#include "../librpc/gen_ndr/ndr_netlogon_c.h"
#include "rpc_client/cli_netlogon.h"
#include "secrets.h"
+#include "../libcli/auth/netlogon_creds_cli.h"
static WERROR cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
do {
struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
+ struct netlogon_creds_CredentialState *creds = NULL;
- netlogon_creds_client_authenticator(cli->dc, &credential);
+ status = netlogon_creds_cli_lock(cli->netlogon_creds,
+ mem_ctx, &creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ netlogon_creds_client_authenticator(creds, &credential);
status = dcerpc_netr_DatabaseSync2(b, mem_ctx,
logon_server,
0xffff,
&result);
if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(creds);
return status;
}
/* Check returned credentials. */
- if (!netlogon_creds_client_check(cli->dc,
+ if (!netlogon_creds_client_check(creds,
&return_authenticator.cred)) {
DEBUG(0,("credentials chain check failed\n"));
+ TALLOC_FREE(creds);
return NT_STATUS_ACCESS_DENIED;
}
+ TALLOC_FREE(creds);
if (NT_STATUS_IS_ERR(result)) {
break;
do {
struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
+ struct netlogon_creds_CredentialState *creds = NULL;
+
+ status = netlogon_creds_cli_lock(cli->netlogon_creds,
+ mem_ctx, &creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
- netlogon_creds_client_authenticator(cli->dc, &credential);
+ netlogon_creds_client_authenticator(creds, &credential);
status = dcerpc_netr_DatabaseDeltas(b, mem_ctx,
logon_server,
0xffff,
&result);
if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(creds);
return status;
}
/* Check returned credentials. */
- if (!netlogon_creds_client_check(cli->dc,
+ if (!netlogon_creds_client_check(creds,
&return_authenticator.cred)) {
DEBUG(0,("credentials chain check failed\n"));
+ TALLOC_FREE(creds);
return NT_STATUS_ACCESS_DENIED;
}
+ TALLOC_FREE(creds);
if (NT_STATUS_IS_ERR(result)) {
break;
struct netr_ChangeLogEntry e;
uint32_t rid = 500;
struct dcerpc_binding_handle *b = cli->binding_handle;
+ struct netlogon_creds_CredentialState *creds = NULL;
if (argc > 2) {
fprintf(stderr, "Usage: %s <user rid>\n", argv[0]);
return status;
}
- netlogon_creds_client_authenticator(cli->dc, &clnt_creds);
+ status = netlogon_creds_cli_lock(cli->netlogon_creds,
+ mem_ctx, &creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ netlogon_creds_client_authenticator(creds, &clnt_creds);
ZERO_STRUCT(e);
&delta_enum_array,
&result);
if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(creds);
return status;
}
- if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
+ if (!netlogon_creds_client_check(creds, &srv_cred.cred)) {
DEBUG(0,("credentials chain check failed\n"));
+ TALLOC_FREE(creds);
return NT_STATUS_ACCESS_DENIED;
}
+ TALLOC_FREE(creds);
return result;
}
union netr_Capabilities capabilities;
uint32_t level = 1;
struct dcerpc_binding_handle *b = cli->binding_handle;
+ struct netlogon_creds_CredentialState *creds = NULL;
if (argc > 2) {
fprintf(stderr, "Usage: %s <level>\n", argv[0]);
ZERO_STRUCT(return_authenticator);
- netlogon_creds_client_authenticator(cli->dc, &credential);
+ status = netlogon_creds_cli_lock(cli->netlogon_creds,
+ mem_ctx, &creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ netlogon_creds_client_authenticator(creds, &credential);
status = dcerpc_netr_LogonGetCapabilities(b, mem_ctx,
cli->desthost,
&capabilities,
&result);
if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(creds);
return status;
}
- if (!netlogon_creds_client_check(cli->dc,
+ if (!netlogon_creds_client_check(creds,
&return_authenticator.cred)) {
DEBUG(0,("credentials chain check failed\n"));
+ TALLOC_FREE(creds);
return NT_STATUS_ACCESS_DENIED;
}
+ TALLOC_FREE(creds);
printf("capabilities: 0x%08x\n", capabilities.server_capabilities);