This puts real netlogon connection caching to winbind. This becomes

important once we start doing schannel, as there would be a lot more roundtrips for the second PIPE open and bind. With this patch logging in to a member server is a matter of two (three if you count the ack...) packets between us and the DC. Volker (This used to be commit 5b3cb7725a974629d0bd8b707bc2940c36b8745e)
author: Volker Lendecke <vlendec@samba.org> 2003-05-08 08:02:52 +0000
committer: Volker Lendecke <vlendec@samba.org> 2003-05-08 08:02:52 +0000
commit: d1da999e0a84939e372ebe590861376e2c0075b3 (patch)
tree: 98431ea78f62be7e3b383a7d8c8249e573feb307 /source3/rpc_client
parent: 8210b69406f8b3b213cb7d9fdc5c58986f80a56b (diff)
download: samba-d1da999e0a84939e372ebe590861376e2c0075b3.tar.gz
samba-d1da999e0a84939e372ebe590861376e2c0075b3.tar.bz2
samba-d1da999e0a84939e372ebe590861376e2c0075b3.zip
2 files changed, 22 insertions, 26 deletions
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index 72240ca7d2..831101ed81 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -472,6 +472,7 @@ NTSTATUS cli_netlogon_sam_deltas(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 /* Logon domain user */
 
 NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+				DOM_CRED *ret_creds,
                                 const char *username, const char *password,
                                 int logon_type)
 {
@@ -486,6 +487,7 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 
 	ZERO_STRUCT(q);
 	ZERO_STRUCT(r);
+	ZERO_STRUCT(dummy_rtn_creds);
 
 	/* Initialise parse structures */
 
@@ -498,8 +500,8 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
 
         q.validation_level = validation_level;
 
-	memset(&dummy_rtn_creds, '\0', sizeof(dummy_rtn_creds));
-	dummy_rtn_creds.timestamp.time = time(NULL);
+	if (ret_creds == NULL)
+		ret_creds = &dummy_rtn_creds;
 
         ctr.switch_value = logon_type;
 
@@ -542,7 +544,7 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
         }
 
         init_sam_info(&q.sam_id, cli->srv_name_slash, global_myname(),
-                      &clnt_creds, &dummy_rtn_creds, logon_type,
+                      &clnt_creds, ret_creds, logon_type,
                       &ctr);
 
         /* Marshall data and send request */
@@ -563,6 +565,7 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
         /* Return results */
 
 	result = r.status;
+	memcpy(ret_creds, &r.srv_creds, sizeof(*ret_creds));
 
  done:
 	prs_mem_free(&qbuf);
@@ -579,6 +582,7 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
  **/
 
 NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+					DOM_CRED *ret_creds,
 					const char *username, const char *domain, const char *workstation, 
 					const uint8 chal[8], 
 					DATA_BLOB lm_response, DATA_BLOB nt_response,
@@ -598,6 +602,7 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c
 	
 	ZERO_STRUCT(q);
 	ZERO_STRUCT(r);
+	ZERO_STRUCT(dummy_rtn_creds);
 
 	workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation);
 	
@@ -617,8 +622,8 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c
 
 	q.validation_level = validation_level;
 
-	memset(&dummy_rtn_creds, '\0', sizeof(dummy_rtn_creds));
-	dummy_rtn_creds.timestamp.time = time(NULL);
+	if (ret_creds == NULL)
+		ret_creds = &dummy_rtn_creds;
 
         ctr.switch_value = NET_LOGON_TYPE;
 
@@ -629,7 +634,7 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c
 		      lm_response.data, lm_response.length, nt_response.data, nt_response.length);
  
         init_sam_info(&q.sam_id, cli->srv_name_slash, global_myname(),
-                      &clnt_creds, &dummy_rtn_creds, NET_LOGON_TYPE,
+                      &clnt_creds, ret_creds, NET_LOGON_TYPE,
                       &ctr);
 
         /* Marshall data and send request */
@@ -659,6 +664,7 @@ NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, TALLOC_CTX *mem_c
         /* Return results */
 
 	result = r.status;
+	memcpy(ret_creds, &r.srv_creds, sizeof(*ret_creds));
 
  done:
 	prs_mem_free(&qbuf);
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index f8472f3cfc..223d6a707e 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1563,8 +1563,8 @@ BOOL cli_nt_session_open(struct cli_state *cli, const int pipe_idx)
  Open a session to the NETLOGON pipe using schannel.
  ****************************************************************************/
 
