summaryrefslogtreecommitdiff
path: root/source4/librpc/rpc
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-09-20 04:16:00 +0200
committerAndrew Bartlett <abartlet@samba.org>2013-10-17 08:49:00 +1300
commita62927ef882a5ed7bee1c737c44dd29b13e724e0 (patch)
treefd244f52dc5bba7fff3a289903f5cd741782993b /source4/librpc/rpc
parent300a186a7123966d4d47fc1730014ea97cf97049 (diff)
downloadsamba-a62927ef882a5ed7bee1c737c44dd29b13e724e0.tar.gz
samba-a62927ef882a5ed7bee1c737c44dd29b13e724e0.tar.bz2
samba-a62927ef882a5ed7bee1c737c44dd29b13e724e0.zip
s4:librpc: let dcerpc_schannel_key_recv() return netlogon_creds_CredentialState
cli_credentials_set_netlogon_creds() should only be used directly before a DCERPC bind in order to pass the session information to the gensec layer. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/librpc/rpc')
-rw-r--r--source4/librpc/rpc/dcerpc_schannel.c24
1 files changed, 15 insertions, 9 deletions
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index cd62508edd..c4bedfa913 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -296,9 +296,6 @@ static void continue_srv_auth2(struct tevent_req *subreq)
return;
}
- /* setup current netlogon credentials */
- cli_credentials_set_netlogon_creds(s->credentials, s->creds);
-
composite_done(c);
}
@@ -369,10 +366,19 @@ static struct composite_context *dcerpc_schannel_key_send(TALLOC_CTX *mem_ctx,
/*
Receive result of schannel key request
*/
-static NTSTATUS dcerpc_schannel_key_recv(struct composite_context *c)
+static NTSTATUS dcerpc_schannel_key_recv(struct composite_context *c,
+ TALLOC_CTX *mem_ctx,
+ struct netlogon_creds_CredentialState **creds)
{
NTSTATUS status = composite_wait(c);
-
+
+ if (NT_STATUS_IS_OK(status)) {
+ struct schannel_key_state *s =
+ talloc_get_type_abort(c->private_data,
+ struct schannel_key_state);
+ *creds = talloc_move(mem_ctx, &s->creds);
+ }
+
talloc_free(c);
return status;
}
@@ -410,13 +416,15 @@ static void continue_schannel_key(struct composite_context *ctx)
NTSTATUS status;
/* receive schannel key */
- status = c->status = dcerpc_schannel_key_recv(ctx);
+ status = c->status = dcerpc_schannel_key_recv(ctx, s, &s->creds_state);
if (!composite_is_ok(c)) {
DEBUG(1, ("Failed to setup credentials: %s\n", nt_errstr(status)));
return;
}
/* send bind auth request with received creds */
+ cli_credentials_set_netlogon_creds(s->credentials, s->creds_state);
+
auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, s->credentials,
lpcfg_gensec_settings(c, s->lp_ctx),
DCERPC_AUTH_TYPE_SCHANNEL, s->auth_level,
@@ -447,9 +455,6 @@ static void continue_bind_auth(struct composite_context *ctx)
&ndr_table_netlogon.syntax_id)) {
ZERO_STRUCT(s->return_auth);
- s->creds_state = cli_credentials_get_netlogon_creds(s->credentials);
- if (composite_nomem(s->creds_state, c)) return;
-
s->save_creds_state = *s->creds_state;
netlogon_creds_client_authenticator(&s->save_creds_state, &s->auth);
@@ -528,6 +533,7 @@ static void continue_get_capabilities(struct tevent_req *subreq)
}
*s->creds_state = s->save_creds_state;
+ cli_credentials_set_netlogon_creds(s->credentials, s->creds_state);
if (!NT_STATUS_IS_OK(s->c.out.result)) {
composite_error(c, s->c.out.result);