summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h12
-rw-r--r--source3/libnet/libnet_join.c10
-rw-r--r--source3/rpc_client/cli_pipe.c58
-rw-r--r--source3/utils/net_rpc_join.c21
-rw-r--r--source3/winbindd/winbindd_cm.c30
5 files changed, 64 insertions, 67 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 822e2e07bc..98b2166984 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -7122,12 +7122,12 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli,
const char *domain,
uint32 *pneg_flags,
struct rpc_pipe_client **presult);
-struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
- int pipe_idx,
- enum pipe_auth_level auth_level,
- const char *domain,
- const struct dcinfo *pdc,
- NTSTATUS *perr);
+NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
+ const struct ndr_syntax_id *interface,
+ enum pipe_auth_level auth_level,
+ const char *domain,
+ const struct dcinfo *pdc,
+ struct rpc_pipe_client **presult);
struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
int pipe_idx,
enum pipe_auth_level auth_level,
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index a095cb2dfa..814eebafd0 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -1044,15 +1044,13 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name,
return NT_STATUS_OK;
}
- pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON,
- PIPE_AUTH_LEVEL_PRIVACY,
- netbios_domain_name,
- netlogon_pipe->dc,
- &status);
+ status = cli_rpc_pipe_open_schannel_with_key(
+ cli, &ndr_table_netlogon.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+ netbios_domain_name, netlogon_pipe->dc, &pipe_hnd);
cli_shutdown(cli);
- if (!pipe_hnd) {
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("libnet_join_ok: failed to open schannel session "
"on netlogon pipe to server %s for domain %s. "
"Error was %s\n",
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 1825174803..abafa0ff26 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -3234,37 +3234,38 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli,
using session_key. sign and seal.
****************************************************************************/
-struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
- int pipe_idx,
- enum pipe_auth_level auth_level,
- const char *domain,
- const struct dcinfo *pdc,
- NTSTATUS *perr)
+NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
+ const struct ndr_syntax_id *interface,
+ enum pipe_auth_level auth_level,
+ const char *domain,
+ const struct dcinfo *pdc,
+ struct rpc_pipe_client **presult)
{
struct rpc_pipe_client *result;
struct cli_pipe_auth_data *auth;
+ NTSTATUS status;
- *perr = cli_rpc_pipe_open(cli, pipe_names[pipe_idx].abstr_syntax,
- &result);
- if (!NT_STATUS_IS_OK(*perr)) {
- return NULL;
+ status = cli_rpc_pipe_open(cli, interface, &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
- *perr = rpccli_schannel_bind_data(result, domain, auth_level,
- pdc->sess_key, &auth);
- if (!NT_STATUS_IS_OK(*perr)) {
+ status = rpccli_schannel_bind_data(result, domain, auth_level,
+ pdc->sess_key, &auth);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("rpccli_schannel_bind_data returned %s\n",
- nt_errstr(*perr)));
+ nt_errstr(status)));
TALLOC_FREE(result);
- return NULL;
+ return status;
}
- *perr = rpc_pipe_bind(result, auth);
- if (!NT_STATUS_IS_OK(*perr)) {
- DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: cli_rpc_pipe_bind failed with error %s\n",
- nt_errstr(*perr) ));
+ status = rpc_pipe_bind(result, auth);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: "
+ "cli_rpc_pipe_bind failed with error %s\n",
+ nt_errstr(status) ));
TALLOC_FREE(result);
- return NULL;
+ return status;
}
/*
@@ -3275,7 +3276,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cl
if (result->dc == NULL) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(result);
- return NULL;
+ return NT_STATUS_NO_MEMORY;
}
DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s "
@@ -3283,7 +3284,8 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cl
"and bound using schannel.\n",
result->trans.np.pipe_name, cli->desthost, domain ));
- return result;
+ *presult = result;
+ return NT_STATUS_OK;
}
/****************************************************************************
@@ -3347,9 +3349,9 @@ struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state
return NULL;
}
