summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2005-03-21 21:22:07 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:11:08 -0500
commit05bc2d7b2c11a3583a6d1221cfbd618eb6730518 (patch)
treef0c2966e0a67c381ae1a94cd5c33c59ea8d33f14 /source4
parent34cde065139fdc76f6aa529426cfc1f68a394d54 (diff)
downloadsamba-05bc2d7b2c11a3583a6d1221cfbd618eb6730518.tar.gz
samba-05bc2d7b2c11a3583a6d1221cfbd618eb6730518.tar.bz2
samba-05bc2d7b2c11a3583a6d1221cfbd618eb6730518.zip
r5928: Use cli_credentials in:
- gtk+ (returned by GtkHostBindingDialog as well now) - torture/ - librpc/ - lib/com/dcom/ (This used to be commit ccefd782335e01e8e6ecb2bcd28a4f999c53b1a6)
Diffstat (limited to 'source4')
-rw-r--r--source4/client/client.c5
-rw-r--r--source4/gtk/common/gtk-smb.c19
-rw-r--r--source4/gtk/common/gtk-smb.h4
-rw-r--r--source4/gtk/tools/gepdump.c3
-rw-r--r--source4/gtk/tools/gregedit.c3
-rw-r--r--source4/gtk/tools/gwcrontab.c5
-rw-r--r--source4/gtk/tools/gwsam.c6
-rw-r--r--source4/include/credentials.h2
-rw-r--r--source4/lib/com/dcom/dcom.h4
-rw-r--r--source4/lib/com/dcom/main.c20
-rw-r--r--source4/lib/credentials.c24
-rw-r--r--source4/lib/registry/reg_backend_rpc.c6
-rw-r--r--source4/lib/registry/tools/regdiff.c5
-rw-r--r--source4/lib/registry/tools/regpatch.c2
-rw-r--r--source4/lib/registry/tools/regshell.c2
-rw-r--r--source4/lib/registry/tools/regtree.c2
-rw-r--r--source4/libcli/auth/gensec.c63
-rw-r--r--source4/libnet/libnet_rpc.c5
-rw-r--r--source4/librpc/rpc/dcerpc_auth.c23
-rw-r--r--source4/librpc/rpc/dcerpc_schannel.c29
-rw-r--r--source4/librpc/rpc/dcerpc_util.c64
-rw-r--r--source4/rpc_server/remote/dcesrv_remote.c12
-rw-r--r--source4/torture/com/simple.c3
-rw-r--r--source4/torture/ldap/basic.c7
-rw-r--r--source4/torture/raw/composite.c8
-rw-r--r--source4/torture/raw/context.c27
-rw-r--r--source4/torture/rpc/bind.c7
-rw-r--r--source4/torture/rpc/samlogon.c32
-rw-r--r--source4/torture/rpc/samsync.c20
-rw-r--r--source4/torture/rpc/schannel.c10
-rw-r--r--source4/torture/torture.c42
31 files changed, 186 insertions, 278 deletions
diff --git a/source4/client/client.c b/source4/client/client.c
index fd5be73607..cd580dc756 100644
--- a/source4/client/client.c
+++ b/source4/client/client.c
@@ -2555,10 +2555,7 @@ static BOOL browse_host(const char *query_host)
status = dcerpc_pipe_connect(&p, binding,
DCERPC_SRVSVC_UUID,
DCERPC_SRVSVC_VERSION,
- lp_netbios_name(),
- cli_credentials_get_domain(cmdline_credentials),
- cli_credentials_get_username(cmdline_credentials),
- cli_credentials_get_password(cmdline_credentials));
+ cmdline_credentials);
if (!NT_STATUS_IS_OK(status)) {
d_printf("Failed to connect to %s - %s\n",
binding, nt_errstr(status));
diff --git a/source4/gtk/common/gtk-smb.c b/source4/gtk/common/gtk-smb.c
index f42516c854..06bca9bf86 100644
--- a/source4/gtk/common/gtk-smb.c
+++ b/source4/gtk/common/gtk-smb.c
@@ -297,19 +297,14 @@ GtkWidget *gtk_rpc_binding_dialog_new (BOOL nocredentials, struct sam_pipe *sam_
return GTK_WIDGET(d);
}
-const char *gtk_rpc_binding_dialog_get_username(GtkRpcBindingDialog *d)
+struct cli_credentials *gtk_rpc_binding_dialog_get_credentials(GtkRpcBindingDialog *d)
{
- return gtk_entry_get_text(GTK_ENTRY(d->entry_username));
-}
-
-const char *gtk_rpc_binding_dialog_get_userdomain(GtkRpcBindingDialog *d)
-{
- return gtk_entry_get_text(GTK_ENTRY(d->entry_userdomain));
-}
-
-const char *gtk_rpc_binding_dialog_get_password(GtkRpcBindingDialog *d)
-{
- return gtk_entry_get_text(GTK_ENTRY(d->entry_password));
+ struct cli_credentials *ret = talloc(d->mem_ctx, struct cli_credentials);
+ cli_credentials_set_username(ret, gtk_entry_get_text(GTK_ENTRY(d->entry_username)), CRED_SPECIFIED);
+ cli_credentials_set_password(ret, gtk_entry_get_text(GTK_ENTRY(d->entry_password)), CRED_SPECIFIED);
+ cli_credentials_set_domain(ret, gtk_entry_get_text(GTK_ENTRY(d->entry_userdomain)), CRED_SPECIFIED);
+
+ return ret;
}
const char *gtk_rpc_binding_dialog_get_host(GtkRpcBindingDialog *d)
diff --git a/source4/gtk/common/gtk-smb.h b/source4/gtk/common/gtk-smb.h
index e85eb5be85..e78e8541f8 100644
--- a/source4/gtk/common/gtk-smb.h
+++ b/source4/gtk/common/gtk-smb.h
@@ -71,9 +71,7 @@ const char *gtk_select_host_dialog_get_host (GtkSelectHostDialog *d);
GType gtk_select_host_dialog_get_type (void);
void gtk_show_werror(GtkWidget *win, WERROR err);
const char *gtk_rpc_binding_dialog_get_binding_string(GtkRpcBindingDialog *d, TALLOC_CTX *mem_ctx);
-const char *gtk_rpc_binding_dialog_get_username(GtkRpcBindingDialog *d);
-const char *gtk_rpc_binding_dialog_get_userdomain(GtkRpcBindingDialog *d);
-const char *gtk_rpc_binding_dialog_get_password(GtkRpcBindingDialog *d);
+struct cli_credentials *gtk_rpc_binding_dialog_get_credentials(GtkRpcBindingDialog *d);
const char *gtk_rpc_binding_dialog_get_host(GtkRpcBindingDialog *d);
GtkWidget *gtk_select_domain_dialog_new (struct dcerpc_pipe *sam_pipe);
GType gtk_select_domain_dialog_get_type (void);
diff --git a/source4/gtk/tools/gepdump.c b/source4/gtk/tools/gepdump.c
index eeb927e43f..9a7d363a5e 100644
--- a/source4/gtk/tools/gepdump.c
+++ b/source4/gtk/tools/gepdump.c
@@ -25,6 +25,7 @@
#include "librpc/gen_ndr/ndr_mgmt.h"
#include "gtk/common/select.h"
#include "gtk/common/gtk-smb.h"
+#include "lib/cmdline/popt_common.h"
/*
* Show:
@@ -189,7 +190,7 @@ static void on_connect_clicked(GtkButton *btn, gpointer user_data)
status = dcerpc_pipe_connect(&epmapper_pipe, bs,
DCERPC_EPMAPPER_UUID, DCERPC_EPMAPPER_VERSION,
- lp_netbios_name(), lp_workgroup(), "", "");
+ cmdline_credentials);
if (NT_STATUS_IS_ERR(status)) {
gtk_show_ntstatus(mainwin, status);
diff --git a/source4/gtk/tools/gregedit.c b/source4/gtk/tools/gregedit.c
index 5c3f94cdba..ec4be2f57c 100644
--- a/source4/gtk/tools/gregedit.c
+++ b/source4/gtk/tools/gregedit.c
@@ -405,8 +405,7 @@ static void on_open_remote_activate(GtkMenuItem *menuitem, gpointer user_data)
}
error = reg_open_remote(&registry,
