return;
}
- status = dcerpc_pull_ncacn_packet(state,
+ status = dcerpc_pull_ncacn_packet(state->pkt,
&state->incoming_frag,
state->pkt,
!state->endianess);
};
static void rpc_pipe_bind_step_one_done(struct tevent_req *subreq);
-static NTSTATUS rpc_finish_auth3_bind_send(struct tevent_req *req,
- struct rpc_pipe_bind_state *state,
- DATA_BLOB *credentials);
static void rpc_bind_auth3_write_done(struct tevent_req *subreq);
static NTSTATUS rpc_bind_next_send(struct tevent_req *req,
struct rpc_pipe_bind_state *state,
state->cli->max_xmit_frag = pkt->u.bind_ack.max_xmit_frag;
state->cli->max_recv_frag = pkt->u.bind_ack.max_recv_frag;
- switch(state->cli->auth->auth_type) {
+ switch(pauth->auth_type) {
case DCERPC_AUTH_TYPE_NONE:
case DCERPC_AUTH_TYPE_SCHANNEL:
* For authenticated binds we may need to do 3 or 4 leg binds.
*/
- switch(state->cli->auth->auth_type) {
+ switch(pauth->auth_type) {
case DCERPC_AUTH_TYPE_NONE:
case DCERPC_AUTH_TYPE_SCHANNEL:
return;
case DCERPC_AUTH_TYPE_NTLMSSP:
- /* Need to send AUTH3 packet - no reply. */
- status = rpc_finish_auth3_bind_send(req, state,
- &auth.credentials);
+ status = auth_ntlmssp_update(pauth->a_u.auth_ntlmssp_state,
+ auth.credentials, &auth_token);
+ if (NT_STATUS_EQUAL(status,
+ NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ status = rpc_bind_next_send(req, state,
+ &auth_token);
+ } else if (NT_STATUS_IS_OK(status)) {
+ status = rpc_bind_finish_send(req, state,
+ &auth_token);
+ }
break;
case DCERPC_AUTH_TYPE_SPNEGO:
tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
}
-static NTSTATUS rpc_finish_auth3_bind_send(struct tevent_req *req,
- struct rpc_pipe_bind_state *state,
- DATA_BLOB *credentials)
-{
- struct pipe_auth_data *auth = state->cli->auth;
- DATA_BLOB client_reply = data_blob_null;
- struct tevent_req *subreq;
- NTSTATUS status;
-
- /* TODO - check auth_type/auth_level match. */
-
- status = auth_ntlmssp_update(auth->a_u.auth_ntlmssp_state,
- *credentials, &client_reply);
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("rpc_finish_auth3_bind: NTLMSSP update using server "
- "blob failed: %s.\n", nt_errstr(status)));
- return status;
- }
-
- data_blob_free(&state->rpc_out);
-
- status = create_rpc_bind_auth3(state, state->cli,
- state->rpc_call_id,
- auth->auth_type,
- auth->auth_level,
- &client_reply,
- &state->rpc_out);
- data_blob_free(&client_reply);
-
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- subreq = rpc_write_send(state, state->ev, state->cli->transport,
- state->rpc_out.data, state->rpc_out.length);
- if (subreq == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
- tevent_req_set_callback(subreq, rpc_bind_auth3_write_done, req);
- return NT_STATUS_OK;
-}
-
static void rpc_bind_auth3_write_done(struct tevent_req *subreq)
{
struct tevent_req *req = tevent_req_callback_data(
result->a_u.schannel_auth->state = SCHANNEL_STATE_START;
result->a_u.schannel_auth->seq_num = 0;
result->a_u.schannel_auth->initiator = true;
- result->a_u.schannel_auth->creds = creds;
+ result->a_u.schannel_auth->creds = netlogon_creds_copy(result, creds);
*presult = result;
return NT_STATUS_OK;
/*
* The credentials on a new netlogon pipe are the ones we are passed
- * in - reference them in
+ * in - copy them over
*/
- result->dc = talloc_move(result, pdc);
+ result->dc = netlogon_creds_copy(result, *pdc);
+ if (result->dc == NULL) {
+ TALLOC_FREE(result);
+ return NT_STATUS_NO_MEMORY;
+ }
DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s "
"for domain %s and bound using schannel.\n",
{
struct pipe_auth_data *a = cli->auth;
DATA_BLOB sk = data_blob_null;
- bool make_dup;
+ bool make_dup = false;
if (!session_key || !cli) {
return NT_STATUS_INVALID_PARAMETER;