Changeset 740 for vendor/current/source4/ntp_signd
- Timestamp:
- Nov 14, 2012, 12:59:34 PM (13 years ago)
- Location:
- vendor/current/source4/ntp_signd
- Files:
-
- 1 added
- 1 deleted
- 1 edited
-
config.mk (deleted)
-
ntp_signd.c (modified) (18 diffs)
-
wscript_build (added)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source4/ntp_signd/ntp_signd.c
r414 r740 28 28 #include "smbd/process_model.h" 29 29 #include "lib/stream/packet.h" 30 #include "lib/tsocket/tsocket.h" 31 #include "libcli/util/tstream.h" 30 32 #include "librpc/gen_ndr/ndr_ntp_signd.h" 31 33 #include "param/param.h" … … 33 35 #include "auth/auth.h" 34 36 #include "libcli/security/security.h" 35 #include "lib/ldb/include/ldb.h" 36 #include "lib/ldb/include/ldb_errors.h" 37 #include "libcli/ldap/ldap_ndr.h" 38 #include <ldb.h> 39 #include <ldb_errors.h> 37 40 #include "../lib/crypto/md5.h" 41 #include "system/network.h" 38 42 #include "system/passwd.h" 39 43 … … 56 60 struct ntp_signd_server *ntp_signd; 57 61 58 struct packet_context *packet; 62 struct tstream_context *tstream; 63 64 struct tevent_queue *send_queue; 59 65 }; 60 66 61 static void ntp_signd_terminate_connection(struct ntp_signd_connection *ntp_signd conn, const char *reason)62 { 63 stream_terminate_connection(ntp_signd conn->conn, reason);67 static void ntp_signd_terminate_connection(struct ntp_signd_connection *ntp_signd_conn, const char *reason) 68 { 69 stream_terminate_connection(ntp_signd_conn->conn, reason); 64 70 } 65 71 66 72 static NTSTATUS signing_failure(struct ntp_signd_connection *ntp_signdconn, 67 uint32_t packet_id) 68 { 69 NTSTATUS status; 73 TALLOC_CTX *mem_ctx, 74 DATA_BLOB *output, 75 uint32_t packet_id) 76 { 70 77 struct signed_reply signed_reply; 71 TALLOC_CTX *tmp_ctx = talloc_new(ntp_signdconn);72 DATA_BLOB reply, blob;73 78 enum ndr_err_code ndr_err; 74 75 NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);76 79 77 80 signed_reply.op = SIGNING_FAILURE; … … 79 82 signed_reply.signed_packet = data_blob(NULL, 0); 80 83 81 ndr_err = ndr_push_struct_blob(&reply, tmp_ctx, 82 lp_iconv_convenience(ntp_signdconn->ntp_signd->task->lp_ctx), 83 &signed_reply, 84 ndr_err = ndr_push_struct_blob(output, mem_ctx, &signed_reply, 84 85 (ndr_push_flags_fn_t)ndr_push_signed_reply); 85 86 86 87 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 87 88 DEBUG(1,("failed to push ntp error reply\n")); 88 talloc_free(tmp_ctx);89 89 return ndr_map_error2ntstatus(ndr_err); 90 90 } 91 91 92 blob = data_blob_talloc(ntp_signdconn, NULL, reply.length + 4); 93 if (!blob.data) { 94 talloc_free(tmp_ctx); 95 return NT_STATUS_NO_MEMORY; 96 } 97 98 RSIVAL(blob.data, 0, reply.length); 99 memcpy(blob.data + 4, reply.data, reply.length); 100 101 status = packet_send(ntp_signdconn->packet, blob); 102 103 /* the call isn't needed any more */ 104 talloc_free(tmp_ctx); 105 106 return status; 92 return NT_STATUS_OK; 107 93 } 108 94 … … 110 96 receive a full packet on a NTP_SIGND connection 111 97 */ 112 static NTSTATUS ntp_signd_recv(void *private_data, DATA_BLOB wrapped_input) 