-BOOL cli_nt_open_netlogon(struct cli_state *cli, const char *trust_password,
-			  int sec_chan)
+NTSTATUS cli_nt_establish_netlogon(struct cli_state *cli, int sec_chan,
+			       const char *trust_password)
 {
 	NTSTATUS result;
 	uint32 neg_flags = 0x000001ff;
@@ -1573,22 +1573,12 @@ BOOL cli_nt_open_netlogon(struct cli_state *cli, const char *trust_password,
 	if (lp_client_schannel() != False)
 		neg_flags |= NETLOGON_NEG_SCHANNEL;
 
-
-	if (!cli_nt_session_open(cli, PI_NETLOGON)) {
-		return False;
-	}
-
-	if (!secrets_init()) {
-		DEBUG(3,("Failed to init secrets.tdb\n"));
-		return False;
-	}
-
 	result = cli_nt_setup_creds(cli, sec_chan, trust_password,
 				    &neg_flags, 2);
 
 	if (!NT_STATUS_IS_OK(result)) {
 		cli_nt_session_close(cli);
-		return False;
+		return result;
 	}
 
 	if ((lp_client_schannel() == True) &&
@@ -1596,12 +1586,12 @@ BOOL cli_nt_open_netlogon(struct cli_state *cli, const char *trust_password,
 
 		DEBUG(3, ("Server did not offer schannel\n"));
 		cli_nt_session_close(cli);
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
 	if ((lp_client_schannel() == False) ||
 	    ((neg_flags & NETLOGON_NEG_SCHANNEL) == 0)) {
-		return True;
+		return NT_STATUS_OK;
 	}
 
 	/* Server offered schannel, so try it. */
@@ -1624,7 +1614,7 @@ BOOL cli_nt_open_netlogon(struct cli_state *cli, const char *trust_password,
 				 "Error was %s\n",
 				 PIPE_NETLOGON, cli->desthost,
 				 cli_errstr(cli)));
-			return False;
+			return NT_STATUS_UNSUCCESSFUL;
 		}
 		
 		cli->nt_pipe_fnum = (uint16)fnum;
@@ -1635,7 +1625,7 @@ BOOL cli_nt_open_netlogon(struct cli_state *cli, const char *trust_password,
 				 "Error was %s\n",
 				 PIPE_NETLOGON, cli->desthost,
 				 cli_errstr(cli)));
-			return False;
+			return NT_STATUS_UNSUCCESSFUL;
 		}
 
 		cli->nt_pipe_fnum = (uint16)fnum;
@@ -1645,17 +1635,17 @@ BOOL cli_nt_open_netlogon(struct cli_state *cli, const char *trust_password,
 			DEBUG(0,("Pipe hnd state failed.  Error was %s\n",
 				  cli_errstr(cli)));
 			cli_close(cli, cli->nt_pipe_fnum);
-			return False;
+			return NT_STATUS_UNSUCCESSFUL;
 		}
 	}
 
 	if (!rpc_pipe_bind(cli, PI_NETLOGON, global_myname(), True)) {
 		DEBUG(2,("rpc bind to %s failed\n", PIPE_NETLOGON));
 		cli_close(cli, cli->nt_pipe_fnum);
-		return False;
+		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	return True;
+	return NT_STATUS_OK;
 }
author	Volker Lendecke <vlendec@samba.org>	2003-05-08 08:02:52 +0000
committer	Volker Lendecke <vlendec@samba.org>	2003-05-08 08:02:52 +0000
commit	d1da999e0a84939e372ebe590861376e2c0075b3 (patch)
tree	98431ea78f62be7e3b383a7d8c8249e573feb307 /source3/rpc_client
parent	8210b69406f8b3b213cb7d9fdc5c58986f80a56b (diff)
download	samba-d1da999e0a84939e372ebe590861376e2c0075b3.tar.gz samba-d1da999e0a84939e372ebe590861376e2c0075b3.tar.bz2 samba-d1da999e0a84939e372ebe590861376e2c0075b3.zip