5 files changed, 64 insertions, 67 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 822e2e07bc..98b2166984 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -7122,12 +7122,12 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli,
 				  const char *domain,
 				  uint32 *pneg_flags,
 				  struct rpc_pipe_client **presult);
-struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
-					int pipe_idx,
-					enum pipe_auth_level auth_level,
-					const char *domain,
-					const struct dcinfo *pdc,
-					NTSTATUS *perr);
+NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
+					     const struct ndr_syntax_id *interface,
+					     enum pipe_auth_level auth_level,
+					     const char *domain,
+					     const struct dcinfo *pdc,
+					     struct rpc_pipe_client **presult);
 struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
                                                 int pipe_idx,
 						enum pipe_auth_level auth_level,
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index a095cb2dfa..814eebafd0 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -1044,15 +1044,13 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name,
 		return NT_STATUS_OK;
 	}
 
-	pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON,
-						       PIPE_AUTH_LEVEL_PRIVACY,
-						       netbios_domain_name,
-						       netlogon_pipe->dc,
-						       &status);
+	status = cli_rpc_pipe_open_schannel_with_key(
+		cli, &ndr_table_netlogon.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+		netbios_domain_name, netlogon_pipe->dc, &pipe_hnd);
 
 	cli_shutdown(cli);
 
-	if (!pipe_hnd) {
+	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0,("libnet_join_ok: failed to open schannel session "
 			"on netlogon pipe to server %s for domain %s. "
 			"Error was %s\n",
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 1825174803..abafa0ff26 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -3234,37 +3234,38 @@ NTSTATUS get_schannel_session_key(struct cli_state *cli,
  using session_key. sign and seal.
  ****************************************************************************/
 
-struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
-					int pipe_idx,
-					enum pipe_auth_level auth_level,
-					const char *domain,
-					const struct dcinfo *pdc,
-					NTSTATUS *perr)
+NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
+					     const struct ndr_syntax_id *interface,
+					     enum pipe_auth_level auth_level,
+					     const char *domain,
+					     const struct dcinfo *pdc,
+					     struct rpc_pipe_client **presult)
 {
 	struct rpc_pipe_client *result;
 	struct cli_pipe_auth_data *auth;
+	NTSTATUS status;
 
-	*perr = cli_rpc_pipe_open(cli, pipe_names[pipe_idx].abstr_syntax,
-				  &result);
-	if (!NT_STATUS_IS_OK(*perr)) {
-		return NULL;
+	status = cli_rpc_pipe_open(cli, interface, &result);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
 	}
 
-	*perr = rpccli_schannel_bind_data(result, domain, auth_level,
-					  pdc->sess_key, &auth);
-	if (!NT_STATUS_IS_OK(*perr)) {
+	status = rpccli_schannel_bind_data(result, domain, auth_level,
+					   pdc->sess_key, &auth);
+	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(0, ("rpccli_schannel_bind_data returned %s\n",
-			  nt_errstr(*perr)));
+			  nt_errstr(status)));
 		TALLOC_FREE(result);
-		return NULL;
+		return status;
 	}
 
-	*perr = rpc_pipe_bind(result, auth);
-	if (!NT_STATUS_IS_OK(*perr)) {
-		DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: cli_rpc_pipe_bind failed with error %s\n",
-			nt_errstr(*perr) ));
+	status = rpc_pipe_bind(result, auth);
+	if (!NT_STATUS_IS_OK(status)) {
+		DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: "
+			  "cli_rpc_pipe_bind failed with error %s\n",
+			  nt_errstr(status) ));
 		TALLOC_FREE(result);
-		return NULL;
+		return status;
 	}
 
 	/*
@@ -3275,7 +3276,7 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cl
 	if (result->dc == NULL) {
 		DEBUG(0, ("talloc failed\n"));
 		TALLOC_FREE(result);
-		return NULL;
+		return NT_STATUS_NO_MEMORY;
 	}
 
 	DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s "
@@ -3283,7 +3284,8 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cl
 		"and bound using schannel.\n",
 		result->trans.np.pipe_name, cli->desthost, domain ));
 
-	return result;
+	*presult = result;
+	return NT_STATUS_OK;
 }
 
 /****************************************************************************
@@ -3347,9 +3349,9 @@ struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state
 		return NULL;
 	}
 
-	result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx,
-				auth_level,
-				domain, netlogon_pipe->dc, perr);
+	*perr = cli_rpc_pipe_open_schannel_with_key(
+		cli, cli_get_iface(pipe_idx), auth_level,
+		domain, netlogon_pipe->dc, &result);
 
 	/* Now we've bound using the session key we can close the netlog pipe. */
 	TALLOC_FREE(netlogon_pipe);
@@ -3381,9 +3383,9 @@ struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli,
 		return NULL;
 	}
 
-	result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx,
-				auth_level,
-				domain, netlogon_pipe->dc, perr);
+	*perr = cli_rpc_pipe_open_schannel_with_key(
+		cli, cli_get_iface(pipe_idx), auth_level,
+		domain, netlogon_pipe->dc, &result);
 