113 { 114 struct ntp_signd_connection *ntp_signdconn = talloc_get_type(private_data, 115 struct ntp_signd_connection); 116 NTSTATUS status = NT_STATUS_UNSUCCESSFUL; 117 TALLOC_CTX *tmp_ctx = talloc_new(ntp_signdconn); 118 DATA_BLOB input, output, wrapped_output; 98 static NTSTATUS ntp_signd_process(struct ntp_signd_connection *ntp_signd_conn, 99 TALLOC_CTX *mem_ctx, 100 DATA_BLOB *input, 101 DATA_BLOB *output) 102 { 119 103 const struct dom_sid *domain_sid; 120 104 struct dom_sid *sid; … … 129 113 int ret; 130 114 131 NT_STATUS_HAVE_NO_MEMORY(tmp_ctx); 132 133 talloc_steal(tmp_ctx, wrapped_input.data); 134 135 input = data_blob_const(wrapped_input.data + 4, wrapped_input.length - 4); 136 137 ndr_err = ndr_pull_struct_blob_all(&input, tmp_ctx, 138 lp_iconv_convenience(ntp_signdconn->ntp_signd->task->lp_ctx), 115 ndr_err = ndr_pull_struct_blob_all(input, mem_ctx, 139 116 &sign_request, 140 117 (ndr_pull_flags_fn_t)ndr_pull_sign_request); … … 142 119 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 143 120 DEBUG(1,("failed to parse ntp signing request\n")); 144 dump_data(1, input .data, input.length);121 dump_data(1, input->data, input->length); 145 122 return ndr_map_error2ntstatus(ndr_err); 146 123 } … … 149 126 * to sign' operations at some point */ 150 127 if (sign_request.op != SIGN_TO_CLIENT) { 151 talloc_free(tmp_ctx); 152 return signing_failure(ntp_signdconn, sign_request.packet_id); 128 return signing_failure(ntp_signd_conn, 129 mem_ctx, 130 output, 131 sign_request.packet_id); 153 132 } 154 133 … … 156 135 * to sign' operations at some point */ 157 136 if (sign_request.version != NTP_SIGND_PROTOCOL_VERSION_0) { 158 talloc_free(tmp_ctx); 159 return signing_failure(ntp_signdconn, sign_request.packet_id); 160 } 161 162 domain_sid = samdb_domain_sid(ntp_signdconn->ntp_signd->samdb); 163 if (!domain_sid) { 164 talloc_free(tmp_ctx); 165 return signing_failure(ntp_signdconn, sign_request.packet_id); 137 return signing_failure(ntp_signd_conn, 138 mem_ctx, 139 output, 140 sign_request.packet_id); 141 } 142 143 domain_sid = samdb_domain_sid(ntp_signd_conn->ntp_signd->samdb); 144 if (domain_sid == NULL) { 145 return signing_failure(ntp_signd_conn, 146 mem_ctx, 147 output, 148 sign_request.packet_id); 166 149 } 167 150 168 151 /* The top bit is a 'key selector' */ 169 sid = dom_sid_add_rid(tmp_ctx, domain_sid, sign_request.key_id & 0x7FFFFFFF); 170 if (!sid) { 171 talloc_free(tmp_ctx); 172 return signing_failure(ntp_signdconn, sign_request.packet_id); 173 } 174 175 ret = ldb_search(ntp_signdconn->ntp_signd->samdb, tmp_ctx, 176 &res, samdb_base_dn(ntp_signdconn->ntp_signd->samdb), 177 LDB_SCOPE_SUBTREE, attrs, "(&(objectSid=%s)(objectClass=user))", 178 dom_sid_string(tmp_ctx, sid)); 152 sid = dom_sid_add_rid(mem_ctx, domain_sid, 153 sign_request.key_id & 0x7FFFFFFF); 154 if (sid == NULL) { 155 talloc_free(mem_ctx); 156 return signing_failure(ntp_signd_conn, 157 mem_ctx, 158 output, 159 sign_request.packet_id); 160 } 161 162 ret = ldb_search(ntp_signd_conn->ntp_signd->samdb, mem_ctx, 163 &res, 164 