const char *domain,
uint32 *pneg_flags,
struct rpc_pipe_client **presult);
-struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
- int pipe_idx,
- enum pipe_auth_level auth_level,
- const char *domain,
- const struct dcinfo *pdc,
- NTSTATUS *perr);
+NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
+ const struct ndr_syntax_id *interface,
+ enum pipe_auth_level auth_level,
+ const char *domain,
+ const struct dcinfo *pdc,
+ struct rpc_pipe_client **presult);
struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_auth_schannel(struct cli_state *cli,
int pipe_idx,
enum pipe_auth_level auth_level,
return NT_STATUS_OK;
}
- pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON,
- PIPE_AUTH_LEVEL_PRIVACY,
- netbios_domain_name,
- netlogon_pipe->dc,
- &status);
+ status = cli_rpc_pipe_open_schannel_with_key(
+ cli, &ndr_table_netlogon.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+ netbios_domain_name, netlogon_pipe->dc, &pipe_hnd);
cli_shutdown(cli);
- if (!pipe_hnd) {
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("libnet_join_ok: failed to open schannel session "
"on netlogon pipe to server %s for domain %s. "
"Error was %s\n",
using session_key. sign and seal.
****************************************************************************/
-struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
- int pipe_idx,
- enum pipe_auth_level auth_level,
- const char *domain,
- const struct dcinfo *pdc,
- NTSTATUS *perr)
+NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
+ const struct ndr_syntax_id *interface,
+ enum pipe_auth_level auth_level,
+ const char *domain,
+ const struct dcinfo *pdc,
+ struct rpc_pipe_client **presult)
{
struct rpc_pipe_client *result;
struct cli_pipe_auth_data *auth;
+ NTSTATUS status;
- *perr = cli_rpc_pipe_open(cli, pipe_names[pipe_idx].abstr_syntax,
- &result);
- if (!NT_STATUS_IS_OK(*perr)) {
- return NULL;
+ status = cli_rpc_pipe_open(cli, interface, &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
- *perr = rpccli_schannel_bind_data(result, domain, auth_level,
- pdc->sess_key, &auth);
- if (!NT_STATUS_IS_OK(*perr)) {
+ status = rpccli_schannel_bind_data(result, domain, auth_level,
+ pdc->sess_key, &auth);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(0, ("rpccli_schannel_bind_data returned %s\n",
- nt_errstr(*perr)));
+ nt_errstr(status)));
TALLOC_FREE(result);
- return NULL;
+ return status;
}
- *perr = rpc_pipe_bind(result, auth);
- if (!NT_STATUS_IS_OK(*perr)) {
- DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: cli_rpc_pipe_bind failed with error %s\n",
- nt_errstr(*perr) ));
+ status = rpc_pipe_bind(result, auth);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: "
+ "cli_rpc_pipe_bind failed with error %s\n",
+ nt_errstr(status) ));
TALLOC_FREE(result);
- return NULL;
+ return status;
}
/*
if (result->dc == NULL) {
DEBUG(0, ("talloc failed\n"));
TALLOC_FREE(result);
- return NULL;
+ return NT_STATUS_NO_MEMORY;
}
DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s "
"and bound using schannel.\n",
result->trans.np.pipe_name, cli->desthost, domain ));
- return result;
+ *presult = result;
+ return NT_STATUS_OK;
}
/****************************************************************************
return NULL;
}
- result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx,
- auth_level,
- domain, netlogon_pipe->dc, perr);
+ *perr = cli_rpc_pipe_open_schannel_with_key(
+ cli, cli_get_iface(pipe_idx), auth_level,
