diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-06-06 07:14:10 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:56:33 -0500 |
commit | a1318baa5503648ffcff2e9cd625b6848ad285b8 (patch) | |
tree | 0d3a24bfd6958b4ee0006add8c4334383472f71a /source4/librpc/rpc/dcerpc_util.c | |
parent | 7ea6a0b1fc3e5f35e5096ad820053d54c4496a09 (diff) | |
download | samba-a1318baa5503648ffcff2e9cd625b6848ad285b8.tar.gz samba-a1318baa5503648ffcff2e9cd625b6848ad285b8.tar.bz2 samba-a1318baa5503648ffcff2e9cd625b6848ad285b8.zip |
r1041: - pulled the domain join code out of the netlogon test and made it a separate utility function, to allow
multiple torture tests to temporarily join a domain
- fixed a session key size problem
- added a schannel test suite
- allow schannel to work with ncacn_ip_tcp
(This used to be commit 36f05e4d575099fcb957b8a55781c38dcd2e1177)
Diffstat (limited to 'source4/librpc/rpc/dcerpc_util.c')
-rw-r--r-- | source4/librpc/rpc/dcerpc_util.c | 84 |
1 files changed, 52 insertions, 32 deletions
diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c index 623d5ec24a..c7edf043ec 100644 --- a/source4/librpc/rpc/dcerpc_util.c +++ b/source4/librpc/rpc/dcerpc_util.c @@ -275,7 +275,6 @@ static const struct { } ncacn_options[] = { {"sign", DCERPC_SIGN}, {"seal", DCERPC_SEAL}, - {"schannel", DCERPC_SCHANNEL}, {"validate", DCERPC_DEBUG_VALIDATE_BOTH}, {"print", DCERPC_DEBUG_PRINT_BOTH}, {"bigendian", DCERPC_PUSH_BIGENDIAN} @@ -458,11 +457,18 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **p, pipe_name += 6; } - status = cli_full_connection(&cli, lp_netbios_name(), - binding->host, NULL, - "ipc$", "?????", - username, username[0]?domain:"", - password, 0, &retry); + if ((binding->flags & DCERPC_SCHANNEL_ANY) || !username || !username[0]) { + status = cli_full_connection(&cli, lp_netbios_name(), + binding->host, NULL, + "ipc$", "?????", + "", "", NULL, 0, &retry); + } else { + status = cli_full_connection(&cli, lp_netbios_name(), + binding->host, NULL, + "ipc$", "?????", + username, domain, + password, 0, &retry); + } if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("Failed to connect to %s - %s\n", binding->host, nt_errstr(status))); return status; @@ -482,23 +488,15 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **p, (*p)->flags = binding->flags; - if (binding->flags & DCERPC_SCHANNEL) { - const char *trust_password = NULL; // samdb_fetch_member_password(); - if (!trust_password) { - DEBUG(0,("Unable to fetch machine password\n")); - goto done; - } + if (binding->flags & DCERPC_SCHANNEL_ANY) { status = dcerpc_bind_auth_schannel(*p, pipe_uuid, pipe_version, - lp_workgroup(), - lp_netbios_name(), - trust_password); + domain, username, password); } else if (binding->flags & (DCERPC_SIGN | DCERPC_SEAL)) { status = dcerpc_bind_auth_ntlm(*p, pipe_uuid, pipe_version, domain, username, password); } else { status = dcerpc_bind_auth_none(*p, pipe_uuid, pipe_version); } -done: if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("Failed to bind to uuid %s - %s\n", pipe_uuid, nt_errstr(status))); dcerpc_pipe_close(*p); @@ -552,7 +550,10 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_ip_tcp(struct dcerpc_pipe **p, (*p)->flags = binding->flags; - if (!(binding->flags & (DCERPC_SIGN|DCERPC_SEAL)) && !username[0]) { + if (binding->flags & DCERPC_SCHANNEL_ANY) { + status = dcerpc_bind_auth_schannel(*p, pipe_uuid, pipe_version, + domain, username, password); + } else if (!(binding->flags & (DCERPC_SIGN|DCERPC_SEAL)) && !username[0]) { status = dcerpc_bind_auth_none(*p, pipe_uuid, pipe_version); } else { status = dcerpc_bind_auth_ntlm(*p, pipe_uuid, pipe_version, @@ -560,7 +561,8 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_ip_tcp(struct dcerpc_pipe **p, } if (!NT_STATUS_IS_OK(status)) { - DEBUG(0,("Failed to bind to uuid %s - %s\n", pipe_uuid, nt_errstr(status))); + DEBUG(0,("Failed to bind to uuid %s - %s\n", + pipe_uuid, nt_errstr(status))); dcerpc_pipe_close(*p); return status; } @@ -635,28 +637,46 @@ NTSTATUS dcerpc_pipe_connect(struct dcerpc_pipe **p, /* - create a secondary dcerpc connection from a primary SMB connection + create a secondary dcerpc connection from a primary connection - the secondary connection will be on the same SMB connection, but use a new fnum + if the primary is a SMB connection then the secondary connection + will be on the same SMB connection, but use a new fnum */ -NTSTATUS dcerpc_secondary_smb(struct dcerpc_pipe *p, struct dcerpc_pipe **p2, - const char *pipe_name, - const char *pipe_uuid, - uint32_t pipe_version) +NTSTATUS dcerpc_secondary_connection(struct dcerpc_pipe *p, struct dcerpc_pipe **p2, + const char *pipe_name, + const char *pipe_uuid, + uint32_t pipe_version) { - NTSTATUS status; struct cli_tree *tree; + NTSTATUS status = NT_STATUS_INVALID_PARAMETER; + struct dcerpc_binding b; - tree = dcerpc_smb_tree(p); - if (!tree) { - return NT_STATUS_INVALID_PARAMETER; + switch (p->transport.transport) { + case NCACN_NP: + tree = dcerpc_smb_tree(p); + if (!tree) { + return NT_STATUS_INVALID_PARAMETER; + } + + status = dcerpc_pipe_open_smb(p2, tree, pipe_name); + break; + + case NCACN_IP_TCP: + status = dcerpc_parse_binding(p->mem_ctx, p->binding_string, &b); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + b.flags &= ~DCERPC_AUTH_OPTIONS; + status = dcerpc_pipe_connect_ncacn_ip_tcp(p2, &b, pipe_uuid, + pipe_version, NULL, + NULL, NULL); + break; } - status = dcerpc_pipe_open_smb(p2, tree, pipe_name); if (!NT_STATUS_IS_OK(status)) { - return status; - } - + return status; + } + (*p2)->flags = p->flags; status = dcerpc_bind_auth_none(*p2, pipe_uuid, pipe_version); |