diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/auth/auth_domain.c | 5 | ||||
-rw-r--r-- | source3/include/proto.h | 10 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 31 | ||||
-rw-r--r-- | source3/rpcclient/rpcclient.c | 11 | ||||
-rw-r--r-- | source3/utils/net_rpc.c | 10 |
5 files changed, 37 insertions, 30 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index 2c67bf9f1c..c25e62ab80 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -109,8 +109,9 @@ static NTSTATUS connect_to_domain_password_server(struct cli_state **cli, /* open the netlogon pipe. */ if (lp_client_schannel()) { /* We also setup the creds chain in the open_schannel call. */ - netlogon_pipe = cli_rpc_pipe_open_schannel(*cli, PI_NETLOGON, - PIPE_AUTH_LEVEL_PRIVACY, domain, &result); + result = cli_rpc_pipe_open_schannel( + *cli, &ndr_table_netlogon.syntax_id, + PIPE_AUTH_LEVEL_PRIVACY, domain, &netlogon_pipe); } else { result = cli_rpc_pipe_open_noauth( *cli, &ndr_table_netlogon.syntax_id, &netlogon_pipe); diff --git a/source3/include/proto.h b/source3/include/proto.h index bdbbdd7f51..ab09462a9f 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -7135,11 +7135,11 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, const char *username, const char *password, struct rpc_pipe_client **presult); -struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_level auth_level, - const char *domain, - NTSTATUS *perr); +NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_level auth_level, + const char *domain, + struct rpc_pipe_client **presult); struct rpc_pipe_client *cli_rpc_pipe_open_krb5(struct cli_state *cli, int pipe_idx, enum pipe_auth_level auth_level, diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 5441ab8807..e9a9480e35 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -3368,33 +3368,38 @@ NTSTATUS cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli, Fetch the session key ourselves using a temporary netlogon pipe. ****************************************************************************/ -struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli, - int pipe_idx, - enum pipe_auth_level auth_level, - const char *domain, - NTSTATUS *perr) +NTSTATUS cli_rpc_pipe_open_schannel(struct cli_state *cli, + const struct ndr_syntax_id *interface, + enum pipe_auth_level auth_level, + const char *domain, + struct rpc_pipe_client **presult) { uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; struct rpc_pipe_client *netlogon_pipe = NULL; struct rpc_pipe_client *result = NULL; + NTSTATUS status; - *perr = get_schannel_session_key(cli, domain, &neg_flags, - &netlogon_pipe); - if (!NT_STATUS_IS_OK(*perr)) { + status = get_schannel_session_key(cli, domain, &neg_flags, + &netlogon_pipe); + if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("cli_rpc_pipe_open_schannel: failed to get schannel session " "key from server %s for domain %s.\n", cli->desthost, domain )); - return NULL; + return status; } - *perr = cli_rpc_pipe_open_schannel_with_key( - cli, cli_get_iface(pipe_idx), auth_level, - domain, netlogon_pipe->dc, &result); + status = cli_rpc_pipe_open_schannel_with_key( + cli, interface, auth_level, domain, netlogon_pipe->dc, + &result); /* Now we've bound using the session key we can close the netlog pipe. */ TALLOC_FREE(netlogon_pipe); - return result; + if (NT_STATUS_IS_OK(status)) { + *presult = result; + } + + return NT_STATUS_OK; } /**************************************************************************** diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index eac96d3957..aff3cac1af 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -606,11 +606,12 @@ static NTSTATUS do_cmd(struct cli_state *cli, &cmd_entry->rpc_pipe); break; case PIPE_AUTH_TYPE_SCHANNEL: - cmd_entry->rpc_pipe = cli_rpc_pipe_open_schannel(cli, - cmd_entry->pipe_idx, - pipe_default_auth_level, - lp_workgroup(), - &ntresult); + ntresult = cli_rpc_pipe_open_schannel( + cli, + cli_get_iface(cmd_entry->pipe_idx), + pipe_default_auth_level, + lp_workgroup(), + &cmd_entry->rpc_pipe); break; default: DEBUG(0, ("Could not initialise %s. Invalid auth type %u\n", diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 1c9776db73..62ea319904 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -155,11 +155,11 @@ int run_rpc_command(struct net_context *c, if (!(conn_flags & NET_FLAGS_NO_PIPE)) { if (lp_client_schannel() && (pipe_idx == PI_NETLOGON)) { /* Always try and create an schannel netlogon pipe. */ - pipe_hnd = cli_rpc_pipe_open_schannel(cli, pipe_idx, - PIPE_AUTH_LEVEL_PRIVACY, - domain_name, - &nt_status); - if (!pipe_hnd) { + nt_status = cli_rpc_pipe_open_schannel( + cli, cli_get_iface(pipe_idx), + PIPE_AUTH_LEVEL_PRIVACY, domain_name, + &pipe_hnd); + if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Could not initialise schannel netlogon pipe. Error was %s\n", nt_errstr(nt_status) )); cli_shutdown(cli); |