ldb_get_default_basedn(ntp_signd_conn->ntp_signd->samdb), 165 LDB_SCOPE_SUBTREE, 166 attrs, 167 "(&(objectSid=%s)(objectClass=user))", 168 ldap_encode_ndr_dom_sid(mem_ctx, sid)); 179 169 if (ret != LDB_SUCCESS) { 180 DEBUG(2, ("Failed to search for SID %s in SAM for NTP signing: %s\n", dom_sid_string(tmp_ctx, sid), 181 ldb_errstring(ntp_signdconn->ntp_signd->samdb))); 182 talloc_free(tmp_ctx); 183 return signing_failure(ntp_signdconn, sign_request.packet_id); 170 DEBUG(2, ("Failed to search for SID %s in SAM for NTP signing: " 171 "%s\n", 172 dom_sid_string(mem_ctx, sid), 173 ldb_errstring(ntp_signd_conn->ntp_signd->samdb))); 174 return signing_failure(ntp_signd_conn, 175 mem_ctx, 176 output, 177 sign_request.packet_id); 184 178 } 185 179 186 180 if (res->count == 0) { 187 DEBUG(5, ("Failed to find SID %s in SAM for NTP signing\n", dom_sid_string(tmp_ctx, sid))); 181 DEBUG(5, ("Failed to find SID %s in SAM for NTP signing\n", 182 dom_sid_string(mem_ctx, sid))); 188 183 } else if (res->count != 1) { 189 DEBUG(1, ("Found SID %s %u times in SAM for NTP signing\n", dom_sid_string(tmp_ctx, sid), res->count)); 190 talloc_free(tmp_ctx); 191 return signing_failure(ntp_signdconn, sign_request.packet_id); 192 } 193 194 user_account_control = ldb_msg_find_attr_as_uint(res->msgs[0], "userAccountControl", 0); 184 DEBUG(1, ("Found SID %s %u times in SAM for NTP signing\n", 185 dom_sid_string(mem_ctx, sid), res->count)); 186 return signing_failure(ntp_signd_conn, 187 mem_ctx, 188 output, 189 sign_request.packet_id); 190 } 191 192 user_account_control = ldb_msg_find_attr_as_uint(res->msgs[0], 193 "userAccountControl", 194 0); 195 195 196 196 if (user_account_control & UF_ACCOUNTDISABLE) { 197 DEBUG(1, ("Account %s for SID [%s] is disabled\n", ldb_dn_get_linearized(res->msgs[0]->dn), dom_sid_string(tmp_ctx, sid))); 198 talloc_free(tmp_ctx); 197 DEBUG(1, ("Account %s for SID [%s] is disabled\n", 198 ldb_dn_get_linearized(res->msgs[0]->dn), 199 dom_sid_string(mem_ctx, sid))); 199 200 return NT_STATUS_ACCESS_DENIED; 200 201 } 201 202 202 203 if (!(user_account_control & (UF_INTERDOMAIN_TRUST_ACCOUNT|UF_SERVER_TRUST_ACCOUNT|UF_WORKSTATION_TRUST_ACCOUNT))) { 203 DEBUG(1, ("Account %s for SID [%s] is not a trust account\n", ldb_dn_get_linearized(res->msgs[0]->dn), dom_sid_string(tmp_ctx, sid))); 204 talloc_free(tmp_ctx); 204 DEBUG(1, ("Account %s for SID [%s] is not a trust account\n", 205 ldb_dn_get_linearized(res->msgs[0]->dn), 206 dom_sid_string(mem_ctx, sid))); 205 207 return NT_STATUS_ACCESS_DENIED; 206 208 } 207 209 208 nt_hash = samdb_result_hash( tmp_ctx, res->msgs[0], "unicodePwd");210 nt_hash = samdb_result_hash(mem_ctx, res->msgs[0], "unicodePwd"); 209 211 if (!nt_hash) { 210 DEBUG(1, ("No unicodePwd found on record of SID %s for NTP signing\n", dom_sid_string(tmp_ctx, sid))); 211 talloc_free(tmp_ctx); 212 return signing_failure(ntp_signdconn, sign_request.packet_id); 212 DEBUG(1, ("No unicodePwd found on record of SID %s " 213 "for NTP signing\n", dom_sid_string(mem_ctx, sid))); 214 return signing_failure(ntp_signd_conn, 