use of safe_cli_errstr() and cli_establish_connection().

(This used to be commit b60eb8c9fc61bf207ab3600eec3ca722403c4d19)

1 files changed, 99 insertions, 124 deletions

diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index d385011bac..c7483677f0 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -549,140 +549,115 @@ static BOOL modify_trust_password( char *domain, char *remote_machine,
                           unsigned char new_trust_passwd_hash[16],
                           uint16 sec_chan)
 {
-  uint16 nt_pipe_fnum;
-  struct cli_state cli;
-  struct nmb_name calling, called;
+	uint16 nt_pipe_fnum;
+	struct cli_state cli;
+	struct nmb_name calling, called;
 
-  ZERO_STRUCT(cli);
-  if(cli_initialise(&cli) == False) {
-    DEBUG(0,("modify_trust_password: unable to initialize client connection.\n"));
-    return False;
-  }
+	make_nmb_name(&calling, global_myname , 0x0 , scope);
+	make_nmb_name(&called , remote_machine, 0x20, scope);
 
-  if(!resolve_name( remote_machine, &cli.dest_ip, 0x20)) {
-    DEBUG(0,("modify_trust_password: Can't resolve address for %s\n", remote_machine));
-    return False;
-  }
+	ZERO_STRUCT(cli);
+	if(cli_initialise(&cli) == NULL)
+	{
+		DEBUG(0,("modify_trust_password: unable to initialize client \
+connection.\n"));
+		return False;
+	}
 
-  if (ismyip(cli.dest_ip)) {
-    DEBUG(0,("modify_trust_password: Machine %s is one of our addresses. Cannot add \
-to ourselves.\n", remote_machine));
-    return False;
-  }
+	if(!resolve_name( remote_machine, &cli.dest_ip, 0x20))
+	{
+		DEBUG(0,("modify_trust_password: Can't resolve address for \
+%s\n", remote_machine));
+		return False;
+	}
 
-  if (!cli_connect(&cli, remote_machine, &cli.dest_ip)) {
-	fstring errstr;
-    cli_safe_errstr(&cli, errstr, sizeof(errstr));
-    DEBUG(0,("modify_trust_password: unable to connect to SMB server on \
-machine %s. Error was : %s.\n", remote_machine, errstr  ));
-    return False;
-  }
-    
-  
-	make_nmb_name(&calling, global_myname , 0x0 , scope);
-	make_nmb_name(&called , remote_machine, 0x20, scope);
+	if (ismyip(cli.dest_ip))
+	{
+		DEBUG(0,("modify_trust_password: Machine %s is one of our \
+addresses. Cannot add to ourselves.\n", remote_machine));
+		return False;
+	}
 
-	if (!cli_session_request(&cli, &calling, &called))
+	cli.protocol = PROTOCOL_NT1;
+
+	if (!cli_establish_connection(&cli, remote_machine, &cli.dest_ip,
+	                              &calling, &called,
+	                              "IPC$", "IPC", False, True))
 	{
-	fstring errstr;
-    cli_safe_errstr(&cli, errstr, sizeof(errstr));
-    DEBUG(0,("modify_trust_password: machine %s rejected the session setup. \
-Error was : %s.\n", remote_machine, errstr ));
-    cli_shutdown(&cli);
-    return False;
-  }
+		fstring errstr;
+		cli_safe_errstr(&cli, errstr, sizeof(errstr));
+		DEBUG(0,("modify_trust_password: machine %s rejected the SMB \
+session. Error was : %s.\n", remote_machine, errstr ));
+		cli_shutdown(&cli);
+		return False;
+	}
 
-  cli.protocol = PROTOCOL_NT1;
-    
-  if (!cli_negprot(&cli)) {
-	fstring errstr;
-    cli_safe_errstr(&cli, errstr, sizeof(errstr));
-    DEBUG(0,("modify_trust_password: machine %s rejected the negotiate protocol. \
-Error was : %s.\n", remote_machine, errstr ));
-    cli_shutdown(&cli);
-    return False;
-  }
-  if (cli.protocol != PROTOCOL_NT1) {
-    DEBUG(0,("modify_trust_password: machine %s didn't negotiate NT protocol.\n", 
-            remote_machine));
-    cli_shutdown(&cli);
-    return False;
-  }
-    
-  /*
-   * Do an anonymous session setup.
-   */
-    
-  if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
-	fstring errstr;
-    cli_safe_errstr(&cli, errstr, sizeof(errstr));
-    DEBUG(0,("modify_trust_password: machine %s rejected the session setup. \
-Error was : %s.\n", remote_machine, errstr  ));
-    cli_shutdown(&cli);
-    return False;
-  }
-    
-  if (!(cli.sec_mode & 1)) {
-    DEBUG(0,("modify_trust_password: machine %s isn't in user level security mode\n",
-          remote_machine));
-    cli_shutdown(&cli);
-    return False;
-  }
-    
-  if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
-	fstring errstr;
-    cli_safe_errstr(&cli, errstr, sizeof(errstr));
-    DEBUG(0,("modify_trust_password: machine %s rejected the tconX on the IPC$ share. \
-Error was : %s.\n", remote_machine, errstr ));
-    cli_shutdown(&cli);
-    return False;
-  }
 