- result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx,
- auth_level,
- domain, netlogon_pipe->dc, perr);
+ *perr = cli_rpc_pipe_open_schannel_with_key(
+ cli, cli_get_iface(pipe_idx), auth_level,
+ domain, netlogon_pipe->dc, &result);
/* Now we've bound using the session key we can close the netlog pipe. */
TALLOC_FREE(netlogon_pipe);
@@ -3381,9 +3383,9 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli,
return NULL;
}
- result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx,
- auth_level,
- domain, netlogon_pipe->dc, perr);
+ *perr = cli_rpc_pipe_open_schannel_with_key(
+ cli, cli_get_iface(pipe_idx), auth_level,
+ domain, netlogon_pipe->dc, &result);
/* Now we've bound using the session key we can close the netlog pipe. */
TALLOC_FREE(netlogon_pipe);
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index 2599c28e9c..f63cb14b7e 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -99,11 +99,11 @@ NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain,
return ntret;
}
- pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON,
- PIPE_AUTH_LEVEL_PRIVACY,
- domain, netlogon_pipe->dc, &ntret);
+ ntret = cli_rpc_pipe_open_schannel_with_key(
+ cli, &ndr_table_netlogon.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+ domain, netlogon_pipe->dc, &pipe_hnd);
- if (!pipe_hnd) {
+ if (!NT_STATUS_IS_OK(ntret)) {
DEBUG(0,("net_rpc_join_ok: failed to open schannel session "
"on netlogon pipe to server %s for domain %s. Error was %s\n",
cli->desthost, domain, nt_errstr(ntret) ));
@@ -413,13 +413,12 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
do the same again (setup creds) in net_rpc_join_ok(). JRA. */
if (lp_client_schannel() && (neg_flags & NETLOGON_NEG_SCHANNEL)) {
- struct rpc_pipe_client *netlogon_schannel_pipe =
- cli_rpc_pipe_open_schannel_with_key(cli,
- PI_NETLOGON,
- PIPE_AUTH_LEVEL_PRIVACY,
- domain,
- pipe_hnd->dc,
- &result);
+ struct rpc_pipe_client *netlogon_schannel_pipe;
+
+ result = cli_rpc_pipe_open_schannel_with_key(
+ cli, &ndr_table_netlogon.syntax_id,
+ PIPE_AUTH_LEVEL_PRIVACY, domain, pipe_hnd->dc,
+ &netlogon_schannel_pipe);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0, ("Error in domain join verification (schannel setup failed): %s\n\n",
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 340dc2381d..b3f8950691 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2006,11 +2006,11 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
"for domain %s, trying anon\n", domain->name));
goto anonymous;
}
- conn->samr_pipe = cli_rpc_pipe_open_schannel_with_key
- (conn->cli, PI_SAMR, PIPE_AUTH_LEVEL_PRIVACY,
- domain->name, p_dcinfo, &result);
+ result = cli_rpc_pipe_open_schannel_with_key
+ (conn->cli, &ndr_table_samr.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+ domain->name, p_dcinfo, &conn->samr_pipe);
- if (conn->samr_pipe == NULL) {
+ if (!NT_STATUS_IS_OK(result)) {
DEBUG(10,("cm_connect_sam: failed to connect to SAMR pipe for "
"domain %s using schannel. Error was %s\n",
domain->name, nt_errstr(result) ));
@@ -2144,11 +2144,12 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
"for domain %s, trying anon\n", domain->name));
goto anonymous;
}
- conn->lsa_pipe = cli_rpc_pipe_open_schannel_with_key
- (conn->cli, PI_LSARPC, PIPE_AUTH_LEVEL_PRIVACY,
- domain->name, p_dcinfo, &result);
+ result = cli_rpc_pipe_open_schannel_with_key
+ (conn->cli, &ndr_table_lsarpc.syntax_id,
+ PIPE_AUTH_LEVEL_PRIVACY,
+ domain->name, p_dcinfo, &conn->lsa_pipe);
- if (conn->lsa_pipe == NULL) {
+ if (!NT_STATUS_IS_OK(result)) {
DEBUG(10,("cm_connect_lsa: failed to connect to LSA pipe for "
"domain %s using schannel. Error was %s\n",
domain->name, nt_errstr(result) ));
@@ -2290,18 +2291,15 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
part of the new pipe auth struct.
*/
- conn->netlogon_pipe =
- cli_rpc_pipe_open_schannel_with_key(conn->cli,
- PI_NETLOGON,
- PIPE_AUTH_LEVEL_PRIVACY,
- domain->name,
- netlogon_pipe->dc,
- &result);
+ result = cli_rpc_pipe_open_schannel_with_key(
+ conn->cli, &ndr_table_netlogon.syntax_id,
+ PIPE_AUTH_LEVEL_PRIVACY, domain->name, netlogon_pipe->dc,
+ &conn->netlogon_pipe);
/* We can now close the initial netlogon pipe. */
TALLOC_FREE(netlogon_pipe);
- if (conn->netlogon_pipe == NULL) {
+ if (!NT_STATUS_IS_OK(result)) {
DEBUG(3, ("Could not open schannel'ed NETLOGON pipe. Error "
"was %s\n", nt_errstr(result)));