+ domain, netlogon_pipe->dc, &result);
/* Now we've bound using the session key we can close the netlog pipe. */
TALLOC_FREE(netlogon_pipe);
return NULL;
}
- result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx,
- auth_level,
- domain, netlogon_pipe->dc, perr);
+ *perr = cli_rpc_pipe_open_schannel_with_key(
+ cli, cli_get_iface(pipe_idx), auth_level,
+ domain, netlogon_pipe->dc, &result);
/* Now we've bound using the session key we can close the netlog pipe. */
TALLOC_FREE(netlogon_pipe);
return ntret;
}
- pipe_hnd = cli_rpc_pipe_open_schannel_with_key(cli, PI_NETLOGON,
- PIPE_AUTH_LEVEL_PRIVACY,
- domain, netlogon_pipe->dc, &ntret);
+ ntret = cli_rpc_pipe_open_schannel_with_key(
+ cli, &ndr_table_netlogon.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+ domain, netlogon_pipe->dc, &pipe_hnd);
- if (!pipe_hnd) {
+ if (!NT_STATUS_IS_OK(ntret)) {
DEBUG(0,("net_rpc_join_ok: failed to open schannel session "
"on netlogon pipe to server %s for domain %s. Error was %s\n",
cli->desthost, domain, nt_errstr(ntret) ));
do the same again (setup creds) in net_rpc_join_ok(). JRA. */
if (lp_client_schannel() && (neg_flags & NETLOGON_NEG_SCHANNEL)) {
- struct rpc_pipe_client *netlogon_schannel_pipe =
- cli_rpc_pipe_open_schannel_with_key(cli,
- PI_NETLOGON,
- PIPE_AUTH_LEVEL_PRIVACY,
- domain,
- pipe_hnd->dc,
- &result);
+ struct rpc_pipe_client *netlogon_schannel_pipe;
+
+ result = cli_rpc_pipe_open_schannel_with_key(
+ cli, &ndr_table_netlogon.syntax_id,
+ PIPE_AUTH_LEVEL_PRIVACY, domain, pipe_hnd->dc,
+ &netlogon_schannel_pipe);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0, ("Error in domain join verification (schannel setup failed): %s\n\n",
"for domain %s, trying anon\n", domain->name));
goto anonymous;
}
- conn->samr_pipe = cli_rpc_pipe_open_schannel_with_key
- (conn->cli, PI_SAMR, PIPE_AUTH_LEVEL_PRIVACY,
- domain->name, p_dcinfo, &result);
+ result = cli_rpc_pipe_open_schannel_with_key
+ (conn->cli, &ndr_table_samr.syntax_id, PIPE_AUTH_LEVEL_PRIVACY,
+ domain->name, p_dcinfo, &conn->samr_pipe);
- if (conn->samr_pipe == NULL) {
+ if (!NT_STATUS_IS_OK(result)) {
DEBUG(10,("cm_connect_sam: failed to connect to SAMR pipe for "
"domain %s using schannel. Error was %s\n",
domain->name, nt_errstr(result) ));
"for domain %s, trying anon\n", domain->name));
goto anonymous;
}
- conn->lsa_pipe = cli_rpc_pipe_open_schannel_with_key
- (conn->cli, PI_LSARPC, PIPE_AUTH_LEVEL_PRIVACY,
- domain->name, p_dcinfo, &result);
+ result = cli_rpc_pipe_open_schannel_with_key
+ (conn->cli, &ndr_table_lsarpc.syntax_id,
+ PIPE_AUTH_LEVEL_PRIVACY,
+ domain->name, p_dcinfo, &conn->lsa_pipe);
- if (conn->lsa_pipe == NULL) {
+ if (!NT_STATUS_IS_OK(result)) {
DEBUG(10,("cm_connect_lsa: failed to connect to LSA pipe for "
"domain %s using schannel. Error was %s\n",
domain->name, nt_errstr(result) ));
part of the new pipe auth struct.
*/
- conn->netlogon_pipe =
- cli_rpc_pipe_open_schannel_with_key(conn->cli,
- PI_NETLOGON,
- PIPE_AUTH_LEVEL_PRIVACY,
- domain->name,
- netlogon_pipe->dc,
- &result);
+ result = cli_rpc_pipe_open_schannel_with_key(
+ conn->cli, &ndr_table_netlogon.syntax_id,
+ PIPE_AUTH_LEVEL_PRIVACY, domain->name, netlogon_pipe->dc,
+ &conn->netlogon_pipe);
/* We can now close the initial netlogon pipe. */
TALLOC_FREE(netlogon_pipe);
- if (conn->netlogon_pipe == NULL) {
+ if (!NT_STATUS_IS_OK(result)) {
DEBUG(3, ("Could not open schannel'ed NETLOGON pipe. Error "
"was %s\n", nt_errstr(result)));