- gtk_rpc_binding_dialog_get_username(GTK_RPC_BINDING_DIALOG(rpcwin)),
- gtk_rpc_binding_dialog_get_password(GTK_RPC_BINDING_DIALOG(rpcwin)),
+ gtk_rpc_binding_dialog_get_credentials(GTK_RPC_BINDING_DIALOG(rpcwin)),
gtk_rpc_binding_dialog_get_binding_string(GTK_RPC_BINDING_DIALOG(rpcwin), mem_ctx));
if(!W_ERROR_IS_OK(error)) {
diff --git a/source4/gtk/tools/gwcrontab.c b/source4/gtk/tools/gwcrontab.c
index 3212821c18..ad3c58ca83 100644
--- a/source4/gtk/tools/gwcrontab.c
+++ b/source4/gtk/tools/gwcrontab.c
@@ -107,10 +107,7 @@ on_connect_activate (GtkMenuItem *menuitem,
gtk_rpc_binding_dialog_get_binding(d, mem_ctx),
DCERPC_ATSVC_UUID,
DCERPC_ATSVC_VERSION,
- lp_netbios_name(),
- gtk_rpc_binding_dialog_get_userdomain(d),
- gtk_rpc_binding_dialog_get_username(d),
- gtk_rpc_binding_dialog_get_password(d));
+ gtk_rpc_binding_dialog_get_credentials(d));
if(!NT_STATUS_IS_OK(status)) {
gtk_show_ntstatus(mainwin, status);
diff --git a/source4/gtk/tools/gwsam.c b/source4/gtk/tools/gwsam.c
index 1a6bc37f2f..0d435b278c 100644
--- a/source4/gtk/tools/gwsam.c
+++ b/source4/gtk/tools/gwsam.c
@@ -131,10 +131,8 @@ static void connect_sam(void)
status = dcerpc_pipe_connect_b(&sam_pipe,
gtk_rpc_binding_dialog_get_binding(d, mem_ctx),
DCERPC_SAMR_UUID, DCERPC_SAMR_VERSION,
- lp_netbios_name(),
- gtk_rpc_binding_dialog_get_userdomain(d),
- gtk_rpc_binding_dialog_get_username(d),
- gtk_rpc_binding_dialog_get_password(d));
+ gtk_rpc_binding_dialog_get_credentials(d)
+ );
if(!NT_STATUS_IS_OK(status)) {
gtk_show_ntstatus(mainwin, status);
diff --git a/source4/include/credentials.h b/source4/include/credentials.h
index 7b223dad5a..a97bcfa333 100644
--- a/source4/include/credentials.h
+++ b/source4/include/credentials.h
@@ -51,3 +51,5 @@ struct cli_credentials {
void *priv_data;
};
+
+#define cli_credentials_is_anonymous(c) (!(c) || !(c)->username || !(c)->username[0])
diff --git a/source4/lib/com/dcom/dcom.h b/source4/lib/com/dcom/dcom.h
index 668d952124..1e15daf830 100644
--- a/source4/lib/com/dcom/dcom.h
+++ b/source4/lib/com/dcom/dcom.h
@@ -22,9 +22,7 @@
#define _DCOM_H
struct dcom_client_context {
- const char *domain;
- const char *user;
- const char *password;
+ struct cli_credentials *credentials;
struct dcom_object_exporter {
uint64_t oxid;
struct DUALSTRINGARRAY bindings;
diff --git a/source4/lib/com/dcom/main.c b/source4/lib/com/dcom/main.c
index d3d44edc71..be350c32f5 100644
--- a/source4/lib/com/dcom/main.c
+++ b/source4/lib/com/dcom/main.c
@@ -30,12 +30,10 @@
#define DCOM_NEGOTIATED_PROTOCOLS { EPM_PROTOCOL_TCP, EPM_PROTOCOL_SMB, EPM_PROTOCOL_NCALRPC }
-struct dcom_client_context *dcom_client_init(struct com_context *ctx, const char *domain, const char *user, const char *password)
+struct dcom_client_context *dcom_client_init(struct com_context *ctx, struct cli_credentials *credentials)
{
ctx->dcom = talloc(ctx, struct dcom_client_context);
- ctx->dcom->domain = domain;
- ctx->dcom->user = user;
- ctx->dcom->password = password;
+ ctx->dcom->credentials = credentials;
return ctx->dcom;
}
@@ -86,8 +84,7 @@ static NTSTATUS dcom_connect_host(struct com_context *ctx, struct dcerpc_pipe **
return dcerpc_pipe_connect(p, "ncalrpc",
DCERPC_IREMOTEACTIVATION_UUID,
DCERPC_IREMOTEACTIVATION_VERSION,
- lp_netbios_name(),
- ctx->dcom->domain, ctx->dcom->user, ctx->dcom->password);
+ ctx->dcom->credentials);
}
/* Allow server name to contain a binding string */
@@ -95,8 +92,7 @@ static NTSTATUS dcom_connect_host(struct com_context *ctx, struct dcerpc_pipe **
status = dcerpc_pipe_connect_b(p, bd,
DCERPC_IREMOTEACTIVATION_UUID,
DCERPC_IREMOTEACTIVATION_VERSION,
- lp_netbios_name(),
- ctx->dcom->domain, ctx->dcom->user, ctx->dcom->password);
+ ctx->dcom->credentials);
talloc_free(mem_ctx);
return status;
@@ -113,8 +109,7 @@ static NTSTATUS dcom_connect_host(struct com_context *ctx, struct dcerpc_pipe **
status = dcerpc_pipe_connect(p, binding,
DCERPC_IREMOTEACTIVATION_UUID,
DCERPC_IREMOTEACTIVATION_VERSION,
- lp_netbios_name(),
- ctx->dcom->domain, ctx->dcom->user, ctx->dcom->password);
+ ctx->dcom->credentials);
if (NT_STATUS_IS_OK(status)) {
talloc_free(mem_ctx);
@@ -308,10 +303,7 @@ NTSTATUS dcom_get_pipe (struct IUnknown *iface, struct dcerpc_pipe **pp)
} else {
status = dcerpc_pipe_connect_b(&p, binding,
uuid, 0.0,
- lp_netbios_name(),
- iface->ctx->dcom->domain,
- iface->ctx->dcom->user,
- iface->ctx->dcom->password);
+ iface->ctx->dcom->credentials);
}
talloc_free(binding);
i++;
diff --git a/source4/lib/credentials.c b/source4/lib/credentials.c
index 5c78d2b2e6..1c65bd2aff 100644
--- a/source4/lib/credentials.c
+++ b/source4/lib/credentials.c
@@ -24,6 +24,10 @@
const char *cli_credentials_get_username(struct cli_credentials *cred)
{
+ if (cred == NULL) {
+ return NULL;
+ }
+
if (cred->username_obtained == CRED_CALLBACK) {
cred->username = cred->username_cb(cred);
cred->username_obtained = CRED_SPECIFIED;
@@ -45,6 +49,10 @@ BOOL cli_credentials_set_username(struct cli_credentials *cred, const char *val,
const char *cli_credentials_get_password(struct cli_credentials *cred)
{
+ if (cred == NULL) {
+ return NULL;
+ }
+
if (cred->password_obtained == CRED_CALLBACK) {
cred->password = cred->password_cb(cred);
cred->password_obtained = CRED_SPECIFIED;
@@ -66,6 +74,10 @@ BOOL cli_credentials_set_password(struct cli_credentials *cred, const char *val,
const char *cli_credentials_get_domain(struct cli_credentials *cred)
{
+ if (cred == NULL) {
+ return NULL;
+ }
+
if (cred->domain_obtained == CRED_CALLBACK) {
cred->domain = cred->domain_cb(cred);
cred->domain_obtained = CRED_SPECIFIED;
@@ -87,7 +99,11 @@ BOOL cli_credentials_set_domain(struct cli_credentials *cred, const char *val, e
}
const char *cli_credentials_get_realm(struct cli_credentials *cred)
-{
+{
+ if (cred == NULL) {
+ return NULL;
+ }
+
if (cred->realm_obtained == CRED_CALLBACK) {
cred->realm = cred->realm_cb(cred);
cred->realm_obtained = CRED_SPECIFIED;
