Add "desthost" to rpc_pipe_client

[kai/samba.git] / source3 / rpc_client / cli_netlogon.c

diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index 2af514320e885c4cca95b60910afe12d7ef7d160..bf1e161957acf9b9c6a25ccf8ec680b04c932366 100644 (file)
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -132,6 +132,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
        struct netr_Credential clnt_chal_send;
        struct netr_Credential srv_chal_recv;
        struct dcinfo *dc;
+       bool retried = false;
 
        SMB_ASSERT(cli->pipe_idx == PI_NETLOGON);
 
@@ -153,11 +154,12 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
 
        fstr_sprintf( dc->mach_acct, "%s$", machine_account);
 
+ again:
        /* Create the client challenge. */
        generate_random_buffer(clnt_chal_send.data, 8);
 
        /* Get the server challenge. */
-       result = rpccli_netr_ServerReqChallenge(cli, cli->mem_ctx,
+       result = rpccli_netr_ServerReqChallenge(cli, talloc_tos(),
                                                dc->remote_machine,
                                                clnt_name,
                                                &clnt_chal_send,
@@ -178,7 +180,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
         * Send client auth-2 challenge and receive server repy.
         */
 
-       result = rpccli_netr_ServerAuthenticate2(cli, cli->mem_ctx,
+       result = rpccli_netr_ServerAuthenticate2(cli, talloc_tos(),
                                                 dc->remote_machine,
                                                 dc->mach_acct,
                                                 sec_chan_type,
@@ -186,6 +188,15 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
                                                 &clnt_chal_send, /* input. */
                                                 &srv_chal_recv, /* output. */
                                                 neg_flags_inout);
+
+       /* we might be talking to NT4, so let's downgrade in that case and retry
+        * with the returned neg_flags - gd */
+
+       if (NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) && !retried) {
+               retried = true;
+               goto again;
+       }
+
        if (!NT_STATUS_IS_OK(result)) {
                return result;
        }
@@ -201,13 +212,13 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
                 */
                DEBUG(0,("rpccli_netlogon_setup_creds: server %s "
                        "replied with bad credential\n",
-                       cli->cli->desthost ));
+                       cli->desthost ));
                return NT_STATUS_ACCESS_DENIED;
        }
 
        DEBUG(5,("rpccli_netlogon_setup_creds: server %s credential "
                "chain established.\n",
-               cli->cli->desthost ));
+               cli->desthost ));
 
        return NT_STATUS_OK;
 }
@@ -226,7 +237,7 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
        NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
        struct netr_Authenticator clnt_creds;
        struct netr_Authenticator ret_creds;
-       union netr_LogonLevel *logon;
+       union netr_LogonInfo *logon;
        union netr_Validation validation;
        uint8_t authoritative;
        int validation_level = 3;
@@ -236,7 +247,7 @@ NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli,
        ZERO_STRUCT(ret_creds);
        ZERO_STRUCT(zeros);
 
-       logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+       logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonInfo);
        if (!logon) {
                return NT_STATUS_NO_MEMORY;
        }
@@ -407,7 +418,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
        uint8 zeros[16];
        struct netr_Authenticator clnt_creds;
        struct netr_Authenticator ret_creds;
-       union netr_LogonLevel *logon = NULL;
+       union netr_LogonInfo *logon = NULL;
        struct netr_NetworkInfo *network_info;
        uint8_t authoritative;
        union netr_Validation validation;
@@ -424,7 +435,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli,
        ZERO_STRUCT(lm);
        ZERO_STRUCT(nt);
 
-       logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+       logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonInfo);
        if (!logon) {
                return NT_STATUS_NO_MEMORY;
        }
@@ -530,7 +541,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
        const char *workstation_name_slash;
        const char *server_name_slash;
        uint8 zeros[16];
-       union netr_LogonLevel *logon = NULL;
+       union netr_LogonInfo *logon = NULL;
        struct netr_NetworkInfo *network_info;
        uint8_t authoritative;
        union netr_Validation validation;
@@ -547,7 +558,7 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
        ZERO_STRUCT(lm);
        ZERO_STRUCT(nt);
 
-       logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonLevel);
+       logon = TALLOC_ZERO_P(mem_ctx, union netr_LogonInfo);
        if (!logon) {
                return NT_STATUS_NO_MEMORY;
        }
@@ -623,6 +634,4 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli,
        *info3 = validation.sam3;
 
        return result;
-
-        return result;
 }