215 mem_ctx, 216 output, 217 sign_request.packet_id); 213 218 } 214 219 … … 216 221 signed_reply.packet_id = sign_request.packet_id; 217 222 signed_reply.op = SIGNING_SUCCESS; 218 signed_reply.signed_packet = data_blob_talloc( tmp_ctx,223 signed_reply.signed_packet = data_blob_talloc(mem_ctx, 219 224 NULL, 220 225 sign_request.packet_to_sign.length + 20); 221 226 222 227 if (!signed_reply.signed_packet.data) { 223 talloc_free(tmp_ctx); 224 return signing_failure(ntp_signdconn, sign_request.packet_id); 228 return signing_failure(ntp_signd_conn, 229 mem_ctx, 230 output, 231 sign_request.packet_id); 225 232 } 226 233 … … 236 243 237 244 /* Place it into the packet for the wire */ 238 ndr_err = ndr_push_struct_blob(&output, tmp_ctx, 239 lp_iconv_convenience(ntp_signdconn->ntp_signd->task->lp_ctx), 240 &signed_reply, 245 ndr_err = ndr_push_struct_blob(output, mem_ctx, &signed_reply, 241 246 (ndr_push_flags_fn_t)ndr_push_signed_reply); 242 247 243 248 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { 244 249 DEBUG(1,("failed to push ntp error reply\n")); 245 talloc_free(tmp_ctx);246 250 return ndr_map_error2ntstatus(ndr_err); 247 251 } 248 252 249 wrapped_output = data_blob_talloc(ntp_signdconn, NULL, output.length + 4); 250 if (!wrapped_output.data) { 251 talloc_free(tmp_ctx); 252 return NT_STATUS_NO_MEMORY; 253 } 254 255 /* The 'wire' transport for this is wrapped with a 4 byte network byte order length */ 256 RSIVAL(wrapped_output.data, 0, output.length); 257 memcpy(wrapped_output.data + 4, output.data, output.length); 258 259 status = packet_send(ntp_signdconn->packet, wrapped_output); 260 261 /* the call isn't needed any more */ 262 talloc_free(tmp_ctx); 263 return status; 264 } 265 266 /* 267 receive some data on a NTP_SIGND connection 268 */ 269 static void ntp_signd_recv_handler(struct stream_connection *conn, uint16_t flags) 270 { 271 struct ntp_signd_connection *ntp_signdconn = talloc_get_type(conn->private_data, 272 struct ntp_signd_connection); 273 packet_recv(ntp_signdconn->packet); 274 } 275 276 /* 277 called on a tcp recv error 278 */ 279 static void ntp_signd_recv_error(void *private_data, NTSTATUS status) 280 { 281 struct ntp_signd_connection *ntp_signdconn = talloc_get_type(private_data, struct ntp_signd_connection); 282 ntp_signd_terminate_connection(ntp_signdconn, nt_errstr(status)); 253 return NT_STATUS_OK; 254 } 255 256 /* 257 called on a tcp recv 258 */ 259 static void ntp_signd_recv(struct stream_connection *conn, uint16_t flags) 260 { 261 struct ntp_signd_connection *ntp_signd_conn = talloc_get_type(conn->private_data, 262 struct ntp_signd_connection); 263 ntp_signd_terminate_connection(ntp_signd_conn, 264 "ntp_signd_recv: called"); 283 265 } 284 266 … … 288 270 static void ntp_signd_send(struct stream_connection *conn, uint16_t flags) 289 271 { 290 struct ntp_signd_connection *ntp_signdconn = talloc_get_type(conn->private_data, 291 struct ntp_signd_connection); 292 packet_queue_run(ntp_signdconn->packet); 272 struct ntp_signd_connection *ntp_signd_conn = talloc_get_type(conn->private_data, 273 struct ntp_signd_connection); 274 /* this should never be triggered! */ 275 ntp_signd_terminate_connection(ntp_signd_conn, 276 "ntp_signd_send: called"); 277 } 278 279 struct ntp_signd_call { 280 struct ntp_signd_connection *ntp_signd_conn; 281 DATA_BLOB in; 282 DATA_BLOB out; 283 uint8_t out_hdr[4]; 284 struct iovec out_iov[2]; 285 }; 286 287 static void ntp_signd_call_writev_done(struct tevent_req *subreq); 288 289 static void ntp_signd_call_loop(struct tevent_req *subreq) 290 { 291 struct ntp_signd_connection *ntp_signd_conn = tevent_req_callback_data(subreq, 292 struct ntp_signd_connection); 293 struct ntp_signd_call *call; 294 NTSTATUS status; 295 296 call = talloc(ntp_signd_conn, struct ntp_signd_call); 297 if (call == NULL) { 298 ntp_signd_terminate_connection(ntp_signd_conn, 299 "ntp_signd_call_loop: " 300 "no memory for ntp_signd_call"); 301 return; 302 } 303 call->ntp_signd_conn = ntp_signd_conn; 304 305 status = tstream_read_pdu_blob_recv(subreq, 306 call, 307 &call->in); 308 TALLOC_FREE(subreq); 309 if (!NT_STATUS_IS_OK(status)) { 310 const char *reason; 311 312 reason = talloc_asprintf(call, "ntp_signd_call_loop: " 313 "tstream_read_pdu_blob_recv() - %s", 314 nt_errstr(status)); 315 if (reason == NULL) { 316 reason = nt_errstr(status); 317 } 318 319 ntp_signd_terminate_connection(ntp_signd_conn, reason); 320 return; 321 } 322 323 DEBUG(10,("Received NTP TCP packet of length %lu from %s\n", 324 (long) call->in.length, 325 tsocket_address_string(ntp_signd_conn->conn->remote_address, call))); 326 327 /* skip length header */ 328 call->in.data +=4; 329 call->in.length -= 4; 330 331 status = ntp_signd_process(ntp_signd_conn, 332 call, 333 &call->in, 334 &call->out); 335 if (! NT_STATUS_IS_OK(status)) { 336 const char *reason; 337 338 reason = talloc_asprintf(call, "ntp_signd_process failed: %s", 339 nt_errstr(status)); 340 if (reason == NULL) { 341 reason = nt_errstr(status); 342 } 343 344 ntp_signd_terminate_connection(ntp_signd_conn, reason); 345 return; 346 } 347 348 /* First add the length of the out buffer */ 349 RSIVAL(call->out_hdr, 0, call->out.length); 350 call->out_iov[0].iov_base = (char *) call->out_hdr; 351 call->out_iov[0].iov_len = 4; 352 353 call->out_iov[1].iov_base = (char *) call->out.data; 354 call->out_iov[1].iov_len = call->out.length; 355 356 subreq = tstream_writev_queue_send(call, 357 ntp_signd_conn->conn->event.ctx, 358 ntp_signd_conn->tstream, 359 ntp_signd_conn->send_queue, 360 call->out_iov, 2); 361 if (subreq == NULL) { 362 ntp_signd_terminate_connection(ntp_signd_conn, "ntp_signd_call_loop: " 363 "no memory for tstream_writev_queue_send"); 364 return; 365 } 366 367 tevent_req_set_callback(subreq, ntp_signd_call_writev_done, call); 368 369 /* 370 * The NTP tcp pdu's has the length as 4 byte (initial_read_size), 371 * packet_full_request_u32 provides the pdu length then. 372 */ 373 subreq = tstream_read_pdu_blob_send(ntp_signd_conn, 374 ntp_signd_conn->conn->event.ctx, 375 ntp_signd_conn->tstream, 376 4, /* initial_read_size */ 377 