@@ -109,6 +125,10 @@ BOOL cli_credentials_set_realm(struct cli_credentials *cred, const char *val, en
const char *cli_credentials_get_workstation(struct cli_credentials *cred)
{
+ if (cred == NULL) {
+ return NULL;
+ }
+
if (cred->workstation_obtained == CRED_CALLBACK) {
cred->workstation = cred->workstation_cb(cred);
cred->workstation_obtained = CRED_SPECIFIED;
@@ -246,7 +266,7 @@ void cli_credentials_parse_string(struct cli_credentials *credentials, const cha
uname = talloc_strdup(credentials, data);
cli_credentials_set_username(credentials, uname, obtained);
- if ((p = strchr_m(uname,'\\'))) {
+ if ((p = strchr_m(uname,'\\')) || (p = strchr_m(uname, '/'))) {
*p = 0;
cli_credentials_set_domain(credentials, uname, obtained);
credentials->username = uname = p+1;
diff --git a/source4/lib/registry/reg_backend_rpc.c b/source4/lib/registry/reg_backend_rpc.c
index 4a285262c6..a72d104521 100644
--- a/source4/lib/registry/reg_backend_rpc.c
+++ b/source4/lib/registry/reg_backend_rpc.c
@@ -369,7 +369,7 @@ static struct hive_operations reg_backend_rpc = {
.num_values = rpc_num_values,
};
-WERROR reg_open_remote (struct registry_context **ctx, const char *user, const char *pass, const char *location)
+WERROR reg_open_remote (struct registry_context **ctx, struct cli_credentials *credentials, const char *location)
{
NTSTATUS status;
struct dcerpc_pipe *p;
@@ -384,9 +384,7 @@ WERROR reg_open_remote (struct registry_context **ctx, const char *user, const c
status = dcerpc_pipe_connect(&p, location,
DCERPC_WINREG_UUID,
DCERPC_WINREG_VERSION,
- lp_netbios_name(),
- lp_workgroup(),
- user, pass);
+ credentials);
(*ctx)->backend_data = p;
if(NT_STATUS_IS_ERR(status)) {
diff --git a/source4/lib/registry/tools/regdiff.c b/source4/lib/registry/tools/regdiff.c
index 7206e1e44d..dfc8be13ca 100644
--- a/source4/lib/registry/tools/regdiff.c
+++ b/source4/lib/registry/tools/regdiff.c
@@ -146,8 +146,9 @@ static void writediff(struct registry_key *oldkey, struct registry_key *newkey,
else if (!h2) error = reg_open_local(&h2);
break;
case 'R':
- if (!h1 && !from_null) error = reg_open_remote(&h1, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), poptGetOptArg(pc));
- else if (!h2) error = reg_open_remote(&h2, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), poptGetOptArg(pc));
+ if (!h1 && !from_null)
+ error = reg_open_remote(&h1, cmdline_credentials, poptGetOptArg(pc));
+ else if (!h2) error = reg_open_remote(&h2, cmdline_credentials, poptGetOptArg(pc));
break;
}
diff --git a/source4/lib/registry/tools/regpatch.c b/source4/lib/registry/tools/regpatch.c
index ce3d9a7e1b..2462fd8241 100644
--- a/source4/lib/registry/tools/regpatch.c
+++ b/source4/lib/registry/tools/regpatch.c
@@ -769,7 +769,7 @@ static int nt_apply_reg_command_file(struct registry_context *r, const char *cmd
setup_logging(argv[0], True);
if (remote) {
- error = reg_open_remote (&h, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), remote);
+ error = reg_open_remote (&h, cmdline_credentials, remote);
} else {
error = reg_open_local (&h);
}
diff --git a/source4/lib/registry/tools/regshell.c b/source4/lib/registry/tools/regshell.c
index cab2c5e34b..bb7533e55e 100644
--- a/source4/lib/registry/tools/regshell.c
+++ b/source4/lib/registry/tools/regshell.c
@@ -395,7 +395,7 @@ static char **reg_completion(const char *text, int start, int end)
setup_logging("regtree", True);
if (remote) {
- error = reg_open_remote (&h, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), remote);
+ error = reg_open_remote (&h, cmdline_credentials, remote);
} else if (backend) {
error = reg_open_hive(NULL, backend, poptGetArg(pc), NULL, &curkey);
} else {
diff --git a/source4/lib/registry/tools/regtree.c b/source4/lib/registry/tools/regtree.c
index 81a7fb7f99..72cb0670de 100644
--- a/source4/lib/registry/tools/regtree.c
+++ b/source4/lib/registry/tools/regtree.c
@@ -105,7 +105,7 @@ static void print_tree(int l, struct registry_key *p, int fullpath, int novals)
setup_logging("regtree", True);
if (remote) {
- error = reg_open_remote(&h, cli_credentials_get_username(cmdline_credentials), cli_credentials_get_password(cmdline_credentials), remote);
+ error = reg_open_remote(&h, cmdline_credentials, remote);
} else if (backend) {
error = reg_open_hive(NULL, backend, poptGetArg(pc), NULL, &root);
} else {
diff --git a/source4/libcli/auth/gensec.c b/source4/libcli/auth/gensec.c
index d3fa7daae3..69de016156 100644
--- a/source4/libcli/auth/gensec.c
+++ b/source4/libcli/auth/gensec.c
@@ -511,65 +511,10 @@ BOOL gensec_have_feature(struct gensec_security *gensec_security,
*
*/
-NTSTATUS gensec_set_unparsed_username(struct gensec_security *gensec_security, const char *user)
-{
- char *p;
- char *u = talloc_strdup(gensec_security, user);
- if (!u) {
- return NT_STATUS_NO_MEMORY;
- }
-
- p = strchr_m(user, '@');
-
- if (p) {
- *p = '\0';
- gensec_security->user.name = talloc_strdup(gensec_security, u);
- if (!gensec_security->user.name) {
- return NT_STATUS_NO_MEMORY;
- }
-
- gensec_security->user.realm = talloc_strdup(gensec_security, p+1);
- if (!gensec_security->user.realm) {
- return NT_STATUS_NO_MEMORY;
- }
- return NT_STATUS_OK;
- }
-
- p = strchr_m(user, '\\');
- if (!p) {
- p = strchr_m(user, '/');
- }
-
- if (p) {
- *p = '\0';
- gensec_security->user.domain = talloc_strdup(gensec_security, u);
- if (!gensec_security->user.domain) {
- return NT_STATUS_NO_MEMORY;
- }
- gensec_security->user.name = talloc_strdup(gensec_security, p+1);
- if (!gensec_security->user.name) {
- return NT_STATUS_NO_MEMORY;
- }
-
- return NT_STATUS_OK;
- }
-
- gensec_security->user.name = u;
- if (!gensec_security->user.name) {
- return NT_STATUS_NO_MEMORY;
- }
- return NT_STATUS_OK;
-}
-
-/**
- * Set a username on a GENSEC context - ensures it is talloc()ed
- *
- */
-
NTSTATUS gensec_set_username(struct gensec_security *gensec_security, const char *user)
{
gensec_security->user.name = talloc_strdup(gensec_security, user);
