summaryrefslogtreecommitdiff
path: root/source4/rpc_server
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2005-11-05 06:36:42 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:45:46 -0500
commit79cb46c1af526635c31b03612cd9f0d9ea97a5be (patch)
treee9d8128d62da0e32cd864010f34e20a906e75c2a /source4/rpc_server
parentd3b91ae169b17881dfba4848a7cae30b95a97c70 (diff)
downloadsamba-79cb46c1af526635c31b03612cd9f0d9ea97a5be.tar.gz
samba-79cb46c1af526635c31b03612cd9f0d9ea97a5be.tar.bz2
samba-79cb46c1af526635c31b03612cd9f0d9ea97a5be.zip
r11513: Add the ability to use the local machine account instead of a static
password or delegation. Add the ability to delegate for RPC pipes on the RPC proxy backend (the backend itself seems be having problems however). Andrew Bartlett (This used to be commit a7e946bc37e4acfbe2c483b4f1ead0341f9b3d19)
Diffstat (limited to 'source4/rpc_server')
-rw-r--r--source4/rpc_server/remote/dcesrv_remote.c57
1 files changed, 46 insertions, 11 deletions
diff --git a/source4/rpc_server/remote/dcesrv_remote.c b/source4/rpc_server/remote/dcesrv_remote.c
index 9e77347fa7..9ba2419859 100644
--- a/source4/rpc_server/remote/dcesrv_remote.c
+++ b/source4/rpc_server/remote/dcesrv_remote.c
@@ -21,6 +21,8 @@
#include "includes.h"
#include "rpc_server/dcerpc_server.h"
+#include "auth/auth.h"
+
struct dcesrv_remote_private {
struct dcerpc_pipe *c_pipe;
@@ -31,24 +33,59 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
NTSTATUS status;
struct dcesrv_remote_private *private;
const char *binding = lp_parm_string(-1, "dcerpc_remote", "binding");
+ const char *user, *pass, *domain;
struct cli_credentials *credentials;
+ BOOL machine_account;
- if (!binding) {
- DEBUG(0,("You must specify a ncacn binding string\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
+ machine_account = lp_parm_bool(-1, "dcerpc_remote", "use_machine_account", False);
private = talloc(dce_call->conn, struct dcesrv_remote_private);
if (!private) {
return NT_STATUS_NO_MEMORY;
}
- credentials = cli_credentials_init(private);
+ private->c_pipe = NULL;
+ dce_call->context->private = private;
+
+ if (!binding) {
+ DEBUG(0,("You must specify a ncacn binding string\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ user = lp_parm_string(-1, "dcerpc_remote", "user");
+ pass = lp_parm_string(-1, "dcerpc_remote", "password");
+ domain = lp_parm_string(-1, "dceprc_remote", "domain");
- cli_credentials_set_username(credentials, lp_parm_string(-1, "dcerpc_remote", "username"), CRED_SPECIFIED);
- cli_credentials_set_workstation(credentials, lp_netbios_name(), CRED_SPECIFIED);
- cli_credentials_set_domain(credentials, lp_workgroup(), CRED_SPECIFIED);
- cli_credentials_set_password(credentials, lp_parm_string(-1, "dcerpc_remote", "password"), CRED_SPECIFIED);
+ if (user && pass) {
+ DEBUG(5, ("dcerpc_remote: RPC Proxy: Using specified account\n"));
+ credentials = cli_credentials_init(private);
+ if (!credentials) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ cli_credentials_set_conf(credentials);
+ cli_credentials_set_username(credentials, user, CRED_SPECIFIED);
+ if (domain) {
+ cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
+ }
+ cli_credentials_set_password(credentials, pass, CRED_SPECIFIED);
+ } else if (machine_account) {
+ DEBUG(5, ("dcerpc_remote: RPC Proxy: Using machine account\n"));
+ credentials = cli_credentials_init(private);
+ cli_credentials_set_conf(credentials);
+ if (domain) {
+ cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
+ }
+ status = cli_credentials_set_machine_account(credentials);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ } else if (dce_call->conn->auth_state.session_info->credentials) {
+ DEBUG(5, ("dcerpc_remote: RPC Proxy: Using delegated credentials\n"));
+ credentials = dce_call->conn->auth_state.session_info->credentials;
+ } else {
+ DEBUG(1,("dcerpc_remote: RPC Proxy: You must supply binding, user and password or have delegated credentials\n"));
+ return NT_STATUS_INVALID_PARAMETER;
+ }
status = dcerpc_pipe_connect(private,
&(private->c_pipe), binding,
@@ -60,8 +97,6 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
return status;
}
- dce_call->context->private = private;
-
return NT_STATUS_OK;
}