From: Andreas Schneider Date: Mon, 26 Apr 2021 11:52:14 +0000 (+0200) Subject: s3:winbindd: Remove obsolete sequence_number callback from msrpc backend X-Git-Tag: tevent-0.11.0~952 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=371bc987668463dc9693283921f400258112a744;p=thirdparty%2Fsamba.git s3:winbindd: Remove obsolete sequence_number callback from msrpc backend Signed-off-by: Andreas Schneider Reviewed-by: Ralph Boehme --- diff --git a/source3/winbindd/winbindd_msrpc.c b/source3/winbindd/winbindd_msrpc.c index 342f22cfde3..9f0fb460f7e 100644 --- a/source3/winbindd/winbindd_msrpc.c +++ b/source3/winbindd/winbindd_msrpc.c @@ -705,161 +705,6 @@ static NTSTATUS msrpc_lookup_groupmem(struct winbindd_domain *domain, return NT_STATUS_OK; } -#ifdef HAVE_LDAP - -#include "ads.h" - -static int get_ldap_seq(const char *server, struct sockaddr_storage *ss, int port, uint32_t *seq) -{ - int ret = -1; - struct timeval to; - const char *attrs[] = {"highestCommittedUSN", NULL}; - LDAPMessage *res = NULL; - char **values = NULL; - LDAP *ldp = NULL; - - *seq = DOM_SEQUENCE_NONE; - - /* - * Parameterised (5) second timeout on open. This is needed as the - * search timeout doesn't seem to apply to doing an open as well. JRA. - */ - - ldp = ldap_open_with_timeout(server, ss, port, lp_ldap_timeout()); - if (ldp == NULL) - return -1; - - /* Timeout if no response within 20 seconds. */ - to.tv_sec = 10; - to.tv_usec = 0; - - if (ldap_search_st(ldp, "", LDAP_SCOPE_BASE, "(objectclass=*)", - discard_const_p(char *, attrs), 0, &to, &res)) - goto done; - - if (ldap_count_entries(ldp, res) != 1) - goto done; - - values = ldap_get_values(ldp, res, "highestCommittedUSN"); - if (!values || !values[0]) - goto done; - - *seq = atoi(values[0]); - ret = 0; - - done: - - if (values) - ldap_value_free(values); - if (res) - ldap_msgfree(res); - if (ldp) - ldap_unbind(ldp); - return ret; -} - -/********************************************************************** - Get the sequence number for a Windows AD native mode domain using - LDAP queries. -**********************************************************************/ - -static int get_ldap_sequence_number(struct winbindd_domain *domain, uint32_t *seq) -{ - int ret = -1; - char addr[INET6_ADDRSTRLEN]; - - print_sockaddr(addr, sizeof(addr), &domain->dcaddr); - if ((ret = get_ldap_seq(addr, &domain->dcaddr, LDAP_PORT, seq)) == 0) { - DEBUG(3, ("get_ldap_sequence_number: Retrieved sequence " - "number for Domain (%s) from DC (%s)\n", - domain->name, addr)); - } - return ret; -} - -#endif /* HAVE_LDAP */ - -/* find the sequence number for a domain */ -static NTSTATUS msrpc_sequence_number(struct winbindd_domain *domain, - uint32_t *pseq) -{ - struct rpc_pipe_client *samr_pipe; - struct policy_handle dom_pol; - uint32_t seq = DOM_SEQUENCE_NONE; - TALLOC_CTX *tmp_ctx; - NTSTATUS status; - - DEBUG(3, ("msrpc_sequence_number: fetch sequence_number for %s\n", domain->name)); - - if (pseq) { - *pseq = DOM_SEQUENCE_NONE; - } - - tmp_ctx = talloc_stackframe(); - if (tmp_ctx == NULL) { - return NT_STATUS_NO_MEMORY; - } - - if ( !winbindd_can_contact_domain( domain ) ) { - DEBUG(10,("sequence_number: No incoming trust for domain %s\n", - domain->name)); - if (pseq) { - *pseq = time(NULL); - } - status = NT_STATUS_OK; - goto done; - } - -#ifdef HAVE_LDAP - if (domain->active_directory) { - int rc; - - DEBUG(8,("using get_ldap_seq() to retrieve the " - "sequence number\n")); - - rc = get_ldap_sequence_number(domain, &seq); - if (rc == 0) { - DEBUG(10,("domain_sequence_number: LDAP for " - "domain %s is %u\n", - domain->name, seq)); - - if (pseq) { - *pseq = seq; - } - - status = NT_STATUS_OK; - goto done; - } - - DEBUG(10,("domain_sequence_number: failed to get LDAP " - "sequence number for domain %s\n", - domain->name )); - } -#endif /* HAVE_LDAP */ - - status = cm_connect_sam(domain, tmp_ctx, false, &samr_pipe, &dom_pol); - if (!NT_STATUS_IS_OK(status)) { - goto done; - } - - status = rpc_sequence_number(tmp_ctx, - samr_pipe, - &dom_pol, - domain->name, - &seq); - if (!NT_STATUS_IS_OK(status)) { - goto done; - } - - if (pseq) { - *pseq = seq; - } - -done: - TALLOC_FREE(tmp_ctx); - return status; -} - /* get a list of trusted domains */ static NTSTATUS msrpc_trusted_domains(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, @@ -1224,7 +1069,7 @@ struct winbindd_methods msrpc_methods = { msrpc_lookup_usergroups, msrpc_lookup_useraliases, msrpc_lookup_groupmem, - msrpc_sequence_number, + NULL, msrpc_lockout_policy, msrpc_password_policy, msrpc_trusted_domains,