- if (!gensec_security->user.name) {
+ if (user && !gensec_security->user.name) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OK;
@@ -596,7 +541,7 @@ const char *gensec_get_username(struct gensec_security *gensec_security)
NTSTATUS gensec_set_domain(struct gensec_security *gensec_security, const char *domain)
{
gensec_security->user.domain = talloc_strdup(gensec_security, domain);
- if (!gensec_security->user.domain) {
+ if (domain && !gensec_security->user.domain) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OK;
@@ -625,7 +570,7 @@ const char *gensec_get_domain(struct gensec_security *gensec_security)
NTSTATUS gensec_set_workstation(struct gensec_security *gensec_security, const char *workstation)
{
gensec_security->user.workstation = talloc_strdup(gensec_security, workstation);
- if (!gensec_security->user.workstation) {
+ if (workstation && !gensec_security->user.workstation) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OK;
@@ -653,7 +598,7 @@ const char *gensec_get_workstation(struct gensec_security *gensec_security)
NTSTATUS gensec_set_realm(struct gensec_security *gensec_security, const char *realm)
{
gensec_security->user.realm = talloc_strdup(gensec_security, realm);
- if (!gensec_security->user.realm) {
+ if (realm && !gensec_security->user.realm) {
return NT_STATUS_NO_MEMORY;
}
return NT_STATUS_OK;
diff --git a/source4/libnet/libnet_rpc.c b/source4/libnet/libnet_rpc.c
index 221ccf77ea..7e941aac76 100644
--- a/source4/libnet/libnet_rpc.c
+++ b/source4/libnet/libnet_rpc.c
@@ -101,10 +101,7 @@ static NTSTATUS libnet_rpc_connect_standard(struct libnet_context *ctx, TALLOC_C
binding,
r->standard.in.dcerpc_iface_uuid,
r->standard.in.dcerpc_iface_version,
- lp_netbios_name(),
- cli_credentials_get_domain(ctx->credentials),
- cli_credentials_get_username(ctx->credentials),
- cli_credentials_get_password(ctx->credentials));
+ ctx->credentials);
if (!NT_STATUS_IS_OK(status)) {
r->standard.out.error_string = talloc_asprintf(mem_ctx,
"dcerpc_pipe_connect to pipe %s failed with %s\n",
diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c
index ac74788ba6..c5bfe150bd 100644
--- a/source4/librpc/rpc/dcerpc_auth.c
+++ b/source4/librpc/rpc/dcerpc_auth.c
@@ -143,10 +143,7 @@ done:
*/
NTSTATUS dcerpc_bind_auth_password(struct dcerpc_pipe *p,
const char *uuid, uint_t version,
- const char *workstation,
- const char *domain,
- const char *username,
- const char *password,
+ struct cli_credentials *credentials,
uint8_t auth_type,
const char *service)
{
@@ -162,28 +159,32 @@ NTSTATUS dcerpc_bind_auth_password(struct dcerpc_pipe *p,
return status;
}
- status = gensec_set_workstation(p->conn->security_state.generic_state, workstation);
+ status = gensec_set_workstation(p->conn->security_state.generic_state,
+ cli_credentials_get_workstation(credentials));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start set GENSEC client workstation name to %s: %s\n",
- workstation, nt_errstr(status)));
+ cli_credentials_get_workstation(credentials), nt_errstr(status)));
return status;
}
- status = gensec_set_domain(p->conn->security_state.generic_state, domain);
+ status = gensec_set_domain(p->conn->security_state.generic_state,
+ cli_credentials_get_domain(credentials));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start set GENSEC client domain to %s: %s\n",
- domain, nt_errstr(status)));
+ cli_credentials_get_domain(credentials), nt_errstr(status)));
return status;
}
- status = gensec_set_username(p->conn->security_state.generic_state, username);
+ status = gensec_set_username(p->conn->security_state.generic_state,
+ cli_credentials_get_username(credentials));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start set GENSEC client username to %s: %s\n",
- username, nt_errstr(status)));
+ cli_credentials_get_username(credentials), nt_errstr(status)));
return status;
}
- status = gensec_set_password(p->conn->security_state.generic_state, password);
+ status = gensec_set_password(p->conn->security_state.generic_state,
+ cli_credentials_get_password(credentials));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Failed to start set GENSEC client password: %s\n",
nt_errstr(status)));
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c
index 170ddee1f3..bcdd1a923c 100644
--- a/source4/librpc/rpc/dcerpc_schannel.c
+++ b/source4/librpc/rpc/dcerpc_schannel.c
@@ -295,10 +295,7 @@ static NTSTATUS dcerpc_schannel_client_start(struct gensec_security *gensec_secu
get a schannel key using a netlogon challenge on a secondary pipe
*/
static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
- const char *workstation,
- const char *domain,
- const char *username,
- const char *password,
+ struct cli_credentials *credentials,
int chan_type,
struct creds_CredentialState *creds)
{
@@ -319,7 +316,7 @@ static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS;
}
- workgroup = domain;
+ workgroup = cli_credentials_get_domain(credentials);
tmp_ctx = talloc_new(NULL);
@@ -363,7 +360,7 @@ static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
step 2 - request a netlogon challenge
*/
r.in.server_name = talloc_asprintf(p, "\\\\%s", dcerpc_server_name(p));
- r.in.computer_name = workstation;
+ r.in.computer_name = cli_credentials_get_workstation(credentials);
r.in.credentials = &credentials1;
r.out.credentials = &credentials2;
@@ -377,16 +374,18 @@ static NTSTATUS dcerpc_schannel_key(struct dcerpc_pipe *p,
/*
step 3 - authenticate on the netlogon pipe
*/
- E_md4hash(password, mach_pwd.hash);
+ E_md4hash(cli_credentials_get_password(credentials), mach_pwd.hash);
creds_client_init(creds, &credentials1, &credentials2,
- workstation, domain, username,
+ cli_credentials_get_workstation(credentials),
+ cli_credentials_get_domain(credentials),
+ cli_credentials_get_username(credentials),
&mach_pwd, &credentials3,
negotiate_flags);
a.in.server_name = r.in.server_name;
- a.in.account_name = username;
