ use_lookupsids3,
+ &result);
/* And restore our original timeout. */
dcerpc_binding_handle_set_timeout(b, orig_timeout);
if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) ||
- NT_STATUS_EQUAL(status, NT_STATUS_RPC_SEC_PKG_ERROR)) {
+ NT_STATUS_EQUAL(status, NT_STATUS_RPC_SEC_PKG_ERROR) ||
+ NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_ACCESS_DENIED)) {
/*
* This can happen if the schannel key is not
* valid anymore, we need to invalidate the
@@ -1136,6 +1124,11 @@ NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx,
* a netlogon connection first.
*/
invalidate_cm_connection(&domain->conn);
+ domain->can_do_ncacn_ip_tcp = domain->active_directory;
+ if (!retried) {
+ retried = true;
+ goto connect;
+ }
status = NT_STATUS_ACCESS_DENIED;
}
@@ -1150,17 +1143,6 @@ NTSTATUS winbindd_lookup_sids(TALLOC_CTX *mem_ctx,
return NT_STATUS_OK;
}
-typedef NTSTATUS (*lookup_names_fn_t)(struct dcerpc_binding_handle *h,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *pol,
- uint32_t num_names,
- const char **names,
- const char ***dom_names,
- enum lsa_LookupNamesLevel level,
- struct dom_sid **sids,
- enum lsa_SidType **types,
- NTSTATUS *result);
-
static NTSTATUS winbindd_lookup_names(TALLOC_CTX *mem_ctx,
struct winbindd_domain *domain,
uint32_t num_names,
@@ -1175,25 +1157,21 @@ static NTSTATUS winbindd_lookup_names(TALLOC_CTX
*mem_ctx,
struct dcerpc_binding_handle *b = NULL;
struct policy_handle lsa_policy;
unsigned int orig_timeout = 0;
- lookup_names_fn_t lookup_names_fn = dcerpc_lsa_lookup_names;
-
- if (domain->can_do_ncacn_ip_tcp) {
- status = cm_connect_lsa_tcp(domain, mem_ctx, &cli);
- if (NT_STATUS_IS_OK(status)) {
- lookup_names_fn = dcerpc_lsa_lookup_names4;
- goto lookup;
- }
- domain->can_do_ncacn_ip_tcp = false;
- }
- status = cm_connect_lsa(domain, mem_ctx, &cli, &lsa_policy);
+ bool use_lookupnames4 = false;
+ bool retried = false;
+ connect:
+ status = cm_connect_lsat(domain, mem_ctx, &cli, &lsa_policy);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- lookup:
b = cli->binding_handle;
+ if (cli->transport->transport == NCACN_IP_TCP) {
+ use_lookupnames4 = true;
+ }
+
/*
* This call can take a long time
* allow the server to time out.
@@ -1201,22 +1179,24 @@ static NTSTATUS winbindd_lookup_names(TALLOC_CTX
*mem_ctx,
*/
orig_timeout = dcerpc_binding_handle_set_timeout(b, 35000);
- status = lookup_names_fn(b,
- mem_ctx,
- &lsa_policy,
- num_names,
- (const char **) names,
- domains,
- 1,
- sids,
- types,
- &result);
+ status = dcerpc_lsa_lookup_names_generic(b,
+ mem_ctx,
+ &lsa_policy,
+ num_names,
+ (const char **) names,
+ domains,
+ 1,
+ sids,
+ types,
+ use_lookupnames4,
+ &result);
/* And restore our original timeout. */
dcerpc_binding_handle_set_timeout(b, orig_timeout);
if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) ||
- NT_STATUS_EQUAL(status, NT_STATUS_RPC_SEC_PKG_ERROR)) {
+ NT_STATUS_EQUAL(status, NT_STATUS_RPC_SEC_PKG_ERROR) ||
+ NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_ACCESS_DENIED)) {
/*
* This can happen if the schannel key is not
* valid anymore, we need to invalidate the
@@ -1224,6 +1204,10 @@ static NTSTATUS winbindd_lookup_names(TALLOC_CTX
*mem_ctx,
* a netlogon connection first.
*/
invalidate_cm_connection(&domain->conn);
+ if (!retried) {
+ retried = true;
+ goto connect;
+ }
status = NT_STATUS_ACCESS_DENIED;
}
diff --git a/source3/winbindd/winbindd_proto.h
b/source3/winbindd/winbindd_proto.h
index bf8dbf7..b4f0852 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -163,6 +163,10 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
NTSTATUS cm_connect_lsa_tcp(struct winbindd_domain *domain,
TALLOC_CTX *mem_ctx,
struct rpc_pipe_client **cli);
+NTSTATUS cm_connect_lsat(struct winbindd_domain *domain,
--
Samba Shared Repository
