From: Ralph Boehme Date: Thu, 30 Nov 2017 22:35:40 +0000 (+0100) Subject: s3/rpc_client: return validation from rpccli_netlogon functions X-Git-Tag: samba-4.8.0rc1~78 X-Git-Url: http://git.samba.org/?p=samba.git;a=commitdiff_plain;h=489e942aa99d8f8a37ce2286923d8c97e97a4181 s3/rpc_client: return validation from rpccli_netlogon functions Return the validation info instead of the already mapped info3. Higher layers need info6 if available, this is the first step in passing the unmapped info up to callers. Signed-off-by: Ralph Boehme Reviewed-by: Stefan Metzmacher --- diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index 67c87354e69..800b995215c 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -461,7 +461,8 @@ NTSTATUS rpccli_netlogon_password_logon( enum netr_LogonInfoClass logon_type, uint8_t *authoritative, uint32_t *flags, - struct netr_SamInfo3 **info3) + uint16_t *_validation_level, + union netr_Validation **_validation) { TALLOC_CTX *frame = talloc_stackframe(); NTSTATUS status; @@ -572,7 +573,7 @@ NTSTATUS rpccli_netlogon_password_logon( binding_handle, logon_type, logon, - frame, + mem_ctx, &validation_level, &validation, authoritative, @@ -582,14 +583,9 @@ NTSTATUS rpccli_netlogon_password_logon( return status; } - status = map_validation_to_info3(mem_ctx, - validation_level, validation, - info3); TALLOC_FREE(frame); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - + *_validation_level = validation_level; + *_validation = validation; return NT_STATUS_OK; } @@ -614,7 +610,8 @@ NTSTATUS rpccli_netlogon_network_logon( DATA_BLOB nt_response, uint8_t *authoritative, uint32_t *flags, - struct netr_SamInfo3 **info3) + uint16_t *_validation_level, + union netr_Validation **_validation) { NTSTATUS status; const char *workstation_name_slash; @@ -625,7 +622,7 @@ NTSTATUS rpccli_netlogon_network_logon( struct netr_ChallengeResponse lm; struct netr_ChallengeResponse nt; - *info3 = NULL; + *_validation = NULL; ZERO_STRUCT(lm); ZERO_STRUCT(nt); @@ -686,12 +683,8 @@ NTSTATUS rpccli_netlogon_network_logon( return status; } - status = map_validation_to_info3(mem_ctx, - validation_level, validation, - info3); - if (!NT_STATUS_IS_OK(status)) { - return status; - } + *_validation_level = validation_level; + *_validation = validation; return NT_STATUS_OK; } diff --git a/source3/rpc_client/cli_netlogon.h b/source3/rpc_client/cli_netlogon.h index db8eb502029..d31bdee461f 100644 --- a/source3/rpc_client/cli_netlogon.h +++ b/source3/rpc_client/cli_netlogon.h @@ -71,9 +71,10 @@ NTSTATUS rpccli_netlogon_password_logon( enum netr_LogonInfoClass logon_type, uint8_t *authoritative, uint32_t *flags, - struct netr_SamInfo3 **info3); + uint16_t *_validation_level, + union netr_Validation **_validation); NTSTATUS rpccli_netlogon_network_logon( - struct netlogon_creds_cli_context *creds, + struct netlogon_creds_cli_context *creds_ctx, struct dcerpc_binding_handle *binding_handle, TALLOC_CTX *mem_ctx, uint32_t logon_parameters, @@ -85,6 +86,7 @@ NTSTATUS rpccli_netlogon_network_logon( DATA_BLOB nt_response, uint8_t *authoritative, uint32_t *flags, - struct netr_SamInfo3 **info3); + uint16_t *_validation_level, + union netr_Validation **_validation); #endif /* _RPC_CLIENT_CLI_NETLOGON_H_ */ diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index 2d6a0829a57..8d62ef7e095 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -27,6 +27,7 @@ #include "rpc_client/cli_netlogon.h" #include "secrets.h" #include "../libcli/auth/netlogon_creds_cli.h" +#include "rpc_client/util_netlogon.h" static WERROR cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, @@ -497,6 +498,8 @@ static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli, struct netr_SamInfo3 *info3 = NULL; uint8_t authoritative = 0; uint32_t flags = 0; + uint16_t validation_level; + union netr_Validation *validation = NULL; /* Check arguments */ @@ -536,10 +539,19 @@ static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli, logon_type, &authoritative, &flags, - &info3); + &validation_level, + &validation); if (!NT_STATUS_IS_OK(result)) goto done; + result = map_validation_to_info3(mem_ctx, + validation_level, + validation, + &info3); + if (!NT_STATUS_IS_OK(result)) { + return result; + } + done: return result; } diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index 43060ee32ca..42c4aef878c 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -1379,6 +1379,8 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, int netr_attempts = 0; bool retry = false; NTSTATUS result; + uint16_t validation_level; + union netr_Validation *validation = NULL; do { struct rpc_pipe_client *netlogon_pipe; @@ -1456,7 +1458,8 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, NetlogonInteractiveInformation, authoritative, flags, - info3); + &validation_level, + &validation); } else { result = rpccli_netlogon_network_logon( domain->conn.netlogon_creds_ctx, @@ -1471,7 +1474,8 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, nt_response, authoritative, flags, - info3); + &validation_level, + &validation); } /* @@ -1538,7 +1542,21 @@ static NTSTATUS winbind_samlogon_retry_loop(struct winbindd_domain *domain, domainname)); invalidate_cm_connection(domain); } - return result; + + if (!NT_STATUS_IS_OK(result)) { + return result; + } + + result = map_validation_to_info3(mem_ctx, + validation_level, + validation, + info3); + TALLOC_FREE(validation); + if (!NT_STATUS_IS_OK(result)) { + return result; + } + + return NT_STATUS_OK; } static NTSTATUS winbindd_dual_pam_auth_samlogon(