return status;
}
-NTSTATUS cli_rpc_pipe_open_schannel_with_creds(struct cli_state *cli,
- const struct ndr_interface_table *table,
- enum dcerpc_transport_t transport,
- struct netlogon_creds_cli_context *netlogon_creds,
- struct rpc_pipe_client **_rpccli)
+NTSTATUS cli_rpc_pipe_open_bind_schannel(
+ struct cli_state *cli,
+ const struct ndr_interface_table *table,
+ enum dcerpc_transport_t transport,
+ struct netlogon_creds_cli_context *netlogon_creds,
+ struct rpc_pipe_client **_rpccli)
{
struct rpc_pipe_client *rpccli;
struct pipe_auth_data *rpcauth;
struct cli_credentials *cli_creds;
enum dcerpc_AuthLevel auth_level;
NTSTATUS status;
- int rpc_pipe_bind_dbglvl = 0;
- struct netlogon_creds_cli_lck *lck;
status = cli_rpc_pipe_open(cli, transport, table, &rpccli);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- status = netlogon_creds_cli_lck(
- netlogon_creds, NETLOGON_CREDS_CLI_LCK_EXCLUSIVE,
- rpccli, &lck);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_WARNING("netlogon_creds_cli_lck returned %s\n",
- nt_errstr(status));
- TALLOC_FREE(rpccli);
- return status;
- }
-
auth_level = netlogon_creds_cli_auth_level(netlogon_creds);
status = netlogon_creds_bind_cli_credentials(
talloc_unlink(rpccli, cli_creds);
cli_creds = NULL;
- if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_ACCESS_DENIED)) {
- rpc_pipe_bind_dbglvl = 1;
- netlogon_creds_cli_delete_lck(netlogon_creds);
- }
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(rpc_pipe_bind_dbglvl,
- ("%s: rpc_pipe_bind failed with error %s\n",
- __func__, nt_errstr(status)));
+ DBG_DEBUG("rpc_pipe_bind failed with error %s\n",
+ nt_errstr(status));
TALLOC_FREE(rpccli);
return status;
}
- if (!ndr_syntax_id_equal(&table->syntax_id, &ndr_table_netlogon.syntax_id)) {
- goto done;
+ *_rpccli = rpccli;
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS cli_rpc_pipe_open_schannel_with_creds(struct cli_state *cli,
+ const struct ndr_interface_table *table,
+ enum dcerpc_transport_t transport,
+ struct netlogon_creds_cli_context *netlogon_creds,
+ struct rpc_pipe_client **_rpccli)
+{
+ TALLOC_CTX *frame = talloc_stackframe();
+ struct rpc_pipe_client *rpccli;
+ struct netlogon_creds_cli_lck *lck;
+ NTSTATUS status;
+
+ status = netlogon_creds_cli_lck(
+ netlogon_creds, NETLOGON_CREDS_CLI_LCK_EXCLUSIVE,
+ frame, &lck);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_WARNING("netlogon_creds_cli_lck returned %s\n",
+ nt_errstr(status));
+ TALLOC_FREE(frame);
+ return status;
}
- status = netlogon_creds_cli_check(netlogon_creds,
- rpccli->binding_handle);
+ status = cli_rpc_pipe_open_bind_schannel(
+ cli, table, transport, netlogon_creds, &rpccli);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_ACCESS_DENIED)) {
+ netlogon_creds_cli_delete_lck(netlogon_creds);
+ }
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("netlogon_creds_cli_check failed with %s\n",
- nt_errstr(status)));
- TALLOC_FREE(rpccli);
+ DBG_DEBUG("cli_rpc_pipe_open_bind_schannel failed: %s\n",
+ nt_errstr(status));
+ TALLOC_FREE(frame);
return status;
}
-done:
- DEBUG(10,("%s: opened pipe %s to machine %s "
- "for domain %s and bound using schannel.\n",
- __func__, table->name,
- rpccli->desthost, cli_credentials_get_domain(cli_creds)));
+ if (ndr_syntax_id_equal(&table->syntax_id,
+ &ndr_table_netlogon.syntax_id)) {
+ status = netlogon_creds_cli_check(netlogon_creds,
+ rpccli->binding_handle);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("netlogon_creds_cli_check failed with %s\n",
+ nt_errstr(status)));
+ TALLOC_FREE(frame);
+ return status;
+ }
+ }
+
+ DBG_DEBUG("opened pipe %s to machine %s with key %s "
+ "and bound using schannel.\n",
+ table->name, rpccli->desthost,
+ netlogon_creds_cli_debug_string(netlogon_creds, lck));
- TALLOC_FREE(lck);
+ TALLOC_FREE(frame);
*_rpccli = rpccli;
return NT_STATUS_OK;