From d1da999e0a84939e372ebe590861376e2c0075b3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 8 May 2003 08:02:52 +0000 Subject: This puts real netlogon connection caching to winbind. This becomes important once we start doing schannel, as there would be a lot more roundtrips for the second PIPE open and bind. With this patch logging in to a member server is a matter of two (three if you count the ack...) packets between us and the DC. Volker (This used to be commit 5b3cb7725a974629d0bd8b707bc2940c36b8745e) --- source3/rpcclient/cmd_netlogon.c | 9 ++++++++- source3/rpcclient/rpcclient.c | 20 ++++++++++---------- 2 files changed, 18 insertions(+), 11 deletions(-) (limited to 'source3/rpcclient') diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index 32fa9c3699..0ec78a0673 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -275,6 +275,7 @@ static NTSTATUS cmd_netlogon_sam_logon(struct cli_state *cli, const char *username, *password; uint32 neg_flags = 0x000001ff; int auth_level = 2; + DOM_CRED ret_creds; /* Check arguments */ @@ -299,7 +300,13 @@ static NTSTATUS cmd_netlogon_sam_logon(struct cli_state *cli, /* Perform the sam logon */ - result = cli_netlogon_sam_logon(cli, mem_ctx, username, password, logon_type); + ZERO_STRUCT(ret_creds); + + result = cli_netlogon_sam_logon(cli, mem_ctx, &ret_creds, username, password, logon_type); + + clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), &ret_creds); + + result = cli_netlogon_sam_logon(cli, mem_ctx, &ret_creds, username, password, logon_type); if (!NT_STATUS_IS_OK(result)) goto done; diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index b01e2d694c..a1b0a8cd34 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -391,6 +391,14 @@ static NTSTATUS do_cmd(struct cli_state *cli, /* Open pipe */ + if (cmd_entry->pipe_idx != -1) { + if (!cli_nt_session_open(cli, cmd_entry->pipe_idx)) { + DEBUG(0, ("Could not initialise %s\n", + get_pipe_name_from_index(cmd_entry->pipe_idx))); + return NT_STATUS_UNSUCCESSFUL; + } + } + if (cmd_entry->pipe_idx == PI_NETLOGON) { uchar trust_password[16]; uint32 sec_channel_type; @@ -401,19 +409,11 @@ static NTSTATUS do_cmd(struct cli_state *cli, return NT_STATUS_UNSUCCESSFUL; } - if (!cli_nt_open_netlogon(cli, trust_password, - sec_channel_type)) { + if (!NT_STATUS_IS_OK(cli_nt_establish_netlogon(cli, sec_channel_type, + trust_password))) { DEBUG(0, ("Could not initialise NETLOGON pipe\n")); return NT_STATUS_UNSUCCESSFUL; } - } else { - if (cmd_entry->pipe_idx != -1) { - if (!cli_nt_session_open(cli, cmd_entry->pipe_idx)) { - DEBUG(0, ("Could not initialise %s\n", - get_pipe_name_from_index(cmd_entry->pipe_idx))); - return NT_STATUS_UNSUCCESSFUL; - } - } } /* Run command */ -- cgit