s3-rpc_client: Added DCERPC_AUTH_TYPE_NCALRPC bind.

Signed-off-by: Günther Deschner <gd@samba.org>

diff --git a/librpc/idl/dcerpc.idl b/librpc/idl/dcerpc.idl
index b7ba4326889a6f111ae2e20517bac152dd6db942..86f22a4b8c8a2c8361f78059b07220e80d1cd9b8 100644 (file)
--- a/librpc/idl/dcerpc.idl
+++ b/librpc/idl/dcerpc.idl
@@ -179,7 +179,8 @@ interface dcerpc
                DCERPC_AUTH_TYPE_MSN      = 18,
                DCERPC_AUTH_TYPE_DIGEST   = 21,
                DCERPC_AUTH_TYPE_SCHANNEL = 68,
-               DCERPC_AUTH_TYPE_MSMQ     = 100
+               DCERPC_AUTH_TYPE_MSMQ     = 100,
+               DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM = 200
        } dcerpc_AuthType;
 
        typedef [enum8bit] enum {

diff --git a/source3/librpc/rpc/dcerpc_helpers.c b/source3/librpc/rpc/dcerpc_helpers.c
index f45ee941c1f19f78dde953a0d6cbb6f521464f9f..7520d767ba1f9d60ba5f691e176fd33d32218cbe 100644 (file)
--- a/source3/librpc/rpc/dcerpc_helpers.c
+++ b/source3/librpc/rpc/dcerpc_helpers.c
@@ -754,7 +754,8 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth,
        DATA_BLOB auth_blob;
        NTSTATUS status;
 
-       if (auth->auth_type == DCERPC_AUTH_TYPE_NONE) {
+       if (auth->auth_type == DCERPC_AUTH_TYPE_NONE ||
+           auth->auth_type == DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM) {
                return NT_STATUS_OK;
        }
 
@@ -792,6 +793,7 @@ NTSTATUS dcerpc_add_auth_footer(struct pipe_auth_data *auth,
        /* Generate any auth sign/seal and add the auth footer. */
        switch (auth->auth_type) {
        case DCERPC_AUTH_TYPE_NONE:
+       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
                status = NT_STATUS_OK;
                break;
        case DCERPC_AUTH_TYPE_SPNEGO:
@@ -914,6 +916,7 @@ NTSTATUS dcerpc_check_auth(struct pipe_auth_data *auth,
 
        switch (auth->auth_type) {
        case DCERPC_AUTH_TYPE_NONE:
+       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
                return NT_STATUS_OK;
 
        case DCERPC_AUTH_TYPE_SPNEGO:

diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index aac47f34a83e5dcddbfa0be99679ad70d5f7b76d..26a00547c3738665c23660536f9b63e10e914e25 100644 (file)
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1194,6 +1194,12 @@ static NTSTATUS create_rpc_bind_req(TALLOC_CTX *mem_ctx,
                }
                break;
 
+       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
+               auth_token = data_blob_talloc(mem_ctx,
+                                             "NCALRPC_AUTH_TOKEN",
+                                             18);
+               break;
+
        case DCERPC_AUTH_TYPE_NONE:
                break;
 
@@ -1721,6 +1727,7 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
        switch(pauth->auth_type) {
 
        case DCERPC_AUTH_TYPE_NONE:
+       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
        case DCERPC_AUTH_TYPE_SCHANNEL:
                /* Bind complete. */
                tevent_req_done(req);
@@ -1759,6 +1766,7 @@ static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq)
        switch(pauth->auth_type) {
 
        case DCERPC_AUTH_TYPE_NONE:
+       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
        case DCERPC_AUTH_TYPE_SCHANNEL:
                /* Bind complete. */
                tevent_req_done(req);
@@ -2243,6 +2251,30 @@ bool rpccli_get_pwd_hash(struct rpc_pipe_client *rpc_cli, uint8_t nt_hash[16])
        return true;
 }
 
+NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx,
+                                 struct pipe_auth_data **presult)
+{
+       struct pipe_auth_data *result;
+
+       result = talloc(mem_ctx, struct pipe_auth_data);
+       if (result == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       result->auth_type = DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM;
+       result->auth_level = DCERPC_AUTH_LEVEL_NONE;
+
+       result->user_name = talloc_strdup(result, "");
+       result->domain = talloc_strdup(result, "");
+       if ((result->user_name == NULL) || (result->domain == NULL)) {
+               TALLOC_FREE(result);
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       *presult = result;
+       return NT_STATUS_OK;
+}
+
 NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
                               struct pipe_auth_data **presult)
 {
@@ -3259,6 +3291,7 @@ NTSTATUS cli_get_session_key(TALLOC_CTX *mem_ctx,
                sk = gse_get_session_key(mem_ctx, gse_ctx);
                make_dup = false;
                break;
+       case DCERPC_AUTH_TYPE_NCALRPC_AS_SYSTEM:
        case DCERPC_AUTH_TYPE_NONE:
                sk = data_blob_const(a->user_session_key.data,
                                     a->user_session_key.length);

diff --git a/source3/rpc_client/cli_pipe.h b/source3/rpc_client/cli_pipe.h
index b627c0af21eb5db5e0a137e20a92b99cec65f7ec..30c1bad797a40f75a5d8e790b500497f951c5234 100644 (file)
--- a/source3/rpc_client/cli_pipe.h
+++ b/source3/rpc_client/cli_pipe.h
@@ -50,6 +50,9 @@ bool rpccli_is_connected(struct rpc_pipe_client *rpc_cli);
 
 bool rpccli_get_pwd_hash(struct rpc_pipe_client *cli, uint8_t nt_hash[16]);
 
+NTSTATUS rpccli_ncalrpc_bind_data(TALLOC_CTX *mem_ctx,
+                                 struct pipe_auth_data **presult);
+
 NTSTATUS rpccli_anon_bind_data(TALLOC_CTX *mem_ctx,
                               struct pipe_auth_data **presult);