diff options
-rw-r--r-- | source3/include/proto.h | 12 | ||||
-rw-r--r-- | source3/libnet/libnet_join.c | 10 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 58 | ||||
-rw-r--r-- | source3/utils/net_rpc_join.c | 21 | ||||
-rw-r--r-- | source3/winbindd/winbindd_cm.c | 30 |
5 files changed, 64 insertions, 67 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 822e2e07bc..98b2166984 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7122,12 +7122,12 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli, const char *domain, uint32 *pneg_flags, struct rpc_pipe_client **presult); -struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_level auth_level, - const char *domain, - const struct dcinfo *pdc, - NTSTATUS *perr); +NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_level auth_level, + const char *domain, + const struct dcinfo *pdc, + struct rpc_pipe_client **presult); struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, int pipe_idx, enum pipe_auth_level auth_level, diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index a095cb2dfa..814eebafd0 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1044,15 +1044,13 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name, return NT_STATUS_OK; } - pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON, - PIPE_AUTH_LEVEL_PRIVACY, - netbios_domain_name, - netlogon_pipe->dc, - &status); + status = cli_rpc_pipe_open_schannel_with_key( + cli, &ndr_table_netlogon.syntax_id, PIPE_AUTH_LEVEL_PRIVACY, + netbios_domain_name, netlogon_pipe->dc, &pipe_hnd); cli_shutdown(cli); - if (!pipe_hnd) { + if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("libnet_join_ok: failed to open schannel session " "on netlogon pipe to server %s for domain %s. " "Error was %s\n", diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 1825174803..abafa0ff26 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -3234,37 +3234,38 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli, using session_key. sign and seal. ****************************************************************************/ -struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_level auth_level, - const char *domain, - const struct dcinfo *pdc, - NTSTATUS *perr) +NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_level auth_level, + const char *domain, + const struct dcinfo *pdc, + struct rpc_pipe_client **presult) { struct rpc_pipe_client *result; struct cli_pipe_auth_data *auth; + NTSTATUS status; - *perr = cli_rpc_pipe_open(cli, pipe_names[pipe_idx].abstr_syntax, - &result); - if (!NT_STATUS_IS_OK(*perr)) { - return NULL; + status = cli_rpc_pipe_open(cli, interface, &result); + if (!NT_STATUS_IS_OK(status)) { + return status; } - *perr = rpccli_schannel_bind_data(result, domain, auth_level, - pdc->sess_key, &auth); - if (!NT_STATUS_IS_OK(*perr)) { + status = rpccli_schannel_bind_data(result, domain, auth_level, + pdc->sess_key, &auth); + if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("rpccli_schannel_bind_data returned %s\n", - nt_errstr(*perr))); + nt_errstr(status))); TALLOC_FREE(result); - return NULL; + return status; } - *perr = rpc_pipe_bind(result, auth); - if (!NT_STATUS_IS_OK(*perr)) { - DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: cli_rpc_pipe_bind failed with error %s\n", - nt_errstr(*perr) )); + status = rpc_pipe_bind(result, auth); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: " + "cli_rpc_pipe_bind failed with error %s\n", + nt_errstr(status) )); TALLOC_FREE(result); - return NULL; + return status; } /* @@ -3275,7 +3276,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cl if (result->dc == NULL) { DEBUG(0, ("talloc failed\n")); TALLOC_FREE(result); - return NULL; + return NT_STATUS_NO_MEMORY; } DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s " @@ -3283,7 +3284,8 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cl "and bound using schannel.