packet_full_request_u32, 378 ntp_signd_conn); 379 if (subreq == NULL) { 380 ntp_signd_terminate_connection(ntp_signd_conn, "ntp_signd_call_loop: " 381 "no memory for tstream_read_pdu_blob_send"); 382 return; 383 } 384 tevent_req_set_callback(subreq, ntp_signd_call_loop, ntp_signd_conn); 385 } 386 387 static void ntp_signd_call_writev_done(struct tevent_req *subreq) 388 { 389 struct ntp_signd_call *call = tevent_req_callback_data(subreq, 390 struct ntp_signd_call); 391 int sys_errno; 392 int rc; 393 394 rc = tstream_writev_queue_recv(subreq, &sys_errno); 395 TALLOC_FREE(subreq); 396 if (rc == -1) { 397 const char *reason; 398 399 reason = talloc_asprintf(call, "ntp_signd_call_writev_done: " 400 "tstream_writev_queue_recv() - %d:%s", 401 sys_errno, strerror(sys_errno)); 402 if (!reason) { 403 reason = "ntp_signd_call_writev_done: " 404 "tstream_writev_queue_recv() failed"; 405 } 406 407 ntp_signd_terminate_connection(call->ntp_signd_conn, reason); 408 return; 409 } 410 411 /* We don't care about errors */ 412 413 talloc_free(call); 293 414 } 294 415 … … 298 419 static void ntp_signd_accept(struct stream_connection *conn) 299 420 { 300 struct ntp_signd_server *ntp_signd = talloc_get_type(conn->private_data, struct ntp_signd_server); 301 struct ntp_signd_connection *ntp_signdconn; 302 303 ntp_signdconn = talloc_zero(conn, struct ntp_signd_connection); 304 if (!ntp_signdconn) { 305 stream_terminate_connection(conn, "ntp_signd_accept: out of memory"); 306 return; 307 } 308 ntp_signdconn->conn = conn; 309 ntp_signdconn->ntp_signd = ntp_signd; 310 conn->private_data = ntp_signdconn; 311 312 ntp_signdconn->packet = packet_init(ntp_signdconn); 313 if (ntp_signdconn->packet == NULL) { 314 ntp_signd_terminate_connection(ntp_signdconn, "ntp_signd_accept: out of memory"); 315 return; 316 } 317 packet_set_private(ntp_signdconn->packet, ntp_signdconn); 318 packet_set_socket(ntp_signdconn->packet, conn->socket); 319 packet_set_callback(ntp_signdconn->packet, ntp_signd_recv); 320 packet_set_full_request(ntp_signdconn->packet, packet_full_request_u32); 321 packet_set_error_handler(ntp_signdconn->packet, ntp_signd_recv_error); 322 packet_set_event_context(ntp_signdconn->packet, conn->event.ctx); 323 packet_set_fde(ntp_signdconn->packet, conn->event.fde); 324 packet_set_serialise(ntp_signdconn->packet); 421 struct ntp_signd_server *ntp_signd = talloc_get_type(conn->private_data, 422 struct ntp_signd_server); 423 struct ntp_signd_connection *ntp_signd_conn; 424 struct tevent_req *subreq; 425 int rc; 426 427 ntp_signd_conn = talloc_zero(conn, struct ntp_signd_connection); 428 if (ntp_signd_conn == NULL) { 429 stream_terminate_connection(conn, 430 "ntp_signd_accept: out of memory"); 431 return; 432 } 433 434 ntp_signd_conn->send_queue = tevent_queue_create(conn, 435 "ntp_signd_accept"); 436 if (ntp_signd_conn->send_queue == NULL) { 437 stream_terminate_connection(conn, 438 "ntp_signd_accept: out of memory"); 439 return; 440 } 441 442 TALLOC_FREE(conn->event.fde); 443 444 rc = tstream_bsd_existing_socket(ntp_signd_conn, 445 