-  /*
-   * Ok - we have an anonymous connection to the IPC$ share.
-   * Now start the NT Domain stuff :-).
-   */
-    
-  if(cli_nt_session_open(&cli, PIPE_NETLOGON, &nt_pipe_fnum) == False) {
-	fstring errstr;
-    cli_safe_errstr(&cli, errstr, sizeof(errstr));
-    DEBUG(0,("modify_trust_password: unable to open the domain client session to \
-machine %s. Error was : %s.\n", remote_machine, errstr ));
-    cli_nt_session_close(&cli, nt_pipe_fnum);
-    cli_ulogoff(&cli);
-    cli_shutdown(&cli);
-    return False;
-  } 
-  
-  if(cli_nt_setup_creds(&cli, nt_pipe_fnum,
-     cli.mach_acct, orig_trust_passwd_hash, sec_chan) == False) {
-	fstring errstr;
-    cli_safe_errstr(&cli, errstr, sizeof(errstr));
-    DEBUG(0,("modify_trust_password: unable to setup the PDC credentials to machine \
-%s. Error was : %s.\n", remote_machine, errstr ));
-    cli_nt_session_close(&cli, nt_pipe_fnum);
-    cli_ulogoff(&cli);
-    cli_shutdown(&cli);
-    return False;
-  } 
-
-  if( cli_nt_srv_pwset( &cli, nt_pipe_fnum, new_trust_passwd_hash, sec_chan ) == False) {
-	fstring errstr;
-    cli_safe_errstr(&cli, errstr, sizeof(errstr));
-    DEBUG(0,("modify_trust_password: unable to change password for machine %s in domain \
-%s to Domain controller %s. Error was %s.\n", global_myname, domain, remote_machine, 
-                            errstr ));
-    cli_nt_session_close(&cli, nt_pipe_fnum);
-    cli_ulogoff(&cli);
-    cli_shutdown(&cli);
-    return False;
-  }
+	if (cli.protocol != PROTOCOL_NT1)
+	{
+		DEBUG(0,("modify_trust_password: machine %s didn't negotiate \
+NT protocol.\n", remote_machine));
+		cli_shutdown(&cli);
+		return False;
+	}
 
-  cli_nt_session_close(&cli, nt_pipe_fnum);
-  cli_ulogoff(&cli);
-  cli_shutdown(&cli);
+	if (!(IS_BITS_SET_ALL(cli.sec_mode, 1)))
+	{
+		DEBUG(0,("modify_trust_password: machine %s isn't in user \
+level security mode\n", remote_machine));
+		cli_shutdown(&cli);
+		return False;
+	}
+
+	/*
+	* Ok - we have an anonymous connection to the IPC$ share.
+	* Now start the NT Domain stuff :-).
+	*/
+
+	if (!cli_nt_session_open(&cli, PIPE_NETLOGON, &nt_pipe_fnum))
+	{
+		fstring errstr;
+		cli_safe_errstr(&cli, errstr, sizeof(errstr));
+		DEBUG(0,("modify_trust_password: unable to open the domain \
+client session to server %s. Error was : %s.\n", remote_machine, errstr ));
+		cli_nt_session_close(&cli, nt_pipe_fnum);
+		cli_ulogoff(&cli);
+		cli_shutdown(&cli);
+		return False;
+	} 
+
+	if (!cli_nt_setup_creds(&cli, nt_pipe_fnum,
+	                      cli.mach_acct, orig_trust_passwd_hash, sec_chan))
+	{
+		fstring errstr;
+		cli_safe_errstr(&cli, errstr, sizeof(errstr));
+		DEBUG(0,("modify_trust_password: unable to setup the PDC \
+credentials to server %s. Error was : %s.\n", remote_machine, errstr ));
+		cli_nt_session_close(&cli, nt_pipe_fnum);
+		cli_ulogoff(&cli);
+		cli_shutdown(&cli);
+		return False;
+	} 
+
+	if (!cli_nt_srv_pwset( &cli, nt_pipe_fnum, new_trust_passwd_hash,
+	                       sec_chan ) )
+	{
+		fstring errstr;
+		cli_safe_errstr(&cli, errstr, sizeof(errstr));
+		DEBUG(0,("modify_trust_password: unable to change password for \
+workstation %s in domain %s to Domain controller %s. Error was %s.\n",
+		            global_myname, domain, remote_machine, errstr ));
+		cli_nt_session_close(&cli, nt_pipe_fnum);
+		cli_ulogoff(&cli);
+		cli_shutdown(&cli);
+		return False;
+	}
 
-  return True;
+	cli_nt_session_close(&cli, nt_pipe_fnum);
+	cli_ulogoff(&cli);
+	cli_shutdown(&cli);
+
+	return True;
 }
 
 /************************************************************************