return status;
}
-/****************************************************************************
- External interface.
- Open a named pipe to an SMB server and bind using schannel (bind type 68)
- using session_key. sign and seal.
-
- The *pdc will be stolen onto this new pipe
- ****************************************************************************/
-
-NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
- const struct ndr_interface_table *table,
- enum dcerpc_transport_t transport,
- const char *domain,
- struct netlogon_creds_cli_context *netlogon_creds,
- struct rpc_pipe_client **_rpccli)
-{
- struct rpc_pipe_client *rpccli;
- struct pipe_auth_data *rpcauth;
- struct netlogon_creds_CredentialState *creds = NULL;
- enum dcerpc_AuthLevel auth_level;
- NTSTATUS status;
- const char *target_service = table->authservices->names[0];
- int rpc_pipe_bind_dbglvl = 0;
-
- status = cli_rpc_pipe_open(cli, transport, table, &rpccli);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
-
- status = netlogon_creds_cli_lock(netlogon_creds, rpccli, &creds);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("netlogon_creds_cli_get returned %s\n",
- nt_errstr(status)));
- TALLOC_FREE(rpccli);
- return status;
- }
-
- auth_level = netlogon_creds_cli_auth_level(netlogon_creds);
-
- status = rpccli_generic_bind_data(rpccli,
- DCERPC_AUTH_TYPE_SCHANNEL,
- auth_level,
- NULL,
- target_service,
- domain,
- creds->computer_name,
- NULL,
- CRED_AUTO_USE_KERBEROS,
- creds,
- &rpcauth);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("rpccli_generic_bind_data returned %s\n",
- nt_errstr(status)));
- TALLOC_FREE(rpccli);
- return status;
- }
-
- status = rpc_pipe_bind(rpccli, rpcauth);
- if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_ACCESS_DENIED)) {
- rpc_pipe_bind_dbglvl = 1;
- netlogon_creds_cli_delete(netlogon_creds, &creds);
- }
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(rpc_pipe_bind_dbglvl,
- ("cli_rpc_pipe_open_schannel_with_key: "
- "rpc_pipe_bind failed with error %s\n",
- nt_errstr(status)));
- TALLOC_FREE(rpccli);
- return status;
- }
-
- TALLOC_FREE(creds);
-
- if (!ndr_syntax_id_equal(&table->syntax_id, &ndr_table_netlogon.syntax_id)) {
- goto done;
- }
-
- status = netlogon_creds_cli_check(netlogon_creds,
- rpccli->binding_handle);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0, ("netlogon_creds_cli_check failed with %s\n",
- nt_errstr(status)));
- TALLOC_FREE(rpccli);
- return status;
- }
-
-
-done:
- DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s "
- "for domain %s and bound using schannel.\n",
- table->name,
- rpccli->desthost, domain));
-
- *_rpccli = rpccli;
- return NT_STATUS_OK;
-}
-
NTSTATUS cli_rpc_pipe_open_schannel_with_creds(struct cli_state *cli,
const struct ndr_interface_table *table,
enum dcerpc_transport_t transport,
const char *password,
struct rpc_pipe_client **presult);
-NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli,
- const struct ndr_interface_table *table,
- enum dcerpc_transport_t transport,
- const char *domain,
- struct netlogon_creds_cli_context *netlogon_creds,
- struct rpc_pipe_client **presult);
-
NTSTATUS cli_rpc_pipe_open_schannel_with_creds(struct cli_state *cli,
const struct ndr_interface_table *table,
enum dcerpc_transport_t transport,