+ a.in.account_name = cli_credentials_get_username(credentials);
a.in.secure_channel_type = chan_type;
- a.in.computer_name = workstation;
+ a.in.computer_name = cli_credentials_get_workstation(credentials);
a.in.negotiate_flags = &negotiate_flags;
a.out.negotiate_flags = &negotiate_flags;
a.in.credentials = &credentials3;
@@ -483,10 +482,7 @@ NTSTATUS dcerpc_bind_auth_schannel_withkey(struct dcerpc_pipe *p,
NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p,
const char *uuid, uint_t version,
- const char *workstation,
- const char *domain,
- const char *username,
- const char *password)
+ struct cli_credentials *credentials)
{
NTSTATUS status;
int chan_type = 0;
@@ -504,10 +500,7 @@ NTSTATUS dcerpc_bind_auth_schannel(struct dcerpc_pipe *p,
chan_type = SEC_CHAN_DOMAIN;
}
- status = dcerpc_schannel_key(p, domain,
- workstation,
- username,
- password,
+ status = dcerpc_schannel_key(p, credentials,
chan_type,
creds);
diff --git a/source4/librpc/rpc/dcerpc_util.c b/source4/librpc/rpc/dcerpc_util.c
index 91e6ea9397..4b245fd24d 100644
--- a/source4/librpc/rpc/dcerpc_util.c
+++ b/source4/librpc/rpc/dcerpc_util.c
@@ -796,6 +796,7 @@ NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *bind
struct epm_twr_t twr, *twr_r;
struct dcerpc_binding *epmapper_binding;
const struct dcerpc_interface_table *table = idl_iface_by_uuid(uuid);
+ struct cli_credentials *credentials;
int i;
/* First, check if there is a default endpoint specified in the IDL */
@@ -834,11 +835,13 @@ NTSTATUS dcerpc_epm_map_binding(TALLOC_CTX *mem_ctx, struct dcerpc_binding *bind
epmapper_binding->endpoint = NULL;
epmapper_binding->authservice = NULL;
+ credentials = talloc_zero(mem_ctx, struct cli_credentials);
+ cli_credentials_guess(credentials);
status = dcerpc_pipe_connect_b(&p,
epmapper_binding,
DCERPC_EPMAPPER_UUID,
DCERPC_EPMAPPER_VERSION,
- NULL, NULL, NULL, NULL);
+ credentials);
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -903,10 +906,7 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p,
struct dcerpc_binding *binding,
const char *pipe_uuid,
uint32_t pipe_version,
- const char *workstation,
- const char *domain,
- const char *username,
- const char *password)
+ struct cli_credentials *credentials)
{
NTSTATUS status;
p->conn->flags = binding->flags;
@@ -914,11 +914,11 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p,
/* remember the binding string for possible secondary connections */
p->conn->binding_string = dcerpc_binding_string(p, binding);
- if (username && username[0] && (binding->flags & DCERPC_SCHANNEL_ANY)) {
+ if (cli_credentials_is_anonymous(credentials) &&
+ (binding->flags & DCERPC_SCHANNEL_ANY)) {
status = dcerpc_bind_auth_schannel(p, pipe_uuid, pipe_version,
- domain, workstation,
- username, password);
- } else if (username && username[0]) {
+ credentials);
+ } else if (cli_credentials_is_anonymous(credentials)) {
uint8_t auth_type;
if (binding->flags & DCERPC_AUTH_SPNEGO) {
auth_type = DCERPC_AUTH_TYPE_SPNEGO;
@@ -929,10 +929,8 @@ NTSTATUS dcerpc_pipe_auth(struct dcerpc_pipe *p,
}
status = dcerpc_bind_auth_password(p, pipe_uuid, pipe_version,
- workstation,
- domain, username, password,
- auth_type,
- binding->authservice);
+ credentials, auth_type,
+ binding->authservice);
} else {
status = dcerpc_bind_auth_none(p, pipe_uuid, pipe_version);
}
@@ -950,10 +948,7 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp,
struct dcerpc_binding *binding,
const char *pipe_uuid,
uint32_t pipe_version,
- const char *workstation,
- const char *domain,
- const char *username,
- const char *password)
+ struct cli_credentials *credentials)
{
struct dcerpc_pipe *p;
NTSTATUS status;
@@ -983,18 +978,21 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp,
pipe_name = binding->endpoint;
- if (!username || !username[0] ||
+ if (cli_credentials_is_anonymous(credentials) ||
(binding->flags & DCERPC_SCHANNEL_ANY)) {
- status = smbcli_full_connection(p->conn, &cli, workstation,
+ status = smbcli_full_connection(p->conn, &cli,
+ cli_credentials_get_workstation(credentials),
binding->host,
"ipc$", NULL,
"", "", NULL);
} else {
- status = smbcli_full_connection(p->conn, &cli, workstation,
+ status = smbcli_full_connection(p->conn, &cli,
+ cli_credentials_get_workstation(credentials),
binding->host,
"ipc$", NULL,
- username, domain,
- password);
+ cli_credentials_get_username(credentials),
+ cli_credentials_get_domain(credentials),
+ cli_credentials_get_password(credentials));
}
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Failed to connect to %s - %s\n", binding->host, nt_errstr(status)));
@@ -1009,10 +1007,6 @@ static NTSTATUS dcerpc_pipe_connect_ncacn_np(struct dcerpc_pipe **pp,
return status;
}
- if (!(binding->flags & DCERPC_AUTH_OPTIONS)) {
- username = NULL;
- }
-
(*pp) = p;
talloc_free(tmp_ctx);
@@ -1156,17 +1150,13 @@ NTSTATUS dcerpc_pipe_connect_b(struct dcerpc_pipe **pp,
struct dcerpc_binding *binding,
const char *pipe_uuid,
uint32_t pipe_version,
- const char *workstation,
- const char *domain,
- const char *username,
- const char *password)
+ struct cli_credentials *credentials)
{
NTSTATUS status = NT_STATUS_INVALID_PARAMETER;
switch (binding->transport) {
case NCACN_NP:
- status = dcerpc_pipe_connect_ncacn_np(pp, binding, pipe_uuid, pipe_version,
- workstation, domain, username, password);
+ status = dcerpc_pipe_connect_ncacn_np(pp, binding, pipe_uuid, pipe_version, credentials);
break;
case NCACN_IP_TCP:
status = dcerpc_pipe_connect_ncacn_ip_tcp(pp, binding, pipe_uuid, pipe_version);
@@ -1185,7 +1175,7 @@ NTSTATUS dcerpc_pipe_connect_b(struct dcerpc_pipe **pp,
return status;
}
- status = dcerpc_pipe_auth(*pp, binding, pipe_uuid, pipe_version, workstation, domain, username, password);
+ status = dcerpc_pipe_auth(*pp, binding, pipe_uuid, pipe_version, credentials);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(*pp);
*pp = NULL;
@@ -1202,10 +1192,7 @@ NTSTATUS dcerpc_pipe_connect(struct dcerpc_pipe **pp,