\n", result->trans.np.pipe_name, cli->desthost, domain )); - return result; + *presult = result; + return NT_STATUS_OK; } /**************************************************************************** @@ -3347,9 +3349,9 @@ struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state return NULL; } - result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx, - auth_level, - domain, netlogon_pipe->dc, perr); + *perr = cli_rpc_pipe_open_schannel_with_key( + cli, cli_get_iface(pipe_idx), auth_level, + domain, netlogon_pipe->dc, &result); /* Now we've bound using the session key we can close the netlog pipe. */ TALLOC_FREE(netlogon_pipe); @@ -3381,9 +3383,9 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli, return NULL; } - result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx, - auth_level, - domain, netlogon_pipe->dc, perr); + *perr = cli_rpc_pipe_open_schannel_with_key( + cli, cli_get_iface(pipe_idx), auth_level, + domain, netlogon_pipe->dc, &result); /* Now we've bound using the session key we can close the netlog pipe. */ TALLOC_FREE(netlogon_pipe); diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index 2599c28e9c..f63cb14b7e 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -99,11 +99,11 @@ NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain, return ntret; } - pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON, - PIPE_AUTH_LEVEL_PRIVACY, - domain, netlogon_pipe->dc, &ntret); + ntret = cli_rpc_pipe_open_schannel_with_key( + cli, &ndr_table_netlogon.syntax_id, PIPE_AUTH_LEVEL_PRIVACY, + domain, netlogon_pipe->dc, &pipe_hnd); - if (!pipe_hnd) { + if (!NT_STATUS_IS_OK(ntret)) { DEBUG(0,("net_rpc_join_ok: failed to open schannel session " "on netlogon pipe to server %s for domain %s. Error was %s\n", cli->desthost, domain, nt_errstr(ntret) )); @@ -413,13 +413,12 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) do the same again (setup creds) in net_rpc_join_ok(). JRA. */ if (lp_client_schannel() && (neg_flags & NETLOGON_NEG_SCHANNEL)) { - struct rpc_pipe_client *netlogon_schannel_pipe = - cli_rpc_pipe_open_schannel_with_key(cli, - PI_NETLOGON, - PIPE_AUTH_LEVEL_PRIVACY, - domain, - pipe_hnd->dc, - &result); + struct rpc_pipe_client *netlogon_schannel_pipe; + + result = cli_rpc_pipe_open_schannel_with_key( + cli, &ndr_table_netlogon.syntax_id, + PIPE_AUTH_LEVEL_PRIVACY, domain, pipe_hnd->dc, + &netlogon_schannel_pipe); if (!NT_STATUS_IS_OK(result)) { DEBUG(0, ("Error in domain join verification (schannel setup failed): %s\n\n", diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c index 340dc2381d..b3f8950691 100644 --- a/source3/winbindd/winbindd_cm.c +++ b/source3/winbindd/winbindd_cm.c @@ -2006,11 +2006,11 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, "for domain %s, trying anon\n", domain->name)); goto anonymous; } - conn->samr_pipe = cli_rpc_pipe_open_schannel_with_key - (conn->cli, PI_SAMR, PIPE_AUTH_LEVEL_PRIVACY, - domain->name, p_dcinfo, &result); + result = cli_rpc_pipe_open_schannel_with_key + (conn->cli, &ndr_table_samr.syntax_id, PIPE_AUTH_LEVEL_PRIVACY, + domain->name, p_dcinfo, &conn->samr_pipe); - if (conn->samr_pipe == NULL) { + if (!NT_STATUS_IS_OK(result)) { DEBUG(10,("cm_connect_sam: failed to connect to SAMR pipe for " "domain %s using schannel. Error was %s\n", domain->name, nt_errstr(result) )); @@ -2144,11 +2144,12 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, "for domain %s, trying anon\n", domain->name)); goto anonymous; } - conn->lsa_pipe = cli_rpc_pipe_open_schannel_with_key - (conn->cli, PI_LSARPC, PIPE_AUTH_LEVEL_PRIVACY, - domain->name, p_dcinfo, &result); + result = cli_rpc_pipe_open_schannel_with_key + (conn->cli, &ndr_table_lsarpc.syntax_id, + PIPE_AUTH_LEVEL_PRIVACY, + domain->name, p_dcinfo, &conn->lsa_pipe); - if (conn->lsa_pipe == NULL) { + if (!NT_STATUS_IS_OK(result)) { DEBUG(10,("cm_connect_lsa: failed to connect to LSA pipe for " "domain %s using schannel. Error was %s\n", domain->name, nt_errstr(result) )); @@ -2290,18 +2291,15 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain, part of the new pipe auth struct. */ - conn->netlogon_pipe = - cli_rpc_pipe_open_schannel_with_key(conn->cli, - PI_NETLOGON, - PIPE_AUTH_LEVEL_PRIVACY, - domain->name, - netlogon_pipe->dc, - &result); + result = cli_rpc_pipe_open_schannel_with_key( + conn->cli, &ndr_table_netlogon.syntax_id, + PIPE_AUTH_LEVEL_PRIVACY, domain->name, netlogon_pipe->dc, + &conn->netlogon_pipe); /* We can now close the initial netlogon pipe. */ TALLOC_FREE(netlogon_pipe); - if (conn->netlogon_pipe == NULL) { + if (!NT_STATUS_IS_OK(result)) { DEBUG(3, ("Could not open schannel'ed NETLOGON pipe. Error " "was %s\n", nt_errstr(result))); |