diff options
| author | Stefan Metzmacher <metze@samba.org> | 2013-09-20 04:16:00 +0200 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2013-10-17 08:49:00 +1300 |
| commit | a62927ef882a5ed7bee1c737c44dd29b13e724e0 (patch) | |
| tree | fd244f52dc5bba7fff3a289903f5cd741782993b /source4 | |
| parent | 300a186a7123966d4d47fc1730014ea97cf97049 (diff) | |
| download | samba-a62927ef882a5ed7bee1c737c44dd29b13e724e0.tar.gz samba-a62927ef882a5ed7bee1c737c44dd29b13e724e0.tar.bz2 samba-a62927ef882a5ed7bee1c737c44dd29b13e724e0.zip | |
s4:librpc: let dcerpc_schannel_key_recv() return netlogon_creds_CredentialState
cli_credentials_set_netlogon_creds() should only be used directly before
a DCERPC bind in order to pass the session information to the
gensec layer.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/librpc/rpc/dcerpc_schannel.c | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c index cd62508edd..c4bedfa913 100644 --- a/source4/librpc/rpc/dcerpc_schannel.c +++ b/source4/librpc/rpc/dcerpc_schannel.c @@ -296,9 +296,6 @@ static void continue_srv_auth2(struct tevent_req *subreq) return; } - /* setup current netlogon credentials */ - cli_credentials_set_netlogon_creds(s->credentials, s->creds); - composite_done(c); } @@ -369,10 +366,19 @@ static struct composite_context *dcerpc_schannel_key_send(TALLOC_CTX *mem_ctx, /* Receive result of schannel key request */ -static NTSTATUS dcerpc_schannel_key_recv(struct composite_context *c) +static NTSTATUS dcerpc_schannel_key_recv(struct composite_context *c, + TALLOC_CTX *mem_ctx, + struct netlogon_creds_CredentialState **creds) { NTSTATUS status = composite_wait(c); - + + if (NT_STATUS_IS_OK(status)) { + struct schannel_key_state *s = + talloc_get_type_abort(c->private_data, + struct schannel_key_state); + *creds = talloc_move(mem_ctx, &s->creds); + } + talloc_free(c); return status; } @@ -410,13 +416,15 @@ static void continue_schannel_key(struct composite_context *ctx) NTSTATUS status; /* receive schannel key */ - status = c->status = dcerpc_schannel_key_recv(ctx); + status = c->status = dcerpc_schannel_key_recv(ctx, s, &s->creds_state); if (!composite_is_ok(c)) { DEBUG(1, ("Failed to setup credentials: %s\n", nt_errstr(status))); return; } /* send bind auth request with received creds */ + cli_credentials_set_netlogon_creds(s->credentials, s->creds_state); + auth_req = dcerpc_bind_auth_send(c, s->pipe, s->table, s->credentials, lpcfg_gensec_settings(c, s->lp_ctx), DCERPC_AUTH_TYPE_SCHANNEL, s->auth_level, @@ -447,9 +455,6 @@ static void continue_bind_auth(struct composite_context *ctx) &ndr_table_netlogon.syntax_id)) { ZERO_STRUCT(s->return_auth); - s->creds_state = cli_credentials_get_netlogon_creds(s->credentials); - if (composite_nomem(s->creds_state, c)) return; - s->save_creds_state = *s->creds_state; netlogon_creds_client_authenticator(&s->save_creds_state, &s->auth); @@ -528,6 +533,7 @@ static void continue_get_capabilities(struct tevent_req *subreq) } *s->creds_state = s->save_creds_state; + cli_credentials_set_netlogon_creds(s->credentials, s->creds_state); if (!NT_STATUS_IS_OK(s->c.out.result)) { composite_error(c, s->c.out.result); |