const char *binding,
const char *pipe_uuid,
uint32_t pipe_version,
- const char *workstation,
- const char *domain,
- const char *username,
- const char *password)
+ struct cli_credentials *credentials)
{
struct dcerpc_binding *b;
NTSTATUS status;
@@ -1225,8 +1212,7 @@ NTSTATUS dcerpc_pipe_connect(struct dcerpc_pipe **pp,
DEBUG(3,("Using binding %s\n", dcerpc_binding_string(tmp_ctx, b)));
- status = dcerpc_pipe_connect_b(pp, b, pipe_uuid, pipe_version, workstation,
- domain, username, password);
+ status = dcerpc_pipe_connect_b(pp, b, pipe_uuid, pipe_version, credentials);
talloc_free(tmp_ctx);
diff --git a/source4/rpc_server/remote/dcesrv_remote.c b/source4/rpc_server/remote/dcesrv_remote.c
index 9ed6b5a1bd..4c25ace71e 100644
--- a/source4/rpc_server/remote/dcesrv_remote.c
+++ b/source4/rpc_server/remote/dcesrv_remote.c
@@ -31,6 +31,7 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
NTSTATUS status;
struct dcesrv_remote_private *private;
const char *binding = lp_parm_string(-1, "dcerpc_remote", "binding");
+ struct cli_credentials credentials;
if (!binding) {
DEBUG(0,("You must specify a ncacn binding string\n"));
@@ -42,11 +43,12 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
return NT_STATUS_NO_MEMORY;
}
- status = dcerpc_pipe_connect(&(private->c_pipe), binding, iface->uuid, iface->if_version,
- lp_netbios_name(),
- lp_workgroup(),
- lp_parm_string(-1, "dcerpc_remote", "username"),
- lp_parm_string(-1, "dcerpc_remote", "password"));
+ cli_credentials_set_username(&credentials, lp_parm_string(-1, "dcerpc_remote", "username"), CRED_SPECIFIED);
+ cli_credentials_set_workstation(&credentials, lp_netbios_name(), CRED_SPECIFIED);
+ cli_credentials_set_domain(&credentials, lp_workgroup(), CRED_SPECIFIED);
+ cli_credentials_set_password(&credentials, lp_parm_string(-1, "dcerpc_remote", "password"), CRED_SPECIFIED);
+
+ status = dcerpc_pipe_connect(&(private->c_pipe), binding, iface->uuid, iface->if_version, &credentials);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
diff --git a/source4/torture/com/simple.c b/source4/torture/com/simple.c
index dfc3beff4e..128d84d1c7 100644
--- a/source4/torture/com/simple.c
+++ b/source4/torture/com/simple.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "lib/com/com.h"
#include "librpc/gen_ndr/com_dcom.h"
+#include "lib/cmdline/popt_common.h"
#define DEFAULT_TRANS 4096
@@ -39,7 +40,7 @@ static BOOL test_readwrite(TALLOC_CTX *mem_ctx, const char *host)
int i;
com_init(&ctx);
- dcom_client_init(ctx, lp_parm_string(-1, "torture", "userdomain"), lp_parm_string(-1, "torture", "username"), lp_parm_string(-1, "torture", "password"));
+ dcom_client_init(ctx, cmdline_credentials);
GUID_from_string(COM_ISTREAM_UUID, &IID[0]);
GUID_from_string(COM_IUNKNOWN_UUID, &IID[1]);
diff --git a/source4/torture/ldap/basic.c b/source4/torture/ldap/basic.c
index 936a8dbe51..d0255abe01 100644
--- a/source4/torture/ldap/basic.c
+++ b/source4/torture/ldap/basic.c
@@ -23,6 +23,7 @@
#include "includes.h"
#include "libcli/ldap/ldap.h"
+#include "lib/cmdline/popt_common.h"
BOOL test_bind_simple(struct ldap_connection *conn, const char *userdn, const char *password)
{
@@ -188,9 +189,9 @@ BOOL torture_ldap_basic(void)
TALLOC_CTX *mem_ctx;
BOOL ret = True;
const char *host = lp_parm_string(-1, "torture", "host");
- const char *username = lp_parm_string(-1, "torture", "username");
- const char *domain = lp_parm_string(-1, "torture", "userdomain");
- const char *password = lp_parm_string(-1, "torture", "password");
+ const char *username = cli_credentials_get_username(cmdline_credentials);
+ const char *domain = cli_credentials_get_domain(cmdline_credentials);
+ const char *password = cli_credentials_get_password(cmdline_credentials);
const char *userdn = lp_parm_string(-1, "torture", "ldap_userdn");
/*const char *basedn = lp_parm_string(-1, "torture", "ldap_basedn");*/
const char *secret = lp_parm_string(-1, "torture", "ldap_secret");
diff --git a/source4/torture/raw/composite.c b/source4/torture/raw/composite.c
index 9a0f924bfc..b9c7609b5f 100644
--- a/source4/torture/raw/composite.c
+++ b/source4/torture/raw/composite.c
@@ -24,6 +24,7 @@
#include "lib/events/events.h"
#include "libcli/raw/libcliraw.h"
#include "libcli/composite/composite.h"
+#include "lib/cmdline/popt_common.h"
#define BASEDIR "\\composite"
@@ -149,9 +150,10 @@ static BOOL test_fetchfile(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
io2.in.calling_name = lp_netbios_name();
io2.in.service = lp_parm_string(-1, "torture", "share");
io2.in.service_type = "A:";
- io2.in.user = lp_parm_string(-1, "torture", "username");
- io2.in.domain = lp_parm_string(-1, "torture", "userdomain");
- io2.in.password = lp_parm_string(-1, "torture", "password");
+
+ io2.in.user = cli_credentials_get_username(cmdline_credentials);
+ io2.in.domain = cli_credentials_get_domain(cmdline_credentials);
+ io2.in.password = cli_credentials_get_password(cmdline_credentials);
io2.in.filename = fname;
printf("testing parallel fetchfile with %d ops\n", torture_numops);
diff --git a/source4/torture/raw/context.c b/source4/torture/raw/context.c
index cdf8388e93..3eb848eebd 100644
--- a/source4/torture/raw/context.c
+++ b/source4/torture/raw/context.c
@@ -22,6 +22,7 @@
#include "libcli/raw/libcliraw.h"
#include "librpc/gen_ndr/ndr_security.h"
#include "libcli/composite/composite.h"
+#include "lib/cmdline/popt_common.h"
#define BASEDIR "\\rawcontext"
@@ -57,7 +58,6 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
{
NTSTATUS status;
BOOL ret = True;
- const char *username, *domain, *password;
struct smbcli_session *session;
struct smbcli_session *session2;
struct smbcli_session *session3;
@@ -76,18 +76,14 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
return False;
}
- username = lp_parm_string(-1, "torture", "username");
- password = lp_parm_string(-1, "torture", "password");
- domain = lp_parm_string(-1, "torture", "userdomain");
-
