diff options
| author | Jeremy Allison <jra@samba.org> | 2006-02-22 21:18:23 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:10:20 -0500 |
| commit | 202bc164ca11539a62a7e894330265df90319828 (patch) | |
| tree | 46cf5ad64312725f20c25776f977bde38cfcc31a /source3/rpc_client | |
| parent | fd5ecef41ce3dd6acff1ed0fc17529fa8459a66f (diff) | |
| download | samba-202bc164ca11539a62a7e894330265df90319828.tar.gz samba-202bc164ca11539a62a7e894330265df90319828.tar.bz2 samba-202bc164ca11539a62a7e894330265df90319828.zip | |
r13641: Finish fix for #3510. Don't use client schannel when told
not to, cope with a server that doesn't offer schannel also.
Jeremy
(This used to be commit 68005f6bdb70883eace0d9067c76c3360a803023)
Diffstat (limited to 'source3/rpc_client')
| -rw-r--r-- | source3/rpc_client/cli_pipe.c | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 9cc350bef1..23cc6af114 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -2393,13 +2393,14 @@ struct rpc_pipe_client *cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli, /**************************************************************************** Open a netlogon pipe and get the schannel session key. + Now exposed to external callers. ****************************************************************************/ -static struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli, +struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli, const char *domain, + uint32 *pneg_flags, NTSTATUS *perr) { - uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; struct rpc_pipe_client *netlogon_pipe = NULL; uint32 sec_chan_type = 0; unsigned char machine_pwd[16]; @@ -2438,7 +2439,7 @@ static struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli, machine_account, /* machine account name */ machine_pwd, sec_chan_type, - &neg_flags); + pneg_flags); if (!NT_STATUS_IS_OK(*perr)) { DEBUG(3,("get_schannel_session_key: rpccli_netlogon_setup_creds " @@ -2448,7 +2449,7 @@ static struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli, return NULL; } - if ((neg_flags & NETLOGON_NEG_SCHANNEL) == 0) { + if (((*pneg_flags) & NETLOGON_NEG_SCHANNEL) == 0) { DEBUG(3, ("get_schannel_session_key: Server %s did not offer schannel\n", cli->desthost)); cli_rpc_pipe_close(netlogon_pipe); @@ -2520,9 +2521,9 @@ static struct rpc_pipe_client *get_schannel_session_key_auth_ntlmssp(struct cli_ const char *domain, const char *username, const char *password, + uint32 *pneg_flags, NTSTATUS *perr) { - uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; struct rpc_pipe_client *netlogon_pipe = NULL; uint32 sec_chan_type = 0; unsigned char machine_pwd[16]; @@ -2564,7 +2565,7 @@ static struct rpc_pipe_client *get_schannel_session_key_auth_ntlmssp(struct cli_ machine_account, /* machine account name */ machine_pwd, sec_chan_type, - &neg_flags); + pneg_flags); if (!NT_STATUS_IS_OK(*perr)) { DEBUG(3,("get_schannel_session_key_auth_ntlmssp: rpccli_netlogon_setup_creds " @@ -2574,7 +2575,7 @@ static struct rpc_pipe_client *get_schannel_session_key_auth_ntlmssp(struct cli_ return NULL; } - if ((neg_flags & NETLOGON_NEG_SCHANNEL) == 0) { + if (((*pneg_flags) & NETLOGON_NEG_SCHANNEL) == 0) { DEBUG(3, ("get_schannel_session_key_auth_ntlmssp: Server %s did not offer schannel\n", cli->desthost)); cli_rpc_pipe_close(netlogon_pipe); @@ -2599,10 +2600,12 @@ struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state const char *password, NTSTATUS *perr) { + uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; struct rpc_pipe_client *netlogon_pipe = NULL; struct rpc_pipe_client *result = NULL; - netlogon_pipe = get_schannel_session_key_auth_ntlmssp(cli, domain, username, password, perr); + netlogon_pipe = get_schannel_session_key_auth_ntlmssp(cli, domain, username, + password, &neg_flags, perr); if (!netlogon_pipe) { DEBUG(0,("cli_rpc_pipe_open_ntlmssp_auth_schannel: failed to get schannel session " "key from server %s for domain %s.\n", @@ -2631,10 +2634,11 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli, const char *domain, NTSTATUS *perr) { + uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; struct rpc_pipe_client *netlogon_pipe = NULL; struct rpc_pipe_client *result = NULL; - netlogon_pipe = get_schannel_session_key(cli, domain, perr); + netlogon_pipe = get_schannel_session_key(cli, domain, &neg_flags, perr); if (!netlogon_pipe) { DEBUG(0,("cli_rpc_pipe_open_schannel: failed to get schannel session " "key from server %s for domain %s.\n", |