 	/* Now we've bound using the session key we can close the netlog pipe. */
 	TALLOC_FREE(netlogon_pipe);
diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c
index 2599c28e9c..f63cb14b7e 100644
--- a/source3/utils/net_rpc_join.c
+++ b/source3/utils/net_rpc_join.c
@@ -99,11 +99,11 @@ NTSTATUS net_rpc_join_ok(struct net_context *c, const char *domain,
 		return ntret;
 	}
 
-	pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON,
-				PIPE_AUTH_LEVEL_PRIVACY,
-				domain, netlogon_pipe->dc, &ntret);
+	ntret = cli_rpc_pipe_open_schannel_with_key(
+		cli, &ndr_table_netlogon.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+		domain, netlogon_pipe->dc, &pipe_hnd);
 
-	if (!pipe_hnd) {
+	if (!NT_STATUS_IS_OK(ntret)) {
 		DEBUG(0,("net_rpc_join_ok: failed to open schannel session "
 				"on netlogon pipe to server %s for domain %s. Error was %s\n",
 			cli->desthost, domain, nt_errstr(ntret) ));
@@ -413,13 +413,12 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
 	   do the same again (setup creds) in net_rpc_join_ok(). JRA. */
 
 	if (lp_client_schannel() && (neg_flags & NETLOGON_NEG_SCHANNEL)) {
-		struct rpc_pipe_client *netlogon_schannel_pipe = 
-						cli_rpc_pipe_open_schannel_with_key(cli,
-							PI_NETLOGON,
-							PIPE_AUTH_LEVEL_PRIVACY,
-							domain,
-							pipe_hnd->dc,
-							&result);
+		struct rpc_pipe_client *netlogon_schannel_pipe;
+
+		result = cli_rpc_pipe_open_schannel_with_key(
+			cli, &ndr_table_netlogon.syntax_id,
+			PIPE_AUTH_LEVEL_PRIVACY, domain, pipe_hnd->dc,
+			&netlogon_schannel_pipe);
 
 		if (!NT_STATUS_IS_OK(result)) {
 			DEBUG(0, ("Error in domain join verification (schannel setup failed): %s\n\n",
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 340dc2381d..b3f8950691 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2006,11 +2006,11 @@ NTSTATUS cm_connect_sam(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
 			   "for domain %s, trying anon\n", domain->name));
 		goto anonymous;
 	}
-	conn->samr_pipe = cli_rpc_pipe_open_schannel_with_key
-		(conn->cli, PI_SAMR, PIPE_AUTH_LEVEL_PRIVACY,
-		 domain->name, p_dcinfo, &result);
+	result = cli_rpc_pipe_open_schannel_with_key
+		(conn->cli, &ndr_table_samr.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+		 domain->name, p_dcinfo, &conn->samr_pipe);
 
-	if (conn->samr_pipe == NULL) {
+	if (!NT_STATUS_IS_OK(result)) {
 		DEBUG(10,("cm_connect_sam: failed to connect to SAMR pipe for "
 			  "domain %s using schannel. Error was %s\n",
 			  domain->name, nt_errstr(result) ));
@@ -2144,11 +2144,12 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx,
 			   "for domain %s, trying anon\n", domain->name));
 		goto anonymous;
 	}
-	conn->lsa_pipe = cli_rpc_pipe_open_schannel_with_key
-		(conn->cli, PI_LSARPC, PIPE_AUTH_LEVEL_PRIVACY,
-		 domain->name, p_dcinfo, &result);
+	result = cli_rpc_pipe_open_schannel_with_key
+		(conn->cli, &ndr_table_lsarpc.syntax_id,
+		 PIPE_AUTH_LEVEL_PRIVACY,
+		 domain->name, p_dcinfo, &conn->lsa_pipe);
 
-	if (conn->lsa_pipe == NULL) {
+	if (!NT_STATUS_IS_OK(result)) {
 		DEBUG(10,("cm_connect_lsa: failed to connect to LSA pipe for "
 			  "domain %s using schannel. Error was %s\n",
 			  domain->name, nt_errstr(result) ));
@@ -2290,18 +2291,15 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
 	   part of the new pipe auth struct.
 	*/
 
-	conn->netlogon_pipe =
-		cli_rpc_pipe_open_schannel_with_key(conn->cli,
-						    PI_NETLOGON,
-						    PIPE_AUTH_LEVEL_PRIVACY,
-						    domain->name,
-						    netlogon_pipe->dc,
-						    &result);
+	result = cli_rpc_pipe_open_schannel_with_key(
+		conn->cli, &ndr_table_netlogon.syntax_id,
+		PIPE_AUTH_LEVEL_PRIVACY, domain->name, netlogon_pipe->dc,
+		&conn->netlogon_pipe);
 
 	/* We can now close the initial netlogon pipe. */
 	TALLOC_FREE(netlogon_pipe);
 
-	if (conn->netlogon_pipe == NULL) {
+	if (!NT_STATUS_IS_OK(result)) {
 		DEBUG(3, ("Could not open schannel'ed NETLOGON pipe. Error "
 			  "was %s\n", nt_errstr(result)));