printf("create a second security context on the same transport\n");
session = smbcli_session_init(cli->transport, mem_ctx, False);
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
- setup.in.password = password;
- setup.in.user = username;
- setup.in.domain = domain;
+ setup.in.password = cli_credentials_get_password(cmdline_credentials);
+ setup.in.user = cli_credentials_get_username(cmdline_credentials);
+ setup.in.domain = cli_credentials_get_domain(cmdline_credentials);
status = smb_composite_sesssetup(session, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
@@ -100,9 +96,10 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
session2->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = cli->transport->negotiate.capabilities; /* ignored in secondary session setup, except by our libs, which care about the extended security bit */
- setup.in.password = password;
- setup.in.user = username;
- setup.in.domain = domain;
+
+ setup.in.password = cli_credentials_get_password(cmdline_credentials);
+ setup.in.user = cli_credentials_get_username(cmdline_credentials);
+ setup.in.domain = cli_credentials_get_domain(cmdline_credentials);
status = smb_composite_sesssetup(session2, &setup);
CHECK_STATUS(status, NT_STATUS_OK);
@@ -120,9 +117,11 @@ static BOOL test_session(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
session3->vuid = session->vuid;
setup.in.sesskey = cli->transport->negotiate.sesskey;
setup.in.capabilities = 0; /* force a non extended security login (should fail) */
- setup.in.password = password;
- setup.in.user = username;
- setup.in.domain = domain;
+
+
+ setup.in.password = cli_credentials_get_password(cmdline_credentials);
+ setup.in.user = cli_credentials_get_username(cmdline_credentials);
+ setup.in.domain = cli_credentials_get_domain(cmdline_credentials);
status = smb_composite_sesssetup(session3, &setup);
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
diff --git a/source4/torture/rpc/bind.c b/source4/torture/rpc/bind.c
index 3eb02c31eb..71eaec4f92 100644
--- a/source4/torture/rpc/bind.c
+++ b/source4/torture/rpc/bind.c
@@ -23,6 +23,7 @@
#include "includes.h"
#include "librpc/gen_ndr/ndr_lsa.h"
+#include "lib/cmdline/popt_common.h"
/*
This test is 'bogus' in that it doesn't actually perform to the
@@ -37,10 +38,6 @@
BOOL torture_multi_bind(void)
{
struct dcerpc_pipe *p;
- const char *workstation = lp_netbios_name();
- const char *domain = lp_parm_string(-1, "torture", "userdomain");
- const char *username = lp_parm_string(-1, "torture", "username");
- const char *password = lp_parm_string(-1, "torture", "password");
const char *pipe_uuid = DCERPC_LSARPC_UUID;
uint32_t pipe_version = DCERPC_LSARPC_VERSION;
struct dcerpc_binding *binding;
@@ -68,7 +65,7 @@ BOOL torture_multi_bind(void)
}
status = dcerpc_pipe_auth(p, binding, pipe_uuid, pipe_version,
- workstation, domain, username, password);
+ cmdline_credentials);
if (NT_STATUS_IS_OK(status)) {
printf("(incorrectly) allowed re-bind to uuid %s - %s\n",
diff --git a/source4/torture/rpc/samlogon.c b/source4/torture/rpc/samlogon.c
index e08eaca22e..1ee8f36b8e 100644
--- a/source4/torture/rpc/samlogon.c
+++ b/source4/torture/rpc/samlogon.c
@@ -26,6 +26,7 @@
#include "librpc/gen_ndr/ndr_netlogon.h"
#include "auth/auth.h"
#include "lib/crypto/crypto.h"
+#include "lib/cmdline/popt_common.h"
#define TEST_MACHINE_NAME "samlogontest"
#define TEST_USER_NAME "samlogontestuser"
@@ -1215,6 +1216,7 @@ BOOL torture_rpc_samlogon(void)
NTSTATUS status;
struct dcerpc_pipe *p;
struct dcerpc_binding *b;
+ struct cli_credentials credentials;
TALLOC_CTX *mem_ctx = talloc_init("torture_rpc_netlogon");
BOOL ret = True;
struct test_join *join_ctx;
@@ -1245,27 +1247,29 @@ BOOL torture_rpc_samlogon(void)
BOOL network_login;
} usercreds[] = {
{
- lp_parm_string(-1, "torture", "userdomain"),
- lp_parm_string(-1, "torture", "username"),
- lp_parm_string(-1, "torture", "password"),
+ cli_credentials_get_domain(cmdline_credentials),
+ cli_credentials_get_username(cmdline_credentials),
+ cli_credentials_get_password(cmdline_credentials),
True
},
{
NULL,
talloc_asprintf(mem_ctx,
"%s@%s",
- lp_parm_string(-1, "torture", "username"),
- lp_parm_string(-1, "torture", "userdomain")),
- lp_parm_string(-1, "torture", "password"),
+ cli_credentials_get_domain(cmdline_credentials),
+ cli_credentials_get_username(cmdline_credentials)
+ ),
+ cli_credentials_get_password(cmdline_credentials),
False
},
{
NULL,
talloc_asprintf(mem_ctx,
"%s@%s",
- lp_parm_string(-1, "torture", "username"),
- lp_realm()),
- lp_parm_string(-1, "torture", "password"),
+ cli_credentials_get_username(cmdline_credentials),
+ cli_credentials_get_realm(cmdline_credentials)
+ ),
+ cli_credentials_get_password(cmdline_credentials),
True
},
#if 0
@@ -1334,13 +1338,15 @@ BOOL torture_rpc_samlogon(void)
b->flags &= ~DCERPC_AUTH_OPTIONS;
b->flags |= DCERPC_SCHANNEL_WORKSTATION | DCERPC_SIGN | DCERPC_SCHANNEL_128;
+ cli_credentials_set_workstation(&credentials, TEST_MACHINE_NAME, CRED_SPECIFIED);
+ cli_credentials_set_domain(&credentials, lp_workgroup(), CRED_SPECIFIED);
+ cli_credentials_set_username(&credentials, test_machine_account, CRED_SPECIFIED);
+ cli_credentials_set_password(&credentials, machine_password, CRED_SPECIFIED);
+
status = dcerpc_pipe_connect_b(&p, b,
DCERPC_NETLOGON_UUID,
DCERPC_NETLOGON_VERSION,
- TEST_MACHINE_NAME,
- lp_workgroup(),
- test_machine_account,
- machine_password);
+ &credentials);
if (!NT_STATUS_IS_OK(status)) {
ret = False;
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 505e331d19..b92752227c 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -1295,6 +1295,7 @@ BOOL torture_rpc_samsync(void)
struct lsa_ObjectAttribute attr;
struct lsa_QosInfo qos;
struct lsa_OpenPolicy2 r;
+ struct cli_credentials credentials;
struct samsync_state *samsync_state;
@@ -1418,13 +1419,15 @@ BOOL torture_rpc_samsync(void)
b->flags &= ~DCERPC_AUTH_OPTIONS;