socket_get_fd(conn->socket), 446 &ntp_signd_conn->tstream); 447 if (rc < 0) { 448 stream_terminate_connection(conn, 449 "ntp_signd_accept: out of memory"); 450 return; 451 } 452 453 ntp_signd_conn->conn = conn; 454 ntp_signd_conn->ntp_signd = ntp_signd; 455 conn->private_data = ntp_signd_conn; 456 457 /* 458 * The NTP tcp pdu's has the length as 4 byte (initial_read_size), 459 * packet_full_request_u32 provides the pdu length then. 460 */ 461 subreq = tstream_read_pdu_blob_send(ntp_signd_conn, 462 ntp_signd_conn->conn->event.ctx, 463 ntp_signd_conn->tstream, 464 4, /* initial_read_size */ 465 packet_full_request_u32, 466 ntp_signd_conn); 467 if (subreq == NULL) { 468 ntp_signd_terminate_connection(ntp_signd_conn, 469 "ntp_signd_accept: " 470 "no memory for tstream_read_pdu_blob_send"); 471 return; 472 } 473 tevent_req_set_callback(subreq, ntp_signd_call_loop, ntp_signd_conn); 325 474 } 326 475 … … 328 477 .name = "ntp_signd", 329 478 .accept_connection = ntp_signd_accept, 330 .recv_handler = ntp_signd_recv _handler,479 .recv_handler = ntp_signd_recv, 331 480 .send_handler = ntp_signd_send 332 481 }; … … 344 493 const char *address; 345 494 346 if (!directory_create_or_exist(lp _ntp_signd_socket_directory(task->lp_ctx), geteuid(), 0755)) {495 if (!directory_create_or_exist(lpcfg_ntp_signd_socket_directory(task->lp_ctx), geteuid(), 0755)) { 347 496 char *error = talloc_asprintf(task, "Cannot create NTP signd pipe directory: %s", 348 lp _ntp_signd_socket_directory(task->lp_ctx));497 lpcfg_ntp_signd_socket_directory(task->lp_ctx)); 349 498 task_server_terminate(task, 350 499 error, true); … … 355 504 ask for the single process model ops and pass these to the 356 505 stream_setup_socket() call. */ 357 model_ops = process_model_startup( task->event_ctx,"single");506 model_ops = process_model_startup("single"); 358 507 if (!model_ops) { 359 508 DEBUG(0,("Can't find 'single' process model_ops\n")); … … 372 521 373 522 /* Must be system to get at the password hashes */ 374 ntp_signd->samdb = samdb_connect(ntp_signd, task->event_ctx, task->lp_ctx, system_session( ntp_signd, task->lp_ctx));523 ntp_signd->samdb = samdb_connect(ntp_signd, task->event_ctx, task->lp_ctx, system_session(task->lp_ctx), 0); 375 524 if (ntp_signd->samdb == NULL) { 376 525 task_server_terminate(task, "ntp_signd failed to open samdb", true); … … 378 527 } 379 528 380 address = talloc_asprintf(ntp_signd, "%s/socket", lp_ntp_signd_socket_directory(task->lp_ctx)); 381 382 status = stream_setup_socket(ntp_signd->task->event_ctx, 529 address = talloc_asprintf(ntp_signd, "%s/socket", lpcfg_ntp_signd_socket_directory(task->lp_ctx)); 530 531 status = stream_setup_socket(ntp_signd->task, 532 ntp_signd->task->event_ctx, 383 533 ntp_signd->task->lp_ctx, 384 534 model_ops, 385 535 &ntp_signd_stream_ops, 386 536 "unix", address, NULL, 387 lp _socket_options(ntp_signd->task->lp_ctx),537 lpcfg_socket_options(ntp_signd->task->lp_ctx), 388 538 ntp_signd); 389 539 if (!NT_STATUS_IS_OK(status)) {
Note:
See TracChangeset
for help on using the changeset viewer.
