summaryrefslogtreecommitdiff
path: root/source3/utils
diff options
context:
space:
mode:
Diffstat (limited to 'source3/utils')
-rw-r--r--source3/utils/net_rpc.c40
-rw-r--r--source3/utils/ntlm_auth.c15
2 files changed, 24 insertions, 31 deletions
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index b28365274c..9f0f64edec 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -48,27 +48,14 @@ typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, struct cli_state *, TALLOC_C
* @return The Domain SID of the remote machine.
**/
-static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli)
+static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx)
{
DOM_SID *domain_sid;
POLICY_HND pol;
NTSTATUS result = NT_STATUS_OK;
uint32 info_class = 5;
- fstring domain_name;
- TALLOC_CTX *mem_ctx;
+ char *domain_name;
- if (!(domain_sid = malloc(sizeof(DOM_SID)))){
- DEBUG(0,("net_get_remote_domain_sid: malloc returned NULL!\n"));
- goto error;
- }
-
- if (!(mem_ctx=talloc_init("net_get_remote_domain_sid")))
- {
- DEBUG(0,("net_get_remote_domain_sid: talloc_init returned NULL!\n"));
- goto error;
- }
-
-
if (!cli_nt_session_open (cli, PI_LSARPC)) {
fprintf(stderr, "could not initialise lsa pipe\n");
goto error;
@@ -82,7 +69,7 @@ static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli)
}
result = cli_lsa_query_info_policy(cli, mem_ctx, &pol, info_class,
- domain_name, domain_sid);
+ &domain_name, &domain_sid);
if (!NT_STATUS_IS_OK(result)) {
error:
fprintf(stderr, "could not obtain sid for domain %s\n", cli->domain);
@@ -96,7 +83,6 @@ static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli)
cli_lsa_close(cli, mem_ctx, &pol);
cli_nt_session_close(cli);
- talloc_destroy(mem_ctx);
return domain_sid;
}
@@ -132,7 +118,7 @@ static int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int co
return -1;
}
- domain_sid = net_get_remote_domain_sid(cli);
+ domain_sid = net_get_remote_domain_sid(cli, mem_ctx);
/* Create mem_ctx */
@@ -1928,10 +1914,11 @@ static int rpc_trustdom_establish(int argc, const char **argv)
POLICY_HND connect_hnd;
TALLOC_CTX *mem_ctx;
NTSTATUS nt_status;
- DOM_SID domain_sid;
+ DOM_SID *domain_sid;
WKS_INFO_100 wks_info;
char* domain_name;
+ char* domain_name_pol;
char* acct_name;
fstring pdc_name;
@@ -2052,7 +2039,7 @@ static int rpc_trustdom_establish(int argc, const char **argv)
/* Querying info level 5 */
nt_status = cli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd,
- 5 /* info level */, domain_name,
+ 5 /* info level */, &domain_name_pol,
&domain_sid);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
@@ -2072,7 +2059,7 @@ static int rpc_trustdom_establish(int argc, const char **argv)
if (!secrets_store_trusted_domain_password(domain_name, wks_info.uni_lan_grp.buffer,
wks_info.uni_lan_grp.uni_str_len, opt_password,
- domain_sid)) {
+ *domain_sid)) {
DEBUG(0, ("Storing password for trusted domain failed.\n"));
return -1;
}
@@ -2163,7 +2150,7 @@ static int rpc_trustdom_list(int argc, const char **argv)
struct cli_state *cli, *remote_cli;
NTSTATUS nt_status;
const char *domain_name = NULL;
- DOM_SID queried_dom_sid;
+ DOM_SID *queried_dom_sid;
fstring ascii_sid, padding;
int ascii_dom_name_len;
POLICY_HND connect_hnd;
@@ -2173,7 +2160,8 @@ static int rpc_trustdom_list(int argc, const char **argv)
int i, pad_len, col_len = 20;
DOM_SID *domain_sids;
char **trusted_dom_names;
- fstring pdc_name, dummy;
+ fstring pdc_name;
+ char *dummy;
/* trusting domains listing variables */
POLICY_HND domain_hnd;
@@ -2222,7 +2210,7 @@ static int rpc_trustdom_list(int argc, const char **argv)
/* query info level 5 to obtain sid of a domain being queried */
nt_status = cli_lsa_query_info_policy(
cli, mem_ctx, &connect_hnd, 5 /* info level */,
- dummy, &queried_dom_sid);
+ &dummy, &queried_dom_sid);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
@@ -2304,8 +2292,8 @@ static int rpc_trustdom_list(int argc, const char **argv)
/* SamrOpenDomain - we have to open domain policy handle in order to be
able to enumerate accounts*/
nt_status = cli_samr_open_domain(cli, mem_ctx, &connect_hnd,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
- &queried_dom_sid, &domain_hnd);
+ SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ queried_dom_sid, &domain_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open domain object. Error was %s\n",
nt_errstr(nt_status)));
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 96e52964b4..74918045ee 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1072,6 +1072,7 @@ static BOOL manage_client_krb5_init(SPNEGO_DATA spnego)
DATA_BLOB session_key_krb5;
SPNEGO_DATA reply;
char *reply_base64;
+ int retval;
const char *my_mechs[] = {OID_KERBEROS5_OLD, NULL};
ssize_t len;
@@ -1093,9 +1094,9 @@ static BOOL manage_client_krb5_init(SPNEGO_DATA spnego)
spnego.negTokenInit.mechListMIC.length);
principal[spnego.negTokenInit.mechListMIC.length] = '\0';
- tkt = cli_krb5_get_ticket(principal, 0, &session_key_krb5);
+ retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5);
- if (tkt.data == NULL) {
+ if (retval) {
pstring user;
@@ -1110,13 +1111,17 @@ static BOOL manage_client_krb5_init(SPNEGO_DATA spnego)
pstr_sprintf(user, "%s@%s", opt_username, opt_domain);
- if (kerberos_kinit_password(user, opt_password, 0) != 0) {
- DEBUG(10, ("Requesting TGT failed\n"));
+ if ((retval = kerberos_kinit_password(user, opt_password, 0))) {
+ DEBUG(10, ("Requesting TGT failed: %s\n", error_message(retval)));
x_fprintf(x_stdout, "NA\n");
return True;
}
- tkt = cli_krb5_get_ticket(principal, 0, &session_key_krb5);
+ retval = cli_krb5_get_ticket(principal, 0, &tkt, &session_key_krb5);
+
+ if (retval) {
+ DEBUG(10, ("Kinit suceeded, but getting a ticket failed: %s\n", error_message(retval)));
+ }
}
data_blob_free(&session_key_krb5);
generated by cgit (git 2.34.1) at 2024-12-18 16:52:01 +0000