b->flags |= DCERPC_SCHANNEL_BDC | DCERPC_SIGN;
+ cli_credentials_set_workstation(&credentials, TEST_MACHINE_NAME, CRED_SPECIFIED);
+ cli_credentials_set_domain(&credentials, lp_workgroup(), CRED_SPECIFIED);
+ cli_credentials_set_username(&credentials, test_machine_account, CRED_SPECIFIED);
+ cli_credentials_set_password(&credentials, machine_password, CRED_SPECIFIED);
+
status = dcerpc_pipe_connect_b(&samsync_state->p, b,
DCERPC_NETLOGON_UUID,
DCERPC_NETLOGON_VERSION,
- TEST_MACHINE_NAME,
- lp_workgroup(),
- test_machine_account,
- machine_password);
+ &credentials);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to connect to server as a BDC: %s\n", nt_errstr(status));
@@ -1449,14 +1452,15 @@ BOOL torture_rpc_samsync(void)
b_netlogon_wksta->flags &= ~DCERPC_AUTH_OPTIONS;
b_netlogon_wksta->flags |= DCERPC_SCHANNEL_WORKSTATION | DCERPC_SIGN;
+ cli_credentials_set_workstation(&credentials, TEST_WKSTA_MACHINE_NAME, CRED_SPECIFIED);
+ cli_credentials_set_username(&credentials, test_wksta_machine_account, CRED_SPECIFIED);
+ cli_credentials_set_password(&credentials, wksta_machine_password, CRED_SPECIFIED);
+
status = dcerpc_pipe_connect_b(&samsync_state->p_netlogon_wksta,
b_netlogon_wksta,
DCERPC_NETLOGON_UUID,
DCERPC_NETLOGON_VERSION,
- TEST_WKSTA_MACHINE_NAME,
- lp_workgroup(),
- test_wksta_machine_account,
- wksta_machine_password);
+ &credentials);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to connect to server as a Workstation: %s\n", nt_errstr(status));
diff --git a/source4/torture/rpc/schannel.c b/source4/torture/rpc/schannel.c
index 1b10e2a4f2..f572933bf5 100644
--- a/source4/torture/rpc/schannel.c
+++ b/source4/torture/rpc/schannel.c
@@ -127,6 +127,7 @@ static BOOL test_schannel(TALLOC_CTX *mem_ctx,
struct dcerpc_pipe *p = NULL;
struct dcerpc_pipe *p_netlogon = NULL;
struct creds_CredentialState *creds;
+ struct cli_credentials credentials;
char *test_machine_account = talloc_asprintf(NULL, "%s$", TEST_MACHINE_NAME);
join_ctx = torture_create_testuser(test_machine_account, lp_workgroup(),
@@ -145,13 +146,14 @@ static BOOL test_schannel(TALLOC_CTX *mem_ctx,
b->flags &= ~DCERPC_AUTH_OPTIONS;
b->flags |= dcerpc_flags;
+ cli_credentials_set_domain(&credentials, lp_workgroup(), CRED_SPECIFIED);
+ cli_credentials_set_workstation(&credentials, TEST_MACHINE_NAME, CRED_SPECIFIED);
+ cli_credentials_set_username(&credentials, test_machine_account, CRED_SPECIFIED);
+ cli_credentials_set_password(&credentials, machine_password, CRED_SPECIFIED);
status = dcerpc_pipe_connect_b(&p, b,
DCERPC_SAMR_UUID,
DCERPC_SAMR_VERSION,
- TEST_MACHINE_NAME,
- lp_workgroup(),
- test_machine_account,
- machine_password);
+ &credentials);
if (!NT_STATUS_IS_OK(status)) {
printf("Failed to connect with schannel: %s\n", nt_errstr(status));
goto failed;
diff --git a/source4/torture/torture.c b/source4/torture/torture.c
index c7762f1b8a..dce91452f1 100644
--- a/source4/torture/torture.c
+++ b/source4/torture/torture.c
@@ -80,9 +80,9 @@ BOOL torture_open_connection_share(struct smbcli_state **c,
const char *sharename)
{
NTSTATUS status;
- const char *username = lp_parm_string(-1, "torture", "username");
- const char *userdomain = lp_parm_string(-1, "torture", "userdomain");
- const char *password = lp_parm_string(-1, "torture", "password");
+ const char *username = cli_credentials_get_username(cmdline_credentials);
+ const char *userdomain = cli_credentials_get_domain(cmdline_credentials);
+ const char *password = cli_credentials_get_password(cmdline_credentials);
status = smbcli_full_connection(NULL,
c, lp_netbios_name(),
@@ -138,10 +138,7 @@ NTSTATUS torture_rpc_connection(struct dcerpc_pipe **p,
}
status = dcerpc_pipe_connect(p, binding, pipe_uuid, pipe_version,
- lp_netbios_name(),
- lp_parm_string(-1, "torture", "userdomain"),
- lp_parm_string(-1, "torture", "username"),
- lp_parm_string(-1, "torture", "password"));
+ cmdline_credentials);
return status;
}
@@ -173,10 +170,8 @@ NTSTATUS torture_rpc_connection_transport(struct dcerpc_pipe **p,
b->transport = transport;
status = dcerpc_pipe_connect_b(p, b, pipe_uuid, pipe_version,
- lp_netbios_name(),
- lp_parm_string(-1, "torture", "userdomain"),
- lp_parm_string(-1, "torture", "username"),
- lp_parm_string(-1, "torture", "password"));
+ cmdline_credentials);
+
return status;
}
@@ -731,9 +726,9 @@ static BOOL run_tcon_devtype_test(void)
BOOL ret = True;
const char *host = lp_parm_string(-1, "torture", "host");
const char *share = lp_parm_string(-1, "torture", "share");
- const char *username = lp_parm_string(-1, "torture", "username");
- const char *userdomain = lp_parm_string(-1, "torture", "userdomain");
- const char *password = lp_parm_string(-1, "torture", "password");
+ const char *username = cli_credentials_get_username(cmdline_credentials);
+ const char *userdomain = cli_credentials_get_domain(cmdline_credentials);
+ const char *password = cli_credentials_get_password(cmdline_credentials);
status = smbcli_full_connection(NULL,
&cli1, lp_netbios_name(),
@@ -2728,25 +2723,6 @@ static BOOL is_binding_string(const char *binding_string)
lp_set_cmdline("torture:binding", binding);
}
- if (!lp_parm_string(-1,"torture","username")) {
- lp_set_cmdline("torture:username", cli_credentials_get_username(cmdline_credentials));
- }
- if (!lp_parm_string(-1,"torture","userdomain")) {
- /*
- * backward compatibility
- * maybe we should remove this to make this consistent
- * for all cmdline tools
- * --metze
- */
- if (strequal(lp_netbios_name(),cli_credentials_get_domain(cmdline_credentials))) {
- cli_credentials_set_domain(cmdline_credentials, lp_workgroup(), CRED_SPECIFIED);
- }
- lp_set_cmdline("torture:userdomain", cli_credentials_get_domain(cmdline_credentials));
- }
- if (!lp_parm_string(-1,"torture","password")) {
- lp_set_cmdline("torture:password", cli_credentials_get_password(cmdline_credentials));
- }
-
if (argc_new == 0) {
printf("You must specify a test to run, or 'ALL'\n");
} else {