summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/rpc_server/dcerpc_server.h3
-rw-r--r--source4/rpc_server/remote/dcesrv_remote.c42
2 files changed, 39 insertions, 6 deletions
diff --git a/source4/rpc_server/dcerpc_server.h b/source4/rpc_server/dcerpc_server.h
index d273f6eca9..3a9c8feb75 100644
--- a/source4/rpc_server/dcerpc_server.h
+++ b/source4/rpc_server/dcerpc_server.h
@@ -260,6 +260,9 @@ struct dcesrv_assoc_group {
/* parent context */
struct dcesrv_context *dce_ctx;
+
+ /* Remote association group ID (if proxied) */
+ uint32_t proxied_id;
};
/* server-wide context information for the dcerpc server */
diff --git a/source4/rpc_server/remote/dcesrv_remote.c b/source4/rpc_server/remote/dcesrv_remote.c
index e20e87b326..9c4174be96 100644
--- a/source4/rpc_server/remote/dcesrv_remote.c
+++ b/source4/rpc_server/remote/dcesrv_remote.c
@@ -3,7 +3,9 @@
remote dcerpc operations
Copyright (C) Stefan (metze) Metzmacher 2004
-
+ Copyright (C) Julien Kerihuel 2008-2009
+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2010
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
@@ -43,7 +45,10 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
const char *binding = lp_parm_string(dce_call->conn->dce_ctx->lp_ctx, NULL, "dcerpc_remote", "binding");
const char *user, *pass, *domain;
struct cli_credentials *credentials;
+ bool must_free_credentials = true;
bool machine_account;
+ struct dcerpc_binding *b;
+ struct composite_context *pipe_conn_req;
machine_account = lp_parm_bool(dce_call->conn->dce_ctx->lp_ctx, NULL, "dcerpc_remote", "use_machine_account", false);
@@ -96,17 +101,42 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
} else if (dce_call->conn->auth_state.session_info->credentials) {
DEBUG(5, ("dcerpc_remote: RPC Proxy: Using delegated credentials\n"));
credentials = dce_call->conn->auth_state.session_info->credentials;
+ must_free_credentials = false;
} else {
DEBUG(1,("dcerpc_remote: RPC Proxy: You must supply binding, user and password or have delegated credentials\n"));
return NT_STATUS_INVALID_PARAMETER;
}
- status = dcerpc_pipe_connect(priv,
- &(priv->c_pipe), binding, table,
- credentials, dce_call->event_ctx,
- dce_call->conn->dce_ctx->lp_ctx);
+ /* parse binding string to the structure */
+ status = dcerpc_parse_binding(dce_call->context, binding, &b);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("Failed to parse dcerpc binding '%s'\n", binding));
+ return status;
+ }
+
+ DEBUG(3, ("Using binding %s\n", dcerpc_binding_string(dce_call->context, b)));
+
+ /* If we already have a remote association group ID, then use that */
+ if (dce_call->context->assoc_group->proxied_id != 0) {
+ b->assoc_group_id = dce_call->context->assoc_group->proxied_id;
+ }
+
+ pipe_conn_req = dcerpc_pipe_connect_b_send(dce_call->context, b, table,
+ credentials, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx);
+ status = dcerpc_pipe_connect_b_recv(pipe_conn_req, dce_call->context, &(priv->c_pipe));
+
+ if (must_free_credentials) {
+ talloc_free(credentials);
+ }
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ if (dce_call->context->assoc_group->proxied_id == 0) {
+ dce_call->context->assoc_group->proxied_id = priv->c_pipe->assoc_group_id;
+ }
- talloc_free(credentials);
if (!NT_STATUS_IS